Vraag & Antwoord

Beveiliging & privacy

isearch

54 antwoorden
  • ondertussen wel de AVG Security toolbar uit de programma's verwijders, had zich weer geinstalleerd tijdens het installeren van een ander programma. maar isearch blijft komen,
  • Hallo, in je log wordt isearch maar eenmaal opgevoerd: AVG-safesearch! Verder blijkt uit je log dat er wel wat aan de hand is. [b:67f51124c7]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:67f51124c7] [color=#0000FF:67f51124c7][list:67f51124c7][*:67f51124c7]Lees telkens elke instruktie eerst goed door. [*:67f51124c7]De gegeven instrukties gelden alleen jouw Windows. [*:67f51124c7]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat mogelijk serieuze problemen in Windows veroorzaken. [*:67f51124c7][b:67f51124c7]Installeer geen nieuwe programma's, updates of nieuwe hardware terwijl we met de fix bezig zijn. [*:67f51124c7]Gebruik ook geen andere programma's of tools dan diegenen waartoe ik opdracht geef.[/b:67f51124c7] [*:67f51124c7] Emoticons (smileys) a.u.b. uitzetten, wanneer je een log post. [*:67f51124c7]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:67f51124c7]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:67f51124c7]Ook indien je iets niet begrijpt, meldt dat dan. [*:67f51124c7]De fix, eenmaal gestart, dient afgewerkt te worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:67f51124c7][/color:67f51124c7] [color=#FF0000:67f51124c7][b:67f51124c7]Stap •1•[/b:67f51124c7][/color:67f51124c7] Download de [b:67f51124c7][url=http://download11.emsisoft.com/EmsisoftEmergencyKit.zip][color=#FF0000:67f51124c7]Emsisoft Emergency Kit[/color:67f51124c7][/url][/b:67f51124c7] naar het bureaublad en pak het [b:67f51124c7]ZIP[/b:67f51124c7] bestand uit. [list:67f51124c7] [*:67f51124c7] Open de map "[b:67f51124c7]EmsisoftEmergencyKit[/b:67f51124c7]" en dubbelklik op "[b:67f51124c7]Start.exe[/b:67f51124c7]" [*:67f51124c7] Klik nu op "[b:67f51124c7]Emergency Kit Scanner[/b:67f51124c7]" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "[b:67f51124c7]Ja[/b:67f51124c7]" [img:67f51124c7]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK11.jpg[/img:67f51124c7] [*:67f51124c7] Als de update gereed is en de melding "[b:67f51124c7]Update process is succesvol afgerond[/b:67f51124c7]" verschijnt klikt u op "[b:67f51124c7]menu[/b:67f51124c7]" en dan op "[b:67f51124c7]Scan PC[/b:67f51124c7]" [*:67f51124c7] Selecteer de optie "[b:67f51124c7]Diep[/b:67f51124c7]" als deze niet standaard al zo is ingesteld. [*:67f51124c7] Klik Nu op de knop "[b:67f51124c7]Scan[/b:67f51124c7]" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af. [*:67f51124c7] Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is. [*:67f51124c7] Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "[b:67f51124c7]verwijder geselecteerde[/b:67f51124c7]" u zal nu de volgende melding krijgen maar klik hier op "[b:67f51124c7]Ja[/b:67f51124c7]" [img:67f51124c7]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK2.jpg[/img:67f51124c7] [*:67f51124c7] Als het verwijderen gereed is klikt u op de knop "[b:67f51124c7]View report[/b:67f51124c7]" en selecteert u het tekstbestand van deze scan met de naam zoals: [b:67f51124c7]a2scan_110730-111615.txt[/b:67f51124c7] [*:67f51124c7] Plaats de inhoud van dit LOG bestand straks in uw volgende bericht. [*:67f51124c7] Herstart nu de computer.[/list:u:67f51124c7] [color=#FF0000:67f51124c7][b:67f51124c7]Stap •2•[/b:67f51124c7][/color:67f51124c7] [b:67f51124c7]Welk programma[/b:67f51124c7]: Malwarebytes MBAM [b:67f51124c7]Waarvoor/waarom[/b:67f51124c7]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:67f51124c7]Moeilijkheidsgraad[/b:67f51124c7]: geen. [b:67f51124c7]Download Malwarebytes MBAM via één van deze locaties[/b:67f51124c7]: [list:67f51124c7][*:67f51124c7][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:67f51124c7]Softpedia.com[/b:67f51124c7][/url][*:67f51124c7][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:67f51124c7]Majorgeeks.com[/b:67f51124c7][/url][/list:u:67f51124c7] [b:67f51124c7]Allereerst[/b:67f51124c7]:[list:67f51124c7][*:67f51124c7] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:67f51124c7] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'! [/list:u:67f51124c7] [b:67f51124c7]Malwarebytes MBAM opstarten[/b:67f51124c7]: [list:67f51124c7][*:67f51124c7] [b:67f51124c7][color=#0000FF:67f51124c7]Sluit nu eerst alle nog openstaande programmavensters![/color:67f51124c7][/b:67f51124c7] [list:67f51124c7][*:67f51124c7][b:67f51124c7][color=#0000FF:67f51124c7]Windows 2000[/color:67f51124c7][/b:67f51124c7] en [color=#0000FF:67f51124c7][b:67f51124c7]Windows XP[/b:67f51124c7][/color:67f51124c7]: start MBAM middels dubbelklik op de snelkoppeling. [*:67f51124c7][color=#0000FF:67f51124c7][b:67f51124c7]Windows Vista[/b:67f51124c7][/color:67f51124c7] en [color=#0000FF:67f51124c7][b:67f51124c7]Windows 7[/b:67f51124c7][/color:67f51124c7]: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:67f51124c7][/list:u:67f51124c7] [list:67f51124c7][*:67f51124c7][b:67f51124c7]Let op:[/b:67f51124c7] [list:67f51124c7][*:67f51124c7]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:67f51124c7]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie. [*:67f51124c7]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:67f51124c7]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:67f51124c7][/list:u:67f51124c7] [img:67f51124c7]http://img30.imageshack.us/img30/3928/mbam2.png[/img:67f51124c7] [list:67f51124c7][*:67f51124c7][b:67f51124c7]Doe ook nog het volgende:[/b:67f51124c7] [list:67f51124c7][*:67f51124c7]Zodra het programma gestart is, ga dan naar het tabblad "[b:67f51124c7]Instellingen[/b:67f51124c7]". [*:67f51124c7]Vink hier aan: "[b:67f51124c7]Sluit Internet Explorer tijdens verwijdering van malware[/b:67f51124c7]".[/list:u:67f51124c7][/list:u:67f51124c7] [b:67f51124c7]Scannen[/b:67f51124c7]: [list:67f51124c7][*:67f51124c7] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:67f51124c7]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:67f51124c7]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:67f51124c7] [b:67f51124c7]Infecties gevonden[/b:67f51124c7]: [list:67f51124c7][*:67f51124c7]Klik nu eerst op OK om de melding weg te klikken [*:67f51124c7]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:67f51124c7]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:67f51124c7]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:67f51124c7]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:67f51124c7]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:67f51124c7] [b:67f51124c7]MBAM-Log[/b:67f51124c7]: [list:67f51124c7][*:67f51124c7] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:67f51124c7] [b:67f51124c7]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:67f51124c7] [color=#FF0000:67f51124c7][b:67f51124c7]Stap •3•[/b:67f51124c7][/color:67f51124c7] [b:67f51124c7]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:67f51124c7] [list:67f51124c7][*:67f51124c7] EmsisoftEmergencyKit-logfile [*:67f51124c7] MBAM scanlog[/list:u:67f51124c7]
  • dank voor de reactie: Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.03.04.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Nico :: NICO-PC [administrator] 4-3-2012 21:49:06 mbam-log-2012-03-04 (21-49-06).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 188114 Verstreken tijd: 1 minuut/minuten, 40 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Emsisoft Emergency Kit - Versie 1.0 Laatste Update: 4-3-2012 14:53:06 Scaninstellingen: Scantype: Diepe Scan Objecten: Geheugen, Sporen, Cookies, C:\, D:\, E:\, F:\, I:\ Scan archieven: Aan Heuristieken: Uit ADS Scan: Aan Scan gestart: 4-3-2012 14:54:01 F:\Newsleecher Downloads\==HaroDeyv==Winzip 11\==HaroDeyv==Winzip 11\Winzip 11 Keygen.exe Ontdekt: Riskware.Keygen.WinZip11!IK F:\Newsleecher Downloads\Nero 7.10.1.0 NL Premium\Nero 7.10.1.0 NL Premium\keygen.exe Ontdekt: Riskware.Hacktool.Keygen.Nero7!IK F:\schoonmaak programma's\Uniblue Registry Booster 2.0\UBVarRB.dll Ontdekt: Virus.Win32.Sality!IK I:\arie d schijf\Danmark-Faroe Isl-Sweden 2004\dragcopy.dll Ontdekt: Trojan.Win32.Sirefef!IK Gescand Bestanden: 715787 Sporen: 405133 Cookies: 8 Processen: 60 Gevonden Bestanden: 4 Sporen: 0 Cookies: 0 Processen: 0 Registersleutels: 0 Scan Geëindigd: 4-3-2012 21:29:08 Scantijd: 6:35:07 I:\arie d schijf\Danmark-Faroe Isl-Sweden 2004\dragcopy.dll Verwijderd Trojan.Win32.Sirefef!IK F:\schoonmaak programma's\Uniblue Registry Booster 2.0\UBVarRB.dll Verwijderd Virus.Win32.Sality!IK F:\Newsleecher Downloads\Nero 7.10.1.0 NL Premium\Nero 7.10.1.0 NL Premium\keygen.exe Verwijderd Riskware.Hacktool.Keygen.Nero7!IK F:\Newsleecher Downloads\==HaroDeyv==Winzip 11\==HaroDeyv==Winzip 11\Winzip 11 Keygen.exe Verwijderd Riskware.Keygen.WinZip11!IK Verwijderd Bestanden: 4 Sporen: 0 Cookies: 0
  • Hoi, indien je keygens en dergelijke gebruikt om software gratis te kunnen gebruiken, kan je onheil in Windows verwachten! [color=#FF0000:2f8edd9307][b:2f8edd9307]Stap •1•[/b:2f8edd9307][/color:2f8edd9307] [b:2f8edd9307]Welk programma[/b:2f8edd9307]: [b:2f8edd9307]TDSSStarter.exe[/b:2f8edd9307] [b:2f8edd9307]Waarvoor/waarom[/b:2f8edd9307]: Rootkitscanner [b:2f8edd9307]Moeilijkheidsgraad[/b:2f8edd9307]: geen Download [b:2f8edd9307][url=http://home.kpn.nl/stefsmeenk/tools/TDSSKStarter.exe]TDSSStarter[/url][/b:2f8edd9307] naar het bureaublad. [b:2f8edd9307]"TDSSSStarter.exe" gebruiken[/b:2f8edd9307]: [list:2f8edd9307][*:2f8edd9307] [b:2f8edd9307][color=#0000FF:2f8edd9307]Sluit nu eerst alle nog openstaande programmavensters![/color:2f8edd9307][/b:2f8edd9307] [list:2f8edd9307][*:2f8edd9307][b:2f8edd9307][color=#0000FF:2f8edd9307]Windows 2000[/color:2f8edd9307][/b:2f8edd9307] en [color=#0000FF:2f8edd9307][b:2f8edd9307]Windows XP[/b:2f8edd9307][/color:2f8edd9307]: start het tool middels dubbelklik op "[i:2f8edd9307] TDSSStarter .exe[/i:2f8edd9307]". [*:2f8edd9307][color=#0000FF:2f8edd9307][b:2f8edd9307]Windows Vista[/b:2f8edd9307][/color:2f8edd9307] en [color=#0000FF:2f8edd9307][b:2f8edd9307]Windows 7[/b:2f8edd9307][/color:2f8edd9307]: start het tool middels rechtsklik op "[i:2f8edd9307]TDSSStarter.exe[/i:2f8edd9307]" en dan kiezen voor [i:2f8edd9307][b:2f8edd9307]Als Administrator uitvoeren[/b:2f8edd9307][/i:2f8edd9307].[/list:u:2f8edd9307] [*:2f8edd9307]Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten. [*:2f8edd9307]Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.[/list:u:2f8edd9307] [color=#FF0000:2f8edd9307][b:2f8edd9307]Stap •2•[/b:2f8edd9307][/color:2f8edd9307] [b:2f8edd9307]Welk programma[/b:2f8edd9307]: ComboFix [b:2f8edd9307]Waarvoor/waarom[/b:2f8edd9307]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:2f8edd9307]Moeilijkheidsgraad[/b:2f8edd9307]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:2f8edd9307]Downloadlokatie[/b:2f8edd9307]: Dit programma absoluut naar het bureaublad downloaden! [b:2f8edd9307]Download ComboFix via één van deze locaties[/b:2f8edd9307]: [list:2f8edd9307][*:2f8edd9307][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:2f8edd9307]Bleepingcomputer[/b:2f8edd9307][/url] [*:2f8edd9307][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:2f8edd9307]ForoSpyware[/b:2f8edd9307][/url] [*:2f8edd9307][url=http://subs.geekstogo.com/ComboFix.exe][b:2f8edd9307]Geekstogo[/b:2f8edd9307][/url][/list:u:2f8edd9307] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:2f8edd9307]Hier[/b:2f8edd9307][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:2f8edd9307]Hier[/b:2f8edd9307][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:2f8edd9307]hier[/b:2f8edd9307][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:2f8edd9307]Voor alle duidelijkheid nogmaals[/b:2f8edd9307]: ComboFix dient vanaf het bureaublad gestart te worden. [b:2f8edd9307]Opmerkingen[/b:2f8edd9307]: [list:2f8edd9307][*:2f8edd9307] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).[/list:u:2f8edd9307] [b:2f8edd9307]ComboFix opstarten[/b:2f8edd9307]: [list:2f8edd9307][*:2f8edd9307] [b:2f8edd9307][color=#0000FF:2f8edd9307]Sluit nu eerst alle nog openstaande programmavensters![/color:2f8edd9307][/b:2f8edd9307] [list:2f8edd9307][*:2f8edd9307][b:2f8edd9307][color=#0000FF:2f8edd9307]Windows 2000[/color:2f8edd9307][/b:2f8edd9307] en [color=#0000FF:2f8edd9307][b:2f8edd9307]Windows XP[/b:2f8edd9307][/color:2f8edd9307]: start ComboFix.exe middels dubbelklik op ComboFix.exe. [*:2f8edd9307][color=#0000FF:2f8edd9307][b:2f8edd9307]Windows Vista[/b:2f8edd9307][/color:2f8edd9307] en [color=#0000FF:2f8edd9307][b:2f8edd9307]Windows 7[/b:2f8edd9307][/color:2f8edd9307]: start ComboFix.exe via rechtsklik op ComboFix.exe en kies dan voor [i:2f8edd9307][b:2f8edd9307]Als Administrator uitvoeren[/b:2f8edd9307][/i:2f8edd9307].[/list:u:2f8edd9307][/list:u:2f8edd9307] [b:2f8edd9307]ComboFix is opgestart[/b:2f8edd9307]: [list:2f8edd9307][*:2f8edd9307]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:2f8edd9307]Combofix sluit tijdens de scan de internet verbinding; probeer deze tussentijds niet te herstellen! [*:2f8edd9307]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:2f8edd9307]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:2f8edd9307]Post de inhoud van dit logbestand in je volgende bericht. [*:2f8edd9307]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:2f8edd9307] [b:2f8edd9307]Belangrijke opmerking[/b:2f8edd9307]: [list:2f8edd9307][*:2f8edd9307][b:2f8edd9307][color=Red:2f8edd9307]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:2f8edd9307][/b:2f8edd9307] [*:2f8edd9307][b:2f8edd9307][color=blue:2f8edd9307]Illegal operation attempted on a registery key that has been marked for deletion.[/color:2f8edd9307][/b:2f8edd9307] [*:2f8edd9307][b:2f8edd9307][color=Red:2f8edd9307]Start dan de computer opnieuw op.[/color:2f8edd9307][/b:2f8edd9307][/list:u:2f8edd9307] [color=#FF0000:2f8edd9307][b:2f8edd9307]Stap •3•[/b:2f8edd9307][/color:2f8edd9307] [b:2f8edd9307]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:2f8edd9307] [list:2f8edd9307][*:2f8edd9307] TDSSKStarter-log [*:2f8edd9307] ComboFix.txt-log [/list:u:2f8edd9307]
  • dank voor je belerende reactie.
  • 23:35:44.0458 5580 TDSS rootkit removing tool 2.7.18.0 Mar 2 2012 09:40:07 23:35:44.0458 5580 ============================================================ 23:35:44.0458 5580 Current date / time: 2012/03/04 23:35:44.0458 23:35:44.0458 5580 SystemInfo: 23:35:44.0458 5580 23:35:44.0458 5580 OS Version: 6.1.7601 ServicePack: 1.0 23:35:44.0458 5580 Product type: Workstation 23:35:44.0458 5580 ComputerName: NICO-PC 23:35:44.0458 5580 UserName: Nico 23:35:44.0458 5580 Windows directory: C:\Windows 23:35:44.0458 5580 System windows directory: C:\Windows 23:35:44.0458 5580 Running under WOW64 23:35:44.0458 5580 Processor architecture: Intel x64 23:35:44.0458 5580 Number of processors: 8 23:35:44.0458 5580 Page size: 0x1000 23:35:44.0458 5580 Boot type: Normal boot 23:35:44.0458 5580 ============================================================ 23:35:44.0646 5580 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 23:35:44.0646 5580 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 23:35:44.0662 5580 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 23:35:44.0662 5580 \Device\Harddisk0\DR0: 23:35:44.0662 5580 MBR used 23:35:44.0662 5580 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 23:35:44.0662 5580 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31D800 23:35:44.0662 5580 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC350000, BlocksNum 0x683B6000 23:35:44.0662 5580 \Device\Harddisk1\DR1: 23:35:44.0662 5580 MBR used 23:35:44.0662 5580 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93800 23:35:44.0662 5580 \Device\Harddisk2\DR2: 23:35:44.0662 5580 MBR used 23:35:44.0662 5580 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800 23:35:44.0708 5580 Initialize success 23:35:44.0708 5580 ============================================================ 23:35:44.0740 5716 ============================================================ 23:35:44.0740 5716 Scan started 23:35:44.0740 5716 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent; 23:35:44.0740 5716 ============================================================ 23:35:45.0021 5716 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 23:35:45.0052 5716 1394ohci - ok 23:35:45.0068 5716 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 23:35:45.0083 5716 ACPI - ok 23:35:45.0099 5716 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 23:35:45.0099 5716 AcpiPmi - ok 23:35:45.0130 5716 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 23:35:45.0146 5716 adp94xx - ok 23:35:45.0162 5716 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 23:35:45.0177 5716 adpahci - ok 23:35:45.0193 5716 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 23:35:45.0193 5716 adpu320 - ok 23:35:45.0208 5716 afcdp (769b6f7dee0e943712a6316129d4bb0e) C:\Windows\system32\DRIVERS\afcdp.sys 23:35:45.0240 5716 afcdp - ok 23:35:45.0255 5716 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 23:35:45.0271 5716 AFD - ok 23:35:45.0271 5716 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 23:35:45.0287 5716 agp440 - ok 23:35:45.0302 5716 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 23:35:45.0302 5716 aliide - ok 23:35:45.0318 5716 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 23:35:45.0318 5716 amdide - ok 23:35:45.0333 5716 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 23:35:45.0349 5716 AmdK8 - ok 23:35:45.0349 5716 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 23:35:45.0365 5716 AmdPPM - ok 23:35:45.0365 5716 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 23:35:45.0380 5716 amdsata - ok 23:35:45.0396 5716 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 23:35:45.0396 5716 amdsbs - ok 23:35:45.0412 5716 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 23:35:45.0427 5716 amdxata - ok 23:35:45.0443 5716 AMTBDA_P861F (8d1730e518132a28e6c6a7e7b94cdf0b) C:\Windows\system32\DRIVERS\anyseeTU.SYS 23:35:45.0458 5716 AMTBDA_P861F - ok 23:35:45.0474 5716 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 23:35:45.0505 5716 AppID - ok 23:35:45.0521 5716 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 23:35:45.0521 5716 arc - ok 23:35:45.0537 5716 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 23:35:45.0537 5716 arcsas - ok 23:35:45.0552 5716 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 23:35:45.0583 5716 AsyncMac - ok 23:35:45.0599 5716 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 23:35:45.0599 5716 atapi - ok 23:35:45.0693 5716 atikmdag (52bd95caa9cae8977fe043e9ad6d2d0e) C:\Windows\system32\DRIVERS\atikmdag.sys 23:35:45.0755 5716 atikmdag - ok 23:35:45.0771 5716 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 23:35:45.0787 5716 b06bdrv - ok 23:35:45.0802 5716 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 23:35:45.0818 5716 b57nd60a - ok 23:35:45.0818 5716 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 23:35:45.0849 5716 Beep - ok 23:35:45.0865 5716 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 23:35:45.0880 5716 blbdrive - ok 23:35:45.0896 5716 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 23:35:45.0896 5716 bowser - ok 23:35:45.0912 5716 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 23:35:45.0927 5716 BrFiltLo - ok 23:35:45.0927 5716 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 23:35:45.0943 5716 BrFiltUp - ok 23:35:45.0958 5716 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 23:35:45.0990 5716 BridgeMP - ok 23:35:46.0005 5716 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 23:35:46.0021 5716 Brserid - ok 23:35:46.0037 5716 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 23:35:46.0052 5716 BrSerWdm - ok 23:35:46.0068 5716 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 23:35:46.0083 5716 BrUsbMdm - ok 23:35:46.0083 5716 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 23:35:46.0099 5716 BrUsbSer - ok 23:35:46.0115 5716 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 23:35:46.0115 5716 BthEnum - ok 23:35:46.0130 5716 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 23:35:46.0146 5716 BTHMODEM - ok 23:35:46.0162 5716 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 23:35:46.0177 5716 BthPan - ok 23:35:46.0193 5716 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 23:35:46.0208 5716 BTHPORT - ok 23:35:46.0224 5716 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 23:35:46.0224 5716 BTHUSB - ok 23:35:46.0240 5716 catchme - ok 23:35:46.0240 5716 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 23:35:46.0271 5716 cdfs - ok 23:35:46.0287 5716 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 23:35:46.0302 5716 cdrom - ok 23:35:46.0318 5716 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 23:35:46.0318 5716 circlass - ok 23:35:46.0333 5716 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 23:35:46.0349 5716 CLFS - ok 23:35:46.0365 5716 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 23:35:46.0380 5716 CmBatt - ok 23:35:46.0380 5716 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 23:35:46.0396 5716 cmdide - ok 23:35:46.0412 5716 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 23:35:46.0427 5716 CNG - ok 23:35:46.0443 5716 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 23:35:46.0443 5716 Compbatt - ok 23:35:46.0458 5716 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 23:35:46.0474 5716 CompositeBus - ok 23:35:46.0490 5716 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 23:35:46.0490 5716 crcdisk - ok 23:35:46.0521 5716 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 23:35:46.0537 5716 CSC - ok 23:35:46.0552 5716 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 23:35:46.0583 5716 DfsC - ok 23:35:46.0599 5716 DgiVecp - ok 23:35:46.0599 5716 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 23:35:46.0630 5716 discache - ok 23:35:46.0646 5716 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 23:35:46.0646 5716 Disk - ok 23:35:46.0662 5716 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 23:35:46.0677 5716 drmkaud - ok 23:35:46.0693 5716 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 23:35:46.0724 5716 DXGKrnl - ok 23:35:46.0740 5716 e.dentifier2 (a0d5450b3d4689dce4cbbc8268141c37) C:\Windows\system32\DRIVERS\aabed2.sys 23:35:46.0740 5716 e.dentifier2 - ok 23:35:46.0802 5716 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 23:35:46.0833 5716 ebdrv - ok 23:35:46.0865 5716 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 23:35:46.0880 5716 elxstor - ok 23:35:46.0896 5716 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 23:35:46.0896 5716 ErrDev - ok 23:35:46.0912 5716 ewusbnet (8adacffad67394c711698ea074ce3bab) C:\Windows\system32\DRIVERS\ewusbnet.sys 23:35:46.0927 5716 ewusbnet - ok 23:35:46.0943 5716 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 23:35:46.0974 5716 exfat - ok 23:35:46.0990 5716 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 23:35:47.0005 5716 fastfat - ok 23:35:47.0021 5716 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 23:35:47.0037 5716 fdc - ok 23:35:47.0052 5716 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 23:35:47.0052 5716 FileInfo - ok 23:35:47.0068 5716 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 23:35:47.0099 5716 Filetrace - ok 23:35:47.0099 5716 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 23:35:47.0115 5716 flpydisk - ok 23:35:47.0130 5716 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 23:35:47.0146 5716 FltMgr - ok 23:35:47.0162 5716 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 23:35:47.0162 5716 FsDepends - ok 23:35:47.0177 5716 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 23:35:47.0177 5716 Fs_Rec - ok 23:35:47.0193 5716 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 23:35:47.0208 5716 fvevol - ok 23:35:47.0224 5716 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 23:35:47.0224 5716 gagp30kx - ok 23:35:47.0240 5716 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 23:35:47.0240 5716 GEARAspiWDM - ok 23:35:47.0271 5716 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 23:35:47.0271 5716 hcw85cir - ok 23:35:47.0287 5716 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 23:35:47.0302 5716 HdAudAddService - ok 23:35:47.0318 5716 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 23:35:47.0333 5716 HDAudBus - ok 23:35:47.0333 5716 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 23:35:47.0349 5716 HidBatt - ok 23:35:47.0365 5716 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 23:35:47.0365 5716 HidBth - ok 23:35:47.0380 5716 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 23:35:47.0396 5716 HidIr - ok 23:35:47.0412 5716 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 23:35:47.0412 5716 HidUsb - ok 23:35:47.0427 5716 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 23:35:47.0443 5716 HpSAMD - ok 23:35:47.0458 5716 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 23:35:47.0490 5716 HTTP - ok 23:35:47.0505 5716 hwdatacard (d969d0e26c5b1e813b17066a8318d5d4) C:\Windows\system32\DRIVERS\ewusbmdm.sys 23:35:47.0521 5716 hwdatacard - ok 23:35:47.0521 5716 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 23:35:47.0537 5716 hwpolicy - ok 23:35:47.0552 5716 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 23:35:47.0568 5716 i8042prt - ok 23:35:47.0583 5716 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 23:35:47.0583 5716 iaStorV - ok 23:35:47.0599 5716 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 23:35:47.0615 5716 iirsp - ok 23:35:47.0630 5716 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 23:35:47.0630 5716 intelide - ok 23:35:47.0646 5716 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 23:35:47.0662 5716 intelppm - ok 23:35:47.0677 5716 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:35:47.0693 5716 IpFilterDriver - ok 23:35:47.0708 5716 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 23:35:47.0724 5716 IPMIDRV - ok 23:35:47.0740 5716 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 23:35:47.0755 5716 IPNAT - ok 23:35:47.0771 5716 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 23:35:47.0787 5716 IRENUM - ok 23:35:47.0802 5716 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 23:35:47.0802 5716 isapnp - ok 23:35:47.0818 5716 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 23:35:47.0833 5716 iScsiPrt - ok 23:35:47.0849 5716 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 23:35:47.0849 5716 kbdclass - ok 23:35:47.0865 5716 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 23:35:47.0880 5716 kbdhid - ok 23:35:47.0896 5716 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 23:35:47.0896 5716 KSecDD - ok 23:35:47.0912 5716 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 23:35:47.0927 5716 KSecPkg - ok 23:35:47.0927 5716 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 23:35:47.0958 5716 ksthunk - ok 23:35:47.0974 5716 LEqdUsb (ed7ec050cd6c20e1a93a4dafb7efd14d) C:\Windows\system32\DRIVERS\LEqdUsb.Sys 23:35:47.0990 5716 LEqdUsb - ok 23:35:48.0005 5716 LHidEqd (3267bc698e29474a8381e68904eb0390) C:\Windows\system32\DRIVERS\LHidEqd.Sys 23:35:48.0005 5716 LHidEqd - ok 23:35:48.0021 5716 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys 23:35:48.0021 5716 LHidFilt - ok 23:35:48.0037 5716 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 23:35:48.0069 5716 lltdio - ok 23:35:48.0084 5716 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys 23:35:48.0084 5716 LMouFilt - ok 23:35:48.0100 5716 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 23:35:48.0116 5716 LSI_FC - ok 23:35:48.0116 5716 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 23:35:48.0131 5716 LSI_SAS - ok 23:35:48.0147 5716 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 23:35:48.0147 5716 LSI_SAS2 - ok 23:35:48.0163 5716 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 23:35:48.0178 5716 LSI_SCSI - ok 23:35:48.0194 5716 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 23:35:48.0225 5716 luafv - ok 23:35:48.0225 5716 LUsbFilt (29c733e1de824670dc9315cfc9bdbcd3) C:\Windows\system32\Drivers\LUsbFilt.Sys 23:35:48.0241 5716 LUsbFilt - ok 23:35:48.0241 5716 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 23:35:48.0256 5716 megasas - ok 23:35:48.0272 5716 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 23:35:48.0288 5716 MegaSR - ok 23:35:48.0288 5716 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 23:35:48.0319 5716 Modem - ok 23:35:48.0334 5716 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 23:35:48.0350 5716 monitor - ok 23:35:48.0350 5716 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 23:35:48.0366 5716 mouclass - ok 23:35:48.0381 5716 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 23:35:48.0381 5716 mouhid - ok 23:35:48.0397 5716 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 23:35:48.0397 5716 mountmgr - ok 23:35:48.0413 5716 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys 23:35:48.0428 5716 MpFilter - ok 23:35:48.0444 5716 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 23:35:48.0459 5716 mpio - ok 23:35:48.0459 5716 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys 23:35:48.0475 5716 MpNWMon - ok 23:35:48.0475 5716 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 23:35:48.0506 5716 mpsdrv - ok 23:35:48.0538 5716 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 23:35:48.0553 5716 MRxDAV - ok 23:35:48.0584 5716 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 23:35:48.0584 5716 mrxsmb - ok 23:35:48.0616 5716 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:35:48.0616 5716 mrxsmb10 - ok 23:35:48.0647 5716 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:35:48.0663 5716 mrxsmb20 - ok 23:35:48.0678 5716 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 23:35:48.0678 5716 msahci - ok 23:35:48.0694 5716 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 23:35:48.0694 5716 msdsm - ok 23:35:48.0709 5716 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 23:35:48.0741 5716 Msfs - ok 23:35:48.0756 5716 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 23:35:48.0788 5716 mshidkmdf - ok 23:35:48.0788 5716 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 23:35:48.0803 5716 msisadrv - ok 23:35:48.0819 5716 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 23:35:48.0834 5716 MSKSSRV - ok 23:35:48.0850 5716 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 23:35:48.0881 5716 MSPCLOCK - ok 23:35:48.0881 5716 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 23:35:48.0913 5716 MSPQM - ok 23:35:48.0928 5716 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 23:35:48.0944 5716 MsRPC - ok 23:35:48.0959 5716 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 23:35:48.0959 5716 mssmbios - ok 23:35:48.0975 5716 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 23:35:48.0991 5716 MSTEE - ok 23:35:49.0006 5716 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 23:35:49.0022 5716 MTConfig - ok 23:35:49.0022 5716 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 23:35:49.0038 5716 Mup - ok 23:35:49.0053 5716 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 23:35:49.0069 5716 NativeWifiP - ok 23:35:49.0100 5716 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 23:35:49.0116 5716 NDIS - ok 23:35:49.0131 5716 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 23:35:49.0147 5716 NdisCap - ok 23:35:49.0163 5716 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 23:35:49.0194 5716 NdisTapi - ok 23:35:49.0194 5716 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 23:35:49.0225 5716 Ndisuio - ok 23:35:49.0241 5716 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 23:35:49.0256 5716 NdisWan - ok 23:35:49.0272 5716 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 23:35:49.0303 5716 NDProxy - ok 23:35:49.0303 5716 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 23:35:49.0334 5716 NetBIOS - ok 23:35:49.0350 5716 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 23:35:49.0366 5716 NetBT - ok 23:35:49.0381 5716 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 23:35:49.0397 5716 nfrd960 - ok 23:35:49.0413 5716 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 23:35:49.0413 5716 NisDrv - ok 23:35:49.0428 5716 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 23:35:49.0459 5716 Npfs - ok 23:35:49.0459 5716 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 23:35:49.0491 5716 nsiproxy - ok 23:35:49.0538 5716 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 23:35:49.0584 5716 Ntfs - ok 23:35:49.0584 5716 ntk_PowerDVD (7420b2e1f65642129b6e23bd42f752aa) C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys 23:35:49.0600 5716 ntk_PowerDVD - ok 23:35:49.0616 5716 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 23:35:49.0647 5716 Null - ok 23:35:49.0647 5716 nusb3hub (c25cc69829e976c67b34152334eeddd1) C:\Windows\system32\DRIVERS\nusb3hub.sys 23:35:49.0663 5716 nusb3hub - ok 23:35:49.0678 5716 nusb3xhc (20bc4b57a6dba0447adb3b623c200f8e) C:\Windows\system32\DRIVERS\nusb3xhc.sys 23:35:49.0678 5716 nusb3xhc - ok 23:35:49.0694 5716 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 23:35:49.0694 5716 nvraid - ok 23:35:49.0709 5716 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 23:35:49.0725 5716 nvstor - ok 23:35:49.0725 5716 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 23:35:49.0741 5716 nv_agp - ok 23:35:49.0756 5716 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 23:35:49.0756 5716 ohci1394 - ok 23:35:49.0788 5716 P17 (634347adebc790b8f07654a3ea8034fd) C:\Windows\system32\drivers\P17.sys 23:35:49.0803 5716 P17 - ok 23:35:49.0819 5716 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 23:35:49.0819 5716 Parport - ok 23:35:49.0834 5716 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 23:35:49.0850 5716 partmgr - ok 23:35:49.0866 5716 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 23:35:49.0881 5716 pci - ok 23:35:49.0897 5716 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 23:35:49.0913 5716 pciide - ok 23:35:49.0928 5716 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 23:35:49.0944 5716 pcmcia - ok 23:35:49.0959 5716 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 23:35:49.0975 5716 pcw - ok 23:35:50.0006 5716 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 23:35:50.0038 5716 PEAUTH - ok 23:35:50.0069 5716 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 23:35:50.0100 5716 PptpMiniport - ok 23:35:50.0100 5716 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 23:35:50.0116 5716 Processor - ok 23:35:50.0131 5716 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 23:35:50.0147 5716 Psched - ok 23:35:50.0178 5716 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 23:35:50.0209 5716 ql2300 - ok 23:35:50.0225 5716 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 23:35:50.0225 5716 ql40xx - ok 23:35:50.0241 5716 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 23:35:50.0256 5716 QWAVEdrv - ok 23:35:50.0272 5716 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 23:35:50.0303 5716 RasAcd - ok 23:35:50.0319 5716 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 23:35:50.0334 5716 RasAgileVpn - ok 23:35:50.0350 5716 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 23:35:50.0381 5716 Rasl2tp - ok 23:35:50.0397 5716 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 23:35:50.0413 5716 RasPppoe - ok 23:35:50.0428 5716 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 23:35:50.0459 5716 RasSstp - ok 23:35:50.0475 5716 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 23:35:50.0491 5716 rdbss - ok 23:35:50.0506 5716 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 23:35:50.0522 5716 rdpbus - ok 23:35:50.0538 5716 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 23:35:50.0569 5716 RDPCDD - ok 23:35:50.0584 5716 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 23:35:50.0600 5716 RDPDR - ok 23:35:50.0616 5716 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 23:35:50.0631 5716 RDPENCDD - ok 23:35:50.0647 5716 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 23:35:50.0678 5716 RDPREFMP - ok 23:35:50.0694 5716 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 23:35:50.0709 5716 RDPWD - ok 23:35:50.0725 5716 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 23:35:50.0741 5716 rdyboost - ok 23:35:50.0756 5716 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 23:35:50.0772 5716 RFCOMM - ok 23:35:50.0788 5716 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 23:35:50.0803 5716 rspndr - ok 23:35:50.0834 5716 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys 23:35:50.0834 5716 RTL8167 - ok 23:35:50.0850 5716 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 23:35:50.0850 5716 s3cap - ok 23:35:50.0881 5716 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 23:35:50.0897 5716 sbp2port - ok 23:35:50.0913 5716 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 23:35:50.0928 5716 scfilter - ok 23:35:50.0944 5716 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 23:35:50.0975 5716 secdrv - ok 23:35:50.0991 5716 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 23:35:51.0006 5716 Serenum - ok 23:35:51.0006 5716 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 23:35:51.0022 5716 Serial - ok 23:35:51.0022 5716 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 23:35:51.0038 5716 sermouse - ok 23:35:51.0053 5716 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 23:35:51.0069 5716 sffdisk - ok 23:35:51.0069 5716 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 23:35:51.0084 5716 sffp_mmc - ok 23:35:51.0100 5716 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 23:35:51.0100 5716 sffp_sd - ok 23:35:51.0131 5716 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 23:35:51.0131 5716 sfloppy - ok 23:35:51.0147 5716 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 23:35:51.0163 5716 SiSRaid2 - ok 23:35:51.0178 5716 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 23:35:51.0178 5716 SiSRaid4 - ok 23:35:51.0194 5716 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 23:35:51.0225 5716 Smb - ok 23:35:51.0241 5716 snapman (446eb38ce4a6d040f548b2f547ca96ff) C:\Windows\system32\DRIVERS\snapman.sys 23:35:51.0241 5716 snapman - ok 23:35:51.0256 5716 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 23:35:51.0272 5716 spldr - ok 23:35:51.0288 5716 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 23:35:51.0288 5716 srv - ok 23:35:51.0303 5716 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 23:35:51.0319 5716 srv2 - ok 23:35:51.0334 5716 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 23:35:51.0350 5716 srvnet - ok 23:35:51.0350 5716 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys 23:35:51.0366 5716 SSPORT - ok 23:35:51.0366 5716 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 23:35:51.0381 5716 stexstor - ok 23:35:51.0397 5716 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 23:35:51.0397 5716 storflt - ok 23:35:51.0413 5716 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 23:35:51.0413 5716 storvsc - ok 23:35:51.0428 5716 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 23:35:51.0428 5716 swenum - ok 23:35:51.0459 5716 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 23:35:51.0491 5716 Tcpip - ok 23:35:51.0522 5716 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 23:35:51.0553 5716 TCPIP6 - ok 23:35:51.0569 5716 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 23:35:51.0600 5716 tcpipreg - ok 23:35:51.0616 5716 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 23:35:51.0631 5716 TDPIPE - ok 23:35:51.0678 5716 tdrpman255 (5a1ce027712f76ad4c485e803db7d08c) C:\Windows\system32\DRIVERS\tdrpm255.sys 23:35:51.0709 5716 tdrpman255 - ok 23:35:51.0725 5716 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 23:35:51.0756 5716 TDTCP - ok 23:35:51.0772 5716 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 23:35:51.0803 5716 tdx - ok 23:35:51.0819 5716 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 23:35:51.0819 5716 TermDD - ok 23:35:51.0850 5716 timounter (f7546ead58cc3000ac02cf9529b9934e) C:\Windows\system32\DRIVERS\timntr.sys 23:35:51.0866 5716 timounter - ok 23:35:51.0881 5716 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 23:35:51.0913 5716 tssecsrv - ok 23:35:51.0913 5716 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 23:35:51.0928 5716 TsUsbFlt - ok 23:35:51.0944 5716 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 23:35:51.0959 5716 tunnel - ok 23:35:51.0975 5716 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 23:35:51.0991 5716 uagp35 - ok 23:35:51.0991 5716 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 23:35:52.0022 5716 udfs - ok 23:35:52.0038 5716 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 23:35:52.0038 5716 uliagpkx - ok 23:35:52.0053 5716 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 23:35:52.0069 5716 umbus - ok 23:35:52.0069 5716 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 23:35:52.0084 5716 UmPass - ok 23:35:52.0100 5716 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 23:35:52.0100 5716 USBAAPL64 - ok 23:35:52.0116 5716 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 23:35:52.0131 5716 usbccgp - ok 23:35:52.0131 5716 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 23:35:52.0147 5716 usbcir - ok 23:35:52.0163 5716 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 23:35:52.0178 5716 usbehci - ok 23:35:52.0194 5716 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 23:35:52.0194 5716 usbhub - ok 23:35:52.0209 5716 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 23:35:52.0225 5716 usbohci - ok 23:35:52.0241 5716 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 23:35:52.0256 5716 usbprint - ok 23:35:52.0272 5716 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 23:35:52.0288 5716 usbscan - ok 23:35:52.0288 5716 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:35:52.0303 5716 USBSTOR - ok 23:35:52.0319 5716 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys 23:35:52.0319 5716 usbuhci - ok 23:35:52.0334 5716 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 23:35:52.0350 5716 vdrvroot - ok 23:35:52.0366 5716 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 23:35:52.0381 5716 vga - ok 23:35:52.0397 5716 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 23:35:52.0428 5716 VgaSave - ok 23:35:52.0428 5716 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 23:35:52.0444 5716 vhdmp - ok 23:35:52.0459 5716 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 23:35:52.0459 5716 viaide - ok 23:35:52.0491 5716 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 23:35:52.0506 5716 vmbus - ok 23:35:52.0522 5716 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 23:35:52.0569 5716 VMBusHID - ok 23:35:52.0584 5716 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 23:35:52.0600 5716 volmgr - ok 23:35:52.0616 5716 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 23:35:52.0616 5716 volmgrx - ok 23:35:52.0631 5716 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 23:35:52.0647 5716 volsnap - ok 23:35:52.0663 5716 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys 23:35:52.0663 5716 vpcbus - ok 23:35:52.0678 5716 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys 23:35:52.0694 5716 vpcnfltr - ok 23:35:52.0709 5716 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys 23:35:52.0709 5716 vpcusb - ok 23:35:52.0725 5716 vpcuxd (63f4e10873beb4124028c6d1a66b0968) C:\Windows\system32\DRIVERS\vpcuxd.sys 23:35:52.0741 5716 vpcuxd - ok 23:35:52.0756 5716 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys 23:35:52.0772 5716 vpcvmm - ok 23:35:52.0788 5716 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 23:35:52.0788 5716 vsmraid - ok 23:35:52.0803 5716 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 23:35:52.0819 5716 vwifibus - ok 23:35:52.0834 5716 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 23:35:52.0834 5716 WacomPen - ok 23:35:52.0850 5716 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:35:52.0881 5716 WANARP - ok 23:35:52.0881 5716 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:35:52.0897 5716 Wanarpv6 - ok 23:35:52.0928 5716 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 23:35:52.0928 5716 Wd - ok 23:35:52.0944 5716 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys 23:35:52.0944 5716 WDC_SAM - ok 23:35:52.0959 5716 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 23:35:52.0975 5716 Wdf01000 - ok 23:35:53.0006 5716 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 23:35:53.0022 5716 WfpLwf - ok 23:35:53.0038 5716 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 23:35:53.0038 5716 WIMMount - ok 23:35:53.0069 5716 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 23:35:53.0084 5716 WinUsb - ok 23:35:53.0084 5716 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 23:35:53.0100 5716 WmiAcpi - ok 23:35:53.0116 5716 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 23:35:53.0147 5716 ws2ifsl - ok 23:35:53.0163 5716 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 23:35:53.0194 5716 WudfPf - ok 23:35:53.0194 5716 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 23:35:53.0225 5716 WUDFRd - ok 23:35:53.0241 5716 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (1870a74ee2901ca09ffbfe79a5ee0e94) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl 23:35:53.0241 5716 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok 23:35:53.0350 5716 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 23:35:53.0850 5716 \Device\Harddisk0\DR0 - ok 23:35:53.0850 5716 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1 23:35:53.0866 5716 \Device\Harddisk1\DR1 - ok 23:35:53.0866 5716 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2 23:35:53.0897 5716 \Device\Harddisk2\DR2 - ok 23:35:53.0897 5716 Boot (0x1200) (f69857d7f3642abf55f6fd184713e3df) \Device\Harddisk0\DR0\Partition0 23:35:53.0897 5716 \Device\Harddisk0\DR0\Partition0 - ok 23:35:53.0897 5716 Boot (0x1200) (680a4bb76e237684b92ae6593dc546e0) \Device\Harddisk0\DR0\Partition1 23:35:53.0897 5716 \Device\Harddisk0\DR0\Partition1 - ok 23:35:53.0897 5716 Boot (0x1200) (66c67a03c135113bdf3016fa97c7d11c) \Device\Harddisk0\DR0\Partition2 23:35:53.0897 5716 \Device\Harddisk0\DR0\Partition2 - ok 23:35:53.0897 5716 Boot (0x1200) (34b720c963a42fa1e50e36df239d8bdd) \Device\Harddisk1\DR1\Partition0 23:35:53.0897 5716 \Device\Harddisk1\DR1\Partition0 - ok 23:35:53.0897 5716 Boot (0x1200) (738560f7b9ff8f74bb2e827fb2b1702d) \Device\Harddisk2\DR2\Partition0 23:35:53.0897 5716 \Device\Harddisk2\DR2\Partition0 - ok 23:35:53.0897 5716 ============================================================ 23:35:53.0897 5716 Scan finished 23:35:53.0897 5716 ============================================================ 23:35:54.0413 3644 Deinitialize success ============================================== System Restore Point Check: TDSSKiller Starter Restore Point Created Succesfully ============================================== Older logs ============================================== C:\TDSSStarter\Report_04-03-2012_2319_.log ============================================== EOF ComboFix 12-03-04.01 - Nico 04-03-2012 23:29:44.2.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.6135.4390 [GMT 1:00] Gestart vanuit: c:\users\Nico\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-02-04 to 2012-03-04 )))))))))))))))))))))))))))))) . . 2012-03-04 22:32 . 2012-03-04 22:32 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-04 22:19 . 2012-03-04 22:19 -------- d-----w- C:\TDSSStarter 2012-03-04 14:36 . 2012-03-04 14:36 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-03-04 14:36 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-04 09:26 . 2012-03-04 09:26 388096 ----a-r- c:\users\Nico\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-04 09:26 . 2012-03-04 09:26 -------- d-----w- c:\program files (x86)\Trend Micro 2012-03-04 09:24 . 2012-03-04 09:24 484664 ----a-w- c:\program files\hijackthis-s32-downloader.exe 2012-03-04 08:58 . 2012-03-04 08:58 -------- d-----w- c:\program files (x86)\Common Files\Innovative Solutions 2012-03-04 08:58 . 2009-11-05 15:36 47984 ----a-w- c:\windows\SysWow64\AdvUninstCPL.cpl 2012-03-04 08:57 . 2012-03-04 08:58 -------- d-----w- c:\programdata\Innovative Solutions 2012-03-04 08:41 . 2012-03-04 08:41 -------- d-----w- c:\programdata\PC Tools 2012-03-04 08:41 . 2012-03-04 08:41 -------- d-----w- c:\users\Nico\AppData\Roaming\TestApp 2012-03-04 08:20 . 2012-03-04 08:20 -------- d-----w- c:\programdata\Binarysense 2012-03-04 08:18 . 2012-03-04 08:18 -------- d-----w- c:\program files (x86)\BinarySense 2012-03-04 08:07 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB4B815E-872A-4D17-A182-3BF4DB650E45}\mpengine.dll 2012-02-26 15:22 . 2009-12-07 18:53 117504 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys 2012-02-26 15:22 . 2009-12-07 18:36 246224 ----a-w- c:\windows\system32\drivers\ewusbnet.sys 2012-02-26 15:22 . 2009-10-12 14:23 114304 ----a-w- c:\windows\system32\drivers\ewusbdev.sys 2012-02-26 15:22 . 2007-08-09 03:10 29696 ----a-w- c:\windows\system32\drivers\ewdcsc.sys 2012-02-26 15:22 . 2012-02-26 15:23 -------- d-----w- c:\program files (x86)\Mobile Partner 2012-02-26 15:11 . 2012-02-26 15:11 -------- d-----w- c:\program files (x86)\Xirrus 2012-02-26 07:18 . 2012-02-26 07:18 -------- d-----w- c:\users\Nico\AppData\Local\MetaGeek,_LLC 2012-02-25 21:33 . 2012-02-25 21:33 -------- d-----w- c:\program files (x86)\MetaGeek 2012-02-24 21:55 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll 2012-02-24 21:55 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll 2012-02-24 21:55 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll 2012-02-24 21:55 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll 2012-02-24 21:55 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll 2012-02-24 21:55 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll 2012-02-24 21:55 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll 2012-02-24 21:55 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll 2012-02-24 21:55 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\SysWow64\d3dx9_35.dll 2012-02-24 21:55 . 2007-05-16 15:45 3497832 ----a-w- c:\windows\SysWow64\d3dx9_34.dll 2012-02-20 19:56 . 2012-02-20 19:56 -------- d-----w- c:\users\Nico\AppData\Roaming\CyberLink 2012-02-20 19:55 . 2012-02-20 19:55 -------- d-----w- c:\programdata\PDVD 2012-02-20 19:54 . 2012-02-20 19:57 -------- d-----w- c:\programdata\CyberLink 2012-02-20 19:54 . 2012-02-20 19:54 -------- d-----w- c:\users\Nico\AppData\Local\MediaServer 2012-02-20 19:54 . 2012-02-20 19:54 -------- d-----w- c:\program files (x86)\CyberLink 2012-02-20 19:53 . 2012-02-20 19:54 -------- d-----w- c:\programdata\install_clap 2012-02-19 20:50 . 2012-02-19 20:54 -------- d-----w- c:\users\Nico\AppData\Roaming\TeamViewer 2012-02-19 07:21 . 2012-02-19 07:21 -------- d-----w- c:\users\Nico\AppData\Roaming\Downloaded Installations 2012-02-15 21:04 . 2012-02-15 21:04 -------- d-----w- c:\programdata\4Videosoft Studio 2012-02-15 21:03 . 2012-02-15 21:03 -------- d-----w- c:\program files (x86)\4Videosoft Studio 2012-02-15 20:58 . 2012-02-15 20:58 -------- d-----w- c:\users\Nico\AppData\Roaming\WinAVI 2012-02-15 20:58 . 2012-02-15 20:58 -------- d-----w- c:\users\Nico\AppData\Local\WinAVI 2012-02-15 20:58 . 2012-02-15 21:08 -------- d-----w- c:\program files (x86)\WinAVI 2012-02-15 20:43 . 2012-02-15 20:43 -------- d-----w- c:\programdata\Nero 2012-02-15 20:43 . 2012-02-15 20:43 -------- d-----w- c:\program files (x86)\Nero 2012-02-15 20:43 . 2012-02-15 20:43 -------- d-----w- c:\program files (x86)\Common Files\Ahead 2012-02-15 07:01 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-15 07:01 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-02-15 07:01 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl 2012-02-15 07:01 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl 2012-02-15 07:01 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-02-15 07:01 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys 2012-02-15 07:01 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-15 07:01 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2012-02-14 16:23 . 2012-02-14 16:23 -------- d-----w- C:\Need4Video files 2012-02-14 16:20 . 2012-02-14 16:20 -------- d-----w- c:\program files (x86)\Need4 Video Converter 9 2012-02-14 15:50 . 2012-02-14 15:50 -------- d-----w- c:\users\Nico\AppData\Local\Western Digital 2012-02-14 11:36 . 2012-02-14 11:36 -------- d-----w- c:\users\Nico\AppData\Roaming\AVS4YOU 2012-02-14 11:32 . 2012-02-14 11:37 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia 2012-02-14 11:32 . 2012-02-14 11:37 -------- d-----w- c:\program files (x86)\AVS4YOU 2012-02-14 11:32 . 2012-02-14 11:36 -------- d-----w- c:\programdata\AVS4YOU 2012-02-14 11:32 . 2011-08-22 15:33 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll 2012-02-14 11:32 . 2011-08-22 15:32 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll 2012-02-14 11:20 . 2012-02-14 11:22 -------- d-----w- c:\users\Nico\AppData\Local\Ahead 2012-02-14 11:19 . 2012-02-15 21:22 -------- d-----w- c:\users\Nico\AppData\Roaming\Ahead 2012-02-14 11:19 . 2012-02-14 11:19 -------- d-----w- c:\programdata\Ahead 2012-02-11 10:50 . 2012-02-11 10:50 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0D14A808-BD25-41E3-94DF-A603DD648E24}\gapaengine.dll 2012-02-11 10:50 . 2011-12-31 17:55 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-02-09 19:37 . 2012-02-09 19:54 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-02-09 19:37 . 2012-02-09 19:38 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2012-02-09 11:10 . 2012-02-09 11:11 -------- d-----w- c:\users\Nico\AppData\Roaming\tiger-k 2012-02-09 11:10 . 2012-02-09 11:10 -------- d-----w- c:\users\Nico\AppData\Roaming\Leawo 2012-02-09 11:08 . 2011-03-02 10:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll 2012-02-09 11:08 . 2012-02-09 11:08 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack 2012-02-09 11:08 . 2008-10-28 09:10 139264 ----a-w- c:\windows\SysWow64\xvid.ax 2012-02-09 11:08 . 2008-10-08 08:45 606208 ----a-w- c:\windows\SysWow64\xvidcore.dll 2012-02-09 08:41 . 2012-02-09 08:41 -------- d-----w- c:\program files (x86)\Productivity_3.1 2012-02-05 18:59 . 2012-02-05 18:59 -------- d-----w- c:\programdata\InstallShield 2012-02-05 18:59 . 2012-02-05 18:59 -------- d-----w- c:\program files (x86)\Common Files\InstallShield Shared 2012-02-04 11:42 . 2012-02-04 11:42 -------- d-----w- c:\program files (x86)\Alex 2012-02-04 11:35 . 2012-02-04 11:35 -------- d-----w- c:\windows\system32\appmgmt . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-29 06:36 . 2011-12-31 19:09 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-08 07:13 . 2012-01-01 14:25 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-01-31 12:44 . 2011-12-31 16:50 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-01-02 07:56 . 2012-01-02 07:56 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-01-01 15:36 . 2011-12-31 17:53 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2012-01-01 15:20 . 2012-01-01 15:20 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2012-01-01 15:20 . 2012-01-01 15:20 882512 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-01-01 09:37 . 2012-01-01 09:37 250464 ----a-w- c:\windows\system32\drivers\afcdp.sys 2012-01-01 09:37 . 2012-01-01 09:37 1477152 ----a-w- c:\windows\system32\drivers\tdrpm255.sys 2012-01-01 09:37 . 2012-01-01 09:37 929312 ----a-w- c:\windows\system32\drivers\timntr.sys 2012-01-01 09:37 . 2012-01-01 09:37 254496 ----a-w- c:\windows\system32\drivers\snapman.sys 2011-12-31 18:13 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2011-12-31 18:13 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2011-12-31 17:54 . 2011-12-31 17:54 53248 ----a-r- c:\users\Nico\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2011-12-31 16:39 . 2011-12-31 16:39 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-12-31 16:39 . 2011-12-31 16:39 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-12-31 16:39 . 2011-12-31 16:39 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2011-12-31 16:39 . 2011-12-31 16:39 85504 ----a-w- c:\windows\system32\iesetup.dll 2011-12-31 16:39 . 2011-12-31 16:39 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2011-12-31 16:39 . 2011-12-31 16:39 76800 ----a-w- c:\windows\system32\tdc.ocx 2011-12-31 16:39 . 2011-12-31 16:39 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2011-12-31 16:39 . 2011-12-31 16:39 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2011-12-31 16:39 . 2011-12-31 16:39 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2011-12-31 16:39 . 2011-12-31 16:39 603648 ----a-w- c:\windows\system32\vbscript.dll 2011-12-31 16:39 . 2011-12-31 16:39 49664 ----a-w- c:\windows\system32\imgutil.dll 2011-12-31 16:39 . 2011-12-31 16:39 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2011-12-31 16:39 . 2011-12-31 16:39 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-12-31 16:39 . 2011-12-31 16:39 448512 ----a-w- c:\windows\system32\html.iec 2011-12-31 16:39 . 2011-12-31 16:39 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2011-12-31 16:39 . 2011-12-31 16:39 367104 ----a-w- c:\windows\SysWow64\html.iec 2011-12-31 16:39 . 2011-12-31 16:39 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2011-12-31 16:39 . 2011-12-31 16:39 30720 ----a-w- c:\windows\system32\licmgr10.dll 2011-12-31 16:39 . 2011-12-31 16:39 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2011-12-31 16:39 . 2011-12-31 16:39 222208 ----a-w- c:\windows\system32\msls31.dll 2011-12-31 16:39 . 2011-12-31 16:39 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2011-12-31 16:39 . 2011-12-31 16:39 165888 ----a-w- c:\windows\system32\iexpress.exe 2011-12-31 16:39 . 2011-12-31 16:39 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2011-12-31 16:39 . 2011-12-31 16:39 160256 ----a-w- c:\windows\system32\wextract.exe 2011-12-31 16:39 . 2011-12-31 16:39 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2011-12-31 16:39 . 2011-12-31 16:39 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2011-12-31 16:39 . 2011-12-31 16:39 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2011-12-31 16:39 . 2011-12-31 16:39 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-12-31 16:39 . 2011-12-31 16:39 12288 ----a-w- c:\windows\system32\mshta.exe 2011-12-31 16:39 . 2011-12-31 16:39 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2011-12-31 16:39 . 2011-12-31 16:39 114176 ----a-w- c:\windows\system32\admparse.dll 2011-12-31 16:39 . 2011-12-31 16:39 111616 ----a-w- c:\windows\system32\iesysprep.dll 2011-12-31 16:39 . 2011-12-31 16:39 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2011-12-31 16:39 . 2011-12-31 16:39 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2011-12-31 15:59 . 2011-12-31 15:59 419840 ----a-w- c:\windows\system32\wrap_oal.dll 2011-12-31 15:59 . 2011-12-31 15:59 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2011-12-31 15:59 . 2011-12-31 15:59 133632 ----a-w- c:\windows\system32\OpenAL32.dll 2011-12-31 15:59 . 2011-12-31 15:59 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2010-11-29 14:26 3908192 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-11-29 3908192] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-01-18 18:49 94208 ----a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-01-18 18:49 94208 ----a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-01-18 18:49 94208 ----a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-01-18 18:49 94208 ----a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-31 39408] "DriverMax"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-03-02 8557464] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-11-13 5075776] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "anysee CNO"="c:\program files (x86)\anysee\Driver\CNO.EXE" [2010-12-08 1273856] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-05-19 234792] . c:\users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ SABnzbd.lnk - c:\program files (x86)\SABnzbd\SABnzbd.exe [2011-12-9 350208] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer4"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 136176] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-31 79360] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 136176] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 vpcuxd;Stubservice voor USB-virtualisatie;c:\windows\system32\DRIVERS\vpcuxd.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x] S0 tdrpman255;Acronis Try&Decide and Restore Points filter (build 255);c:\windows\system32\DRIVERS\tdrpm255.sys [x] S1 AMTBDA_P861F;anysee Capture Service;c:\windows\system32\DRIVERS\anyseeTU.SYS [x] S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/02/20 20:55];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-05-20 14:31 148976] S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-01-01 2475952] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-05-19 83240] S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-05-12 70952] S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-05-12 312616] S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-05-19 75248] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840] S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592] S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x] S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [x] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - 92553294 *Deregistered* - 92553294 . Inhoud van de 'Gedeelde Taken' map . 2012-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 16:06] . 2012-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 16:06] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-01-18 18:49 97792 ----a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HK
  • Er zit een map PCTools in jouw Windows. Heb je ooit deze beveiligingssoftware gebruikt. Doe nu ook het volgende: [b:c354a7ee2a][url=http://www.eset.com/onlinescan/]de ESET online scan (Klik).[/url][/b:c354a7ee2a] [list:c354a7ee2a] [*:c354a7ee2a]Klik op de knop [b:c354a7ee2a]ESET Online Scanner[/b:c354a7ee2a] [*:c354a7ee2a]Zet een vinkje bij [b:c354a7ee2a]YES, I accept the Terms of Use[/b:c354a7ee2a] [*:c354a7ee2a]Klik op [b:c354a7ee2a]Start[/b:c354a7ee2a] [*:c354a7ee2a]Sta het ActiveX control toe om te installeren. [*:c354a7ee2a]Zet een vinkje bij de volgende opties: [list:c354a7ee2a][*:c354a7ee2a][b:c354a7ee2a]Remove found threats[/b:c354a7ee2a] [*:c354a7ee2a][b:c354a7ee2a]Scan archives[/b:c354a7ee2a][/list:u:c354a7ee2a] [*:c354a7ee2a]Klik vervolgens op [b:c354a7ee2a][color=#0000FF:c354a7ee2a]"Advanced Settings"[/color:c354a7ee2a][/b:c354a7ee2a] [list:c354a7ee2a][*:c354a7ee2a][b:c354a7ee2a]Scan for potentially unwanted applications[/b:c354a7ee2a] [*:c354a7ee2a][b:c354a7ee2a]Scan for potentially unsafe applications[/b:c354a7ee2a] [*:c354a7ee2a][b:c354a7ee2a]Enable Anti-Stealth technology [/b:c354a7ee2a][/list:u:c354a7ee2a] [*:c354a7ee2a]Klik op [b:c354a7ee2a]Start[/b:c354a7ee2a] [*:c354a7ee2a]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:c354a7ee2a]is de scan klaar, daarna mag jij het venster sluiten omdat de scan klaar is. [*:c354a7ee2a]Ga vervolgens naar C:\Program Files\ESET\ESET Online Scanner en klik daar op log.txt [*:c354a7ee2a]Selekteer, kopieer en plak dan de inhoud van dit log in je volgende bericht.[/list:u:c354a7ee2a] [color=#0000FF:c354a7ee2a][b:c354a7ee2a]N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller![/b:c354a7ee2a][/color:c354a7ee2a]
  • kan die pctools niet vinden hoor. en nee die gebruik ik niet, staat waarschijnlijk ergens op een externe schijf. is in ieder geval niet geinstalleerd voor zover ik kan nagaan.,
  • We gaan dan maar eens zoeken: [b:2fac3ab996]Welk programma[/b:2fac3ab996]: Zoek.exe [b:2fac3ab996]Waarvoor/waarom[/b:2fac3ab996]: multifunktioneel tool [b:2fac3ab996]Moeilijkheidsgraad[/b:2fac3ab996]: geen. [b:2fac3ab996]Download[/b:2fac3ab996]: [url=http://home.kpn.nl/stefsmeenk/zoek.exe][b:2fac3ab996]zoek.exe[/b:2fac3ab996][/url] [b:2fac3ab996]"Zoek.exe" gebruiken[/b:2fac3ab996]: [list:2fac3ab996][*:2fac3ab996] [b:2fac3ab996][color=#0000FF:2fac3ab996]Sluit nu eerst alle nog openstaande programmavensters![/color:2fac3ab996][/b:2fac3ab996] [list:2fac3ab996][*:2fac3ab996][b:2fac3ab996][color=#0000FF:2fac3ab996]Windows 2000[/color:2fac3ab996][/b:2fac3ab996] en [color=#0000FF:2fac3ab996][b:2fac3ab996]Windows XP[/b:2fac3ab996][/color:2fac3ab996]: start het tool middels dubbelklik op "[i:2fac3ab996]Zoek.exe[/i:2fac3ab996]". [*:2fac3ab996][color=#0000FF:2fac3ab996][b:2fac3ab996]Windows Vista[/b:2fac3ab996][/color:2fac3ab996] en [color=#0000FF:2fac3ab996][b:2fac3ab996]Windows 7[/b:2fac3ab996][/color:2fac3ab996]: start het tool middels rechtsklik op "[i:2fac3ab996]Zoek.exe[/i:2fac3ab996]" en dan kiezen voor [i:2fac3ab996][b:2fac3ab996]Als Administrator uitvoeren[/b:2fac3ab996][/i:2fac3ab996].[/list:u:2fac3ab996][/list:u:2fac3ab996] Er start nu een zwart CMD/Opdrachtpromptvenster op. [list:2fac3ab996][*:2fac3ab996]Typ nu in dat venster [b:2fac3ab996]B[/b:2fac3ab996] gevolgd door Enter om "Custom search" te starten. [*:2fac3ab996]Een kladblokdocument met de naam "input.txt" zal nu openen. [*:2fac3ab996]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenster[/list:u:2fac3ab996] [b:2fac3ab996][color=#0000FF:2fac3ab996] PC Tools; [/color:2fac3ab996][/b:2fac3ab996] [list:2fac3ab996][*:2fac3ab996]Wanneer je de blauwe gekleurde tekst in het lege kladblokvenster geplakt hebt, mag je input.txt sluiten, laat de wijzigingen opslaan.[/list:u:2fac3ab996] [img:2fac3ab996]http://www.imgdumper.nl/uploads5/4f4375db0bc34/4f4375db0a8b1-Zoekexe.png[/img:2fac3ab996] [list:2fac3ab996][*:2fac3ab996]Hierna begint de scan te lopen, wacht geduldig tot een log opent en post het resultaat in je volgende bericht.[/list:u:2fac3ab996]
  • ja gevonden, zal ik het maar verwijderen? staat bij programdata
  • Post nu eerst het log van Zoek.exe!
  • Zoek.exe Version 2.0.0.9 Updated 04-March-2012 Tool run by Nico on ma 05-03-2012 at 19:44:16,72. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running from: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5575LC1\zoek.exe ==== Folders Found ====================== 2012-03-04 08:41:03 2012-03-04 08:41:03 -------- d-----w- C:\ProgramData\PC Tools 2012-03-04 08:41:03 2012-03-04 08:41:03 -------- d-----w- C:\Users\All Users\PC Tools ==== Files Found ======================
  • ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=5aa199a374dafc498c151a7377bece71 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-03-05 06:47:31 # local_time=2012-03-05 07:47:31 (+0100, West-Europa (standaardtijd)) # country="Netherlands" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 117785 117785 0 0 # compatibility_mode=5893 16776574 100 94 70318 82597237 0 0 # compatibility_mode=8192 67108863 100 0 3794 3794 0 0 # scanned=181772 # found=1 # cleaned=1 # scan_time=5864 F:\Newsleecher Downloads\Advanced Uninstaller PROv1057(2012)-banDulu\Advanced_Uninstaller10.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C
  • Het begint er inmiddels goed uit te zien. [b:4561a38ae4]"Zoek.exe van Smeenk" gebruiken[/b:4561a38ae4]: [list:4561a38ae4][*:4561a38ae4] [b:4561a38ae4][color=#0000FF:4561a38ae4]Sluit nu eerst alle nog openstaande programmavensters![/color:4561a38ae4][/b:4561a38ae4] [list:4561a38ae4][*:4561a38ae4][b:4561a38ae4][color=#0000FF:4561a38ae4]Windows 2000[/color:4561a38ae4][/b:4561a38ae4] en [color=#0000FF:4561a38ae4][b:4561a38ae4]Windows XP[/b:4561a38ae4][/color:4561a38ae4]: start het tool middels dubbelklik op "[i:4561a38ae4]Zoek.exe van Smeenk[/i:4561a38ae4]". [*:4561a38ae4][color=#0000FF:4561a38ae4][b:4561a38ae4]Windows Vista[/b:4561a38ae4][/color:4561a38ae4] en [color=#0000FF:4561a38ae4][b:4561a38ae4]Windows 7[/b:4561a38ae4][/color:4561a38ae4]: start het tool middels rechtsklik op "[i:4561a38ae4]Zoek.exe van Smeenk[/i:4561a38ae4]" en dan kiezen voor [i:4561a38ae4][b:4561a38ae4]Als Administrator uitvoeren[/b:4561a38ae4][/i:4561a38ae4].[/list:u:4561a38ae4][/list:u:4561a38ae4] Er start nu een zwart CMD/Opdrachtpromptvenster op. [list:4561a38ae4][*:4561a38ae4]Typ nu in dat venster [b:4561a38ae4]C[/b:4561a38ae4] gevolgd door Enter om "Delete files/folders" te starten. [*:4561a38ae4]Een kladblokdocument met de naam "input.txt" zal nu openen. [*:4561a38ae4]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenster[/list:u:4561a38ae4] [b:4561a38ae4][color=#0000FF:4561a38ae4] C:\ProgramData\PC Tools; C:\Users\All Users\PC Tools; [/color:4561a38ae4][/b:4561a38ae4] [list:4561a38ae4][*:4561a38ae4]Wanneer je de blauwe gekleurde tekst in het lege kladblokvenster geplakt hebt, mag je input.txt sluiten, laat de wijzigingen opslaan.[/list:u:4561a38ae4] [indent][indent][img:4561a38ae4]http://www.imgdumper.nl/uploads5/4f4375db0bc34/4f4375db0a8b1-Zoekexe.png[/img:4561a38ae4][/indent][/indent] [list:4561a38ae4][*:4561a38ae4]Hierna begint de scan te lopen, wacht geduldig tot een log opent en post het resultaat in je volgende bericht. [*:4561a38ae4]Het kan gebeuren dat de computer rebooten moet.[/list:u:4561a38ae4]
  • Zoek.exe Version 2.0.0.9 Updated 04-March-2012 Tool run by Nico on ma 05-03-2012 at 21:17:06,40. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running from: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\388BECAG\zoek.exe ==== Deleting Files \ Folders ====================== "C:\Users\All Users\PC Tools" deleted "C:\Users\All Users\PC Tools\DownloadManager" deleted "C:\Users\All Users\PC Tools\DownloadManager\Security" deleted "C:\Users\All Users\PC Tools\DownloadManager\Security\7.0.0.0" deleted "C:\Users\All Users\PC Tools\DownloadManager\Security\7.0.0.0\SD" deleted "C:\Users\All Users\PC Tools\DownloadManager\Security\7.0.0.0\SD\NRM" deleted "C:\Users\All Users\PC Tools\DownloadManager\Security\7.0.0.0\SD\NRMA" deleted "C:\Users\All Users\PC Tools\DownloadManager\Security\7.0.0.0\SD\NRM\1" deleted "C:\Users\All Users\PC Tools\DownloadManager\Security\7.0.0.0\SD\NRMA\17" delete
  • Hmm PCTools is dus nog niet helemaal verwijdert. Zorg ervoor dat alle openstaande webbrowservensters gesloten zijn. Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:d43c7beefb]Kladblok (of Notepad)[/b:d43c7beefb]". . Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster [b:d43c7beefb][color=#0000FF:d43c7beefb]ClearJavaCache:: Folder:: C:\ProgramData\PC Tools[/color:d43c7beefb][/b:d43c7beefb] Sla dit kladblokbestand op je bureaublad op als [b:d43c7beefb]CFScript.txt[/b:d43c7beefb]. [b:d43c7beefb][color=#FF0000:d43c7beefb]Nu eerst de antivirus deaktiveren![/color:d43c7beefb][/b:d43c7beefb] Sleep CFScript.txt in ComboFix.exe [img:d43c7beefb]http://crew.nucia.eu/smeenk/CFScript.gif[/img:d43c7beefb] Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt. Post het Combofix log dat na het opnieuw starten wordt getoond! Ingeval Combofix je computer opnieuw heeft opgestart (of jij dat hebt gedaan), vindt je het log ook in [b:d43c7beefb]C:\Combofix.txt[/b:d43c7beefb] [b:d43c7beefb]Belangrijke opmerking[/b:d43c7beefb]: [list:d43c7beefb][*:d43c7beefb][b:d43c7beefb][color=Red:d43c7beefb]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:d43c7beefb][/b:d43c7beefb] [*:d43c7beefb][b:d43c7beefb][color=blue:d43c7beefb]Illegal operation attempted on a registery key that has been marked for deletion.[/color:d43c7beefb][/b:d43c7beefb] [*:d43c7beefb][b:d43c7beefb][color=Red:d43c7beefb]Start dan de computer opnieuw op.[/color:d43c7beefb][/b:d43c7beefb][/list:u:d43c7beefb]
  • ComboFix 12-03-04.01 - Nico 06-03-2012 16:30:31.3.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.6135.4477 [GMT 1:00] Gestart vanuit: c:\users\Nico\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Nico\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-02-06 to 2012-03-06 )))))))))))))))))))))))))))))) . . 2012-03-06 15:33 . 2012-03-06 15:33 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-05 20:33 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{38F93891-5235-468D-A92A-53D48EF295AE}\mpengine.dll 2012-03-05 18:44 . 2012-03-05 18:44 -------- d-----w- c:\users\Nico\AppData\Roaming\Gena01 2012-03-05 18:11 . 2012-03-05 18:11 -------- d-----w- c:\users\Nico\AppData\Local\CyberLink 2012-03-05 17:06 . 2012-03-05 17:06 -------- d-----w- c:\program files (x86)\ESET 2012-03-04 22:19 . 2012-03-04 22:35 -------- d-----w- C:\TDSSStarter 2012-03-04 14:36 . 2012-03-04 14:36 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-03-04 14:36 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-04 09:26 . 2012-03-04 09:26 388096 ----a-r- c:\users\Nico\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-04 09:26 . 2012-03-04 09:26 -------- d-----w- c:\program files (x86)\Trend Micro 2012-03-04 09:24 . 2012-03-04 09:24 484664 ----a-w- c:\program files\hijackthis-s32-downloader.exe 2012-03-04 08:58 . 2012-03-04 08:58 -------- d-----w- c:\program files (x86)\Common Files\Innovative Solutions 2012-03-04 08:58 . 2009-11-05 15:36 47984 ----a-w- c:\windows\SysWow64\AdvUninstCPL.cpl 2012-03-04 08:57 . 2012-03-04 08:58 -------- d-----w- c:\programdata\Innovative Solutions 2012-03-04 08:41 . 2012-03-04 08:41 -------- d-----w- c:\users\Nico\AppData\Roaming\TestApp 2012-03-04 08:20 . 2012-03-04 08:20 -------- d-----w- c:\programdata\Binarysense 2012-03-04 08:18 . 2012-03-04 08:18 -------- d-----w- c:\program files (x86)\BinarySense 2012-02-26 15:22 . 2009-12-07 18:53 117504 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys 2012-02-26 15:22 . 2009-12-07 18:36 246224 ----a-w- c:\windows\system32\drivers\ewusbnet.sys 2012-02-26 15:22 . 2009-10-12 14:23 114304 ----a-w- c:\windows\system32\drivers\ewusbdev.sys 2012-02-26 15:22 . 2007-08-09 03:10 29696 ----a-w- c:\windows\system32\drivers\ewdcsc.sys 2012-02-26 15:22 . 2012-02-26 15:23 -------- d-----w- c:\program files (x86)\Mobile Partner 2012-02-26 15:11 . 2012-02-26 15:11 -------- d-----w- c:\program files (x86)\Xirrus 2012-02-26 07:18 . 2012-02-26 07:18 -------- d-----w- c:\users\Nico\AppData\Local\MetaGeek,_LLC 2012-02-25 21:33 . 2012-02-25 21:33 -------- d-----w- c:\program files (x86)\MetaGeek 2012-02-24 21:55 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll 2012-02-24 21:55 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll 2012-02-24 21:55 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll 2012-02-24 21:55 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll 2012-02-24 21:55 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll 2012-02-24 21:55 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll 2012-02-24 21:55 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll 2012-02-24 21:55 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll 2012-02-24 21:55 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\SysWow64\d3dx9_35.dll 2012-02-24 21:55 . 2007-05-16 15:45 3497832 ----a-w- c:\windows\SysWow64\d3dx9_34.dll 2012-02-20 19:56 . 2012-02-20 19:56 -------- d-----w- c:\users\Nico\AppData\Roaming\CyberLink 2012-02-20 19:55 . 2012-02-20 19:55 -------- d-----w- c:\programdata\PDVD 2012-02-20 19:54 . 2012-02-20 19:57 -------- d-----w- c:\programdata\CyberLink 2012-02-20 19:54 . 2012-02-20 19:54 -------- d-----w- c:\users\Nico\AppData\Local\MediaServer 2012-02-20 19:54 . 2012-02-20 19:54 -------- d-----w- c:\program files (x86)\CyberLink 2012-02-20 19:53 . 2012-02-20 19:54 -------- d-----w- c:\programdata\install_clap 2012-02-19 20:50 . 2012-02-19 20:54 -------- d-----w- c:\users\Nico\AppData\Roaming\TeamViewer 2012-02-19 07:21 . 2012-02-19 07:21 -------- d-----w- c:\users\Nico\AppData\Roaming\Downloaded Installations 2012-02-15 21:04 . 2012-02-15 21:04 -------- d-----w- c:\programdata\4Videosoft Studio 2012-02-15 21:03 . 2012-02-15 21:03 -------- d-----w- c:\program files (x86)\4Videosoft Studio 2012-02-15 20:58 . 2012-02-15 20:58 -------- d-----w- c:\users\Nico\AppData\Roaming\WinAVI 2012-02-15 20:58 . 2012-02-15 20:58 -------- d-----w- c:\users\Nico\AppData\Local\WinAVI 2012-02-15 20:58 . 2012-02-15 21:08 -------- d-----w- c:\program files (x86)\WinAVI 2012-02-15 20:43 . 2012-02-15 20:43 -------- d-----w- c:\programdata\Nero 2012-02-15 20:43 . 2012-02-15 20:43 -------- d-----w- c:\program files (x86)\Nero 2012-02-15 20:43 . 2012-02-15 20:43 -------- d-----w- c:\program files (x86)\Common Files\Ahead 2012-02-15 07:01 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-15 07:01 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-02-15 07:01 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl 2012-02-15 07:01 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl 2012-02-15 07:01 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-02-15 07:01 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys 2012-02-15 07:01 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-15 07:01 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2012-02-14 16:23 . 2012-02-14 16:23 -------- d-----w- C:\Need4Video files 2012-02-14 16:20 . 2012-02-14 16:20 -------- d-----w- c:\program files (x86)\Need4 Video Converter 9 2012-02-14 15:50 . 2012-02-14 15:50 -------- d-----w- c:\users\Nico\AppData\Local\Western Digital 2012-02-14 11:36 . 2012-02-14 11:36 -------- d-----w- c:\users\Nico\AppData\Roaming\AVS4YOU 2012-02-14 11:32 . 2012-02-14 11:37 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia 2012-02-14 11:32 . 2012-02-14 11:37 -------- d-----w- c:\program files (x86)\AVS4YOU 2012-02-14 11:32 . 2012-02-14 11:36 -------- d-----w- c:\programdata\AVS4YOU 2012-02-14 11:32 . 2011-08-22 15:33 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll 2012-02-14 11:32 . 2011-08-22 15:32 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll 2012-02-14 11:20 . 2012-02-14 11:22 -------- d-----w- c:\users\Nico\AppData\Local\Ahead 2012-02-14 11:19 . 2012-03-05 19:20 -------- d-----w- c:\users\Nico\AppData\Roaming\Ahead 2012-02-14 11:19 . 2012-02-14 11:19 -------- d-----w- c:\programdata\Ahead 2012-02-11 10:50 . 2012-02-11 10:50 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0D14A808-BD25-41E3-94DF-A603DD648E24}\gapaengine.dll 2012-02-11 10:50 . 2011-12-31 17:55 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-02-09 19:37 . 2012-02-09 19:54 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-02-09 19:37 . 2012-02-09 19:38 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2012-02-09 11:10 . 2012-02-09 11:11 -------- d-----w- c:\users\Nico\AppData\Roaming\tiger-k 2012-02-09 11:10 . 2012-02-09 11:10 -------- d-----w- c:\users\Nico\AppData\Roaming\Leawo 2012-02-09 11:08 . 2011-03-02 10:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll 2012-02-09 11:08 . 2012-02-09 11:08 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack 2012-02-09 11:08 . 2008-10-28 09:10 139264 ----a-w- c:\windows\SysWow64\xvid.ax 2012-02-09 11:08 . 2008-10-08 08:45 606208 ----a-w- c:\windows\SysWow64\xvidcore.dll 2012-02-09 08:41 . 2012-02-09 08:41 -------- d-----w- c:\program files (x86)\Productivity_3.1 2012-02-05 18:59 . 2012-02-05 18:59 -------- d-----w- c:\programdata\InstallShield 2012-02-05 18:59 . 2012-02-05 18:59 -------- d-----w- c:\program files (x86)\Common Files\InstallShield Shared . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-29 06:36 . 2011-12-31 19:09 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-08 07:13 . 2012-01-01 14:25 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-01-31 12:44 . 2011-12-31 16:50 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-01-02 07:56 . 2012-01-02 07:56 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-01-01 15:36 . 2011-12-31 17:53 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2012-01-01 15:20 . 2012-01-01 15:20 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2012-01-01 15:20 . 2012-01-01 15:20 882512 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-01-01 09:37 . 2012-01-01 09:37 250464 ----a-w- c:\windows\system32\drivers\afcdp.sys 2012-01-01 09:37 . 2012-01-01 09:37 1477152 ----a-w- c:\windows\system32\drivers\tdrpm255.sys 2012-01-01 09:37 . 2012-01-01 09:37 929312 ----a-w- c:\windows\system32\drivers\timntr.sys 2012-01-01 09:37 . 2012-01-01 09:37 254496 ----a-w- c:\windows\system32\drivers\snapman.sys 2011-12-31 18:13 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2011-12-31 18:13 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2011-12-31 17:54 . 2011-12-31 17:54 53248 ----a-r- c:\users\Nico\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2011-12-31 16:39 . 2011-12-31 16:39 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-12-31 16:39 . 2011-12-31 16:39 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-12-31 16:39 . 2011-12-31 16:39 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2011-12-31 16:39 . 2011-12-31 16:39 85504 ----a-w- c:\windows\system32\iesetup.dll 2011-12-31 16:39 . 2011-12-31 16:39 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2011-12-31 16:39 . 2011-12-31 16:39 76800 ----a-w- c:\windows\system32\tdc.ocx 2011-12-31 16:39 . 2011-12-31 16:39 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2011-12-31 16:39 . 2011-12-31 16:39 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2011-12-31 16:39 . 2011-12-31 16:39 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2011-12-31 16:39 . 2011-12-31 16:39 603648 ----a-w- c:\windows\system32\vbscript.dll 2011-12-31 16:39 . 2011-12-31 16:39 49664 ----a-w- c:\windows\system32\imgutil.dll 2011-12-31 16:39 . 2011-12-31 16:39 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2011-12-31 16:39 . 2011-12-31 16:39 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-12-31 16:39 . 2011-12-31 16:39 448512 ----a-w- c:\windows\system32\html.iec 2011-12-31 16:39 . 2011-12-31 16:39 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2011-12-31 16:39 . 2011-12-31 16:39 367104 ----a-w- c:\windows\SysWow64\html.iec 2011-12-31 16:39 . 2011-12-31 16:39 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2011-12-31 16:39 . 2011-12-31 16:39 30720 ----a-w- c:\windows\system32\licmgr10.dll 2011-12-31 16:39 . 2011-12-31 16:39 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2011-12-31 16:39 . 2011-12-31 16:39 222208 ----a-w- c:\windows\system32\msls31.dll 2011-12-31 16:39 . 2011-12-31 16:39 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2011-12-31 16:39 . 2011-12-31 16:39 165888 ----a-w- c:\windows\system32\iexpress.exe 2011-12-31 16:39 . 2011-12-31 16:39 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2011-12-31 16:39 . 2011-12-31 16:39 160256 ----a-w- c:\windows\system32\wextract.exe 2011-12-31 16:39 . 2011-12-31 16:39 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2011-12-31 16:39 . 2011-12-31 16:39 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2011-12-31 16:39 . 2011-12-31 16:39 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2011-12-31 16:39 . 2011-12-31 16:39 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-12-31 16:39 . 2011-12-31 16:39 12288 ----a-w- c:\windows\system32\mshta.exe 2011-12-31 16:39 . 2011-12-31 16:39 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2011-12-31 16:39 . 2011-12-31 16:39 114176 ----a-w- c:\windows\system32\admparse.dll 2011-12-31 16:39 . 2011-12-31 16:39 111616 ----a-w- c:\windows\system32\iesysprep.dll 2011-12-31 16:39 . 2011-12-31 16:39 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2011-12-31 16:39 . 2011-12-31 16:39 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2011-12-31 15:59 . 2011-12-31 15:59 419840 ----a-w- c:\windows\system32\wrap_oal.dll 2011-12-31 15:59 . 2011-12-31 15:59 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2011-12-31 15:59 . 2011-12-31 15:59 133632 ----a-w- c:\windows\system32\OpenAL32.dll 2011-12-31 15:59 . 2011-12-31 15:59 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-03-04_22.27.08 ))))))))))))))))))))))))))))))))))))))))) . + 2011-12-31 16:20 . 2012-03-06 15:04 46158 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-03-06 15:04 32520 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2011-12-31 16:00 . 2012-03-04 20:46 5808 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1109764070-618117929-3508857997-1001_UserData.bin + 2011-12-31 16:00 . 2012-03-06 15:04 5808 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1109764070-618117929-3508857997-1001_UserData.bin - 2012-03-04 20:45 . 2012-03-04 20:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-03-06 15:02 . 2012-03-06 15:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-03-04 20:45 . 2012-03-04 20:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-03-06 15:02 . 2012-03-06 15:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-07-14 09:16 . 2012-03-06 15:08 708176 c:\windows\system32\perfh013.dat - 2009-07-14 09:16 . 2012-03-04 20:52 708176 c:\windows\system32\perfh013.dat + 2009-07-14 02:36 . 2012-03-06 15:08 621352 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2012-03-04 20:52 621352 c:\windows\system32\perfh009.dat + 2009-07-14 09:16 . 2012-03-06 15:08 136066 c:\windows\system32\perfc013.dat - 2009-07-14 09:16 . 2012-03-04 20:52 136066 c:\windows\system32\perfc013.dat + 2009-07-14 02:36 . 2012-03-06 15:08 108572 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2012-03-04 20:52 108572 c:\windows\system32\perfc009.dat + 2009-07-14 04:46 . 2012-03-05 16:55 107952 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2009-07-14 05:01 . 2012-03-04 20:44 392092 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-03-06 09:11 392092 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-12-31 17:57 . 2012-03-06 09:11 32119890 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1109764070-618117929-3508857997-1001-12288.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2010-11-29 14:26 3908192 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-11-29 3908192] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-01-18 18:49 94208 ----a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-01-18 18:49 94208 ----a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-01-18 18:49 94208 ----a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-01-18 18:49 94208 ----a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-31 39408] "DriverMax"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-03-02 8557464] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-11-13 5075776] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "anysee CNO"="c:\program files (x86)\anysee\Driver\CNO.EXE" [2010-12-08 1273856] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-05-19 234792] . c:\users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ SABnzbd.lnk - c:\program files (x86)\SABnzbd\SABnzbd.exe [2011-12-9 350208] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer4"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 136176] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-31 79360] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 136176] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 vpcuxd;Stubservice voor USB-virtualisatie;c:\windows\system32\DRIVERS\vpcuxd.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x] S0 tdrpman255;Acronis Try&Decide and Restore Points filter (build 255);c:\windows\system32\DRIVERS\tdrpm255.sys [x] S1 AMTBDA_P861F;anysee Capture Service;c:\windows\system32\DRIVERS\anyseeTU.SYS [x] S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/02/20 20:55];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-05-20 14:31 148976] S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-01-01 2475952] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-05-19 83240] S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-05-12 70952] S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-05-12 312616] S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-05-19 75248] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840] S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592] S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x] S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [x] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2012-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 16:06] . 2012-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 16:06] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-01-18 18:49 97792 ----a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-01-18 18:49 97792 ----a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-01-18 18:49 97792 ----a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-01-18 18:49 97792 ----a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152] "Acronis Scheduler2Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-11-13 357304] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.symbaloo.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Converteren naar Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Converteren naar bestaande PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: Geselecteerde koppelingen converteren naar Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Geselecteerde koppelingen converteren naar bestaande PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Koppelingsdoel converteren naar Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Koppelingsdoel converteren naar bestaande PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Selectie converteren naar Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Selectie converteren naar bestaande PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html TCP: DhcpNameServer = 192.168.178.1 . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.032" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.abr" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.ani" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.arw" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.bay" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.bmp" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.bw" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.cr2" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.crw" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.cs1" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.cur" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.dcr" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.dcx" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.dib" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.djv" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.djvu" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.dng" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.emf" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.eps" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.erf" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.fff" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.fpx" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.gif" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.hdr" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.icl" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.icn" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.iff" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.ilbm" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.int" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.inta" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.iw4" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.j2c" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.j2k" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.jbr" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.jfif" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.jif" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.jp2" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.jpc" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.jpe" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.jpeg" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.jpg" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.jpk" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.jpx" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.kdc" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.lbm" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.mef" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.mos" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.mrw" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.nef" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.orf" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.pbm" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.pbr" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.pcd" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.pct" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.pcx" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.pef" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.pgm" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.pic" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.pict" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.pix" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.png" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.ppm" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.psd" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.psp" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.pspbrush" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.pspimage" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.raf" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.ras" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.raw" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.rgb" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.rgba" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.rle" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.rsb" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.sgi" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.sr2" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.srf" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.tga" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.thm" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.tif" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.tiff" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.ttc" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.ttf" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11o\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.v11o" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11p\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.v11p" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11pf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.v11pf" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.wbm" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.wbmp" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.wmf" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.xbm" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.xif" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.xmp" . [HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 2009.xpm" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-03-06 16:34:55 ComboFix-quarantined-files.txt 2012-03-06 15:34 ComboFix2.txt 2012-03-04 22:33 ComboFix3.txt 2012-03-04 22:28 . Pre-Run: 77.815.324.672 bytes beschikbaar Post-Run: 78.439.641.088 bytes beschikbaar . - - End Of File - - 39891E75B8F1BA6873B258A1EB84CF67
  • Ga het volgende doen: [b:9913b2176d][url=http://www.eset.com/onlinescan/]de ESET online scan (Klik).[/url][/b:9913b2176d] [list:9913b2176d] [*:9913b2176d]Klik op de knop [b:9913b2176d]ESET Online Scanner[/b:9913b2176d] [*:9913b2176d]Zet een vinkje bij [b:9913b2176d]YES, I accept the Terms of Use[/b:9913b2176d] [*:9913b2176d]Klik op [b:9913b2176d]Start[/b:9913b2176d] [*:9913b2176d]Sta het ActiveX control toe om te installeren. [*:9913b2176d]Zet een vinkje bij de volgende opties: [list:9913b2176d][*:9913b2176d][b:9913b2176d]Remove found threats[/b:9913b2176d] [*:9913b2176d][b:9913b2176d]Scan archives[/b:9913b2176d][/list:u:9913b2176d] [*:9913b2176d]Klik vervolgens op [b:9913b2176d][color=#0000FF:9913b2176d]"Advanced Settings"[/color:9913b2176d][/b:9913b2176d] [list:9913b2176d][*:9913b2176d][b:9913b2176d]Scan for potentially unwanted applications[/b:9913b2176d] [*:9913b2176d][b:9913b2176d]Scan for potentially unsafe applications[/b:9913b2176d] [*:9913b2176d][b:9913b2176d]Enable Anti-Stealth technology [/b:9913b2176d][/list:u:9913b2176d] [*:9913b2176d]Klik op [b:9913b2176d]Start[/b:9913b2176d] [*:9913b2176d]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:9913b2176d]is de scan klaar, daarna mag jij het venster sluiten omdat de scan klaar is. [*:9913b2176d]Ga vervolgens naar C:\Program Files\ESET\ESET Online Scanner en klik daar op log.txt [*:9913b2176d]Selekteer, kopieer en plak dan de inhoud van dit log in je volgende bericht.[/list:u:9913b2176d] [color=#0000FF:9913b2176d][b:9913b2176d]N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller![/b:9913b2176d][/color:9913b2176d]
  • ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=5aa199a374dafc498c151a7377bece71 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-03-05 06:47:31 # local_time=2012-03-05 07:47:31 (+0100, West-Europa (standaardtijd)) # country="Netherlands" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 117785 117785 0 0 # compatibility_mode=5893 16776574 100 94 70318 82597237 0 0 # compatibility_mode=8192 67108863 100 0 3794 3794 0 0 # scanned=181772 # found=1 # cleaned=1 # scan_time=5864 F:\Newsleecher Downloads\Advanced Uninstaller PROv1057(2012)-banDulu\Advanced_Uninstaller10.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=5aa199a374dafc498c151a7377bece71 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-03-06 10:12:17 # local_time=2012-03-06 11:12:17 (+0100, West-Europa (standaardtijd)) # country="Netherlands" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 217658 217658 0 0 # compatibility_mode=5893 16776574 100 94 170191 82697110 0 0 # compatibility_mode=8192 67108863 100 0 103667 103667 0 0 # scanned=184523 # found=0 # cleaned=0 # scan_time=4676
  • blijf last van isearch houden als ik een zoekopdracht geef, redelijk irritant. vriendelijk verzoek om het logje van hijack this te bekijken en aan te geven wat ik veilig kan verwijderen. dank alvast Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:28:36, on 4-3-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\SABnzbd\SABnzbd.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\anysee\Driver\CNO.exe C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe C:\PROGRA~2\MICROS~3\Office12\OUTLOOK.EXE C:\Program Files (x86)\Spotnet\Spotnet.exe C:\Program Files (x86)\Spotnet\SABnzbd.exe F:\Newsleecher Downloads\Advanced Uninstaller PROv1057(2012)-banDulu\crck\Monitor.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={1EFD50B3-2E9B-46E0-80B2-6D099AB91773}&mid=3166752f6b8047d19e719128c0e116f6-86d575b5e754d087a77665dfbc778dde796ffc3c&lang=en&ds=ft011&pr=sa&d=2012-03-04 10:26:35&v=10.0.0.7&sap=hp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [anysee CNO] C:\Program Files (x86)\anysee\Driver\CNO.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [DriverMax] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: SABnzbd.lnk = C:\Program Files (x86)\SABnzbd\SABnzbd.exe O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Converteren naar bestaande PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaande PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Koppelingsdoel converteren naar Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingsdoel converteren naar bestaande PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Selectie converteren naar bestaande PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll O23 - Service: Acronis Scheduler2Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13821 bytes

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.