Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Ook ,jordan bestand op desktop

None
23 antwoorden
  • Op mijn laptop stond het bestand .jordan.
    Volledig verwijderd met hulp van Abraham54.

    Voor de zekerheid ook gezocht op mijn desktop: blijkt dat het bestand hier ook in staat en wel in Administrator C:\documents and settings.
    Het bestand is niet zichtbaar in Windows verkenner.

    Wat te doen?[b:1c2e8330ee][/b:1c2e8330ee]
  • Je hebt nu die map op je bureaublad staan dus.
    Is die map te openen?

    Vreemde zaak.

    Begin hiermee:

    [b:bc3f2958b9]Download LopSD of LOPSD naar je Bureaublad.[/b:bc3f2958b9]
    [list:bc3f2958b9][*:bc3f2958b9] [b:bc3f2958b9]De-activeer bij dit tooltje je antispyware en virusscanner.[/b:bc3f2958b9]
    [list:bc3f2958b9][*:bc3f2958b9][b:bc3f2958b9]Vista- en Windows 7 gebruikers: rechtsklik op LopSD en kies voor "Als Administrator uitvoeren"![/list:u:bc3f2958b9]
    [*:bc3f2958b9] Kies Optie N en Enter
    [*:bc3f2958b9] Klik OK bij het informatie venter
    [*:bc3f2958b9] Kies Optie 2 en Enter
    [*:bc3f2958b9] Aan het eind verschijnt een log ( LopR.txt ) plaats de inhoud ervan in je volgende antwoord[/b:bc3f2958b9][/list:u:bc3f2958b9]
  • Het bestand staat niet op het bureaublad maar in Administrator C:\Documents and settings.
    Het bestand is echter niet zichtbaar maar ik vond het bestand via de zoekfunctie.
    Het bestand is ook niet zichtbaar als ik alle bestanden en systeembestanden laat weergeven.
    Hieronder het log:


    ——————–\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 1700MHz )
    BIOS : Phoenix ROM BIOS PLUS Version 1.10 XP2
    USER : Administrator ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! Antivirus 5.0.100664585 (Not Activated)
    Firewall : PC Tools Firewall Plus 7.0.0 (Not Activated)
    A:\ (USB)
    C:\ (Local Disk) - FAT32 - Total:19 Go (Free:7 Go)
    D:\ (Local Disk) - FAT32 - Total:37 Go (Free:24 Go)
    E:\ (USB)
    F:\ (CD or DVD)
    G:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( vr 07-10-2011|10:50 )





    ——————–\\ Beschrijving van mappen in APPLIC~1

    [17-05-2009|21:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [18-02-2005|14:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [0|bestand(en)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes
    [4|map(pen)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes beschikbaar

    [28-08-2009|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [18-09-2011|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVAST Software
    [24-10-2009|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
    [12-02-2010|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [09-01-2009|16:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [11-10-2008|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hema Album Software Advanced
    [31-10-2010|08:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
    [17-12-2009|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [01-03-2011|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
    [18-02-2005|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [12-09-2006|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Corporation
    [21-02-2005|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [20-05-2005|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1
    View_Profiles
    [30-03-2005|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [01-01-2010|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Registry Gear
    [25-09-2010|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sun
    [18-02-2005|15:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
    [03-08-2008|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [06-11-2010|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [27-07-2005|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [0|bestand(en)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes
    [22|map(pen)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes beschikbaar

    [18-02-2005|14:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [0|bestand(en)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes
    [3|map(pen)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes beschikbaar

    [18-02-2005|14:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [0|bestand(en)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes
    [3|map(pen)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes beschikbaar

    [22-02-2005|16:59] C:\DOCUME~1\JOSHOL~1\APPLIC~1\Adobe
    [22-02-2005|16:59] C:\DOCUME~1\JOSHOL~1\APPLIC~1\AdobeUM
    [18-02-2005|14:40] C:\DOCUME~1\JOSHOL~1\APPLIC~1\Identities
    [20-02-2005|10:19] C:\DOCUME~1\JOSHOL~1\APPLIC~1\Macromedia
    [18-02-2005|14:21] C:\DOCUME~1\JOSHOL~1\APPLIC~1\Microsoft
    [21-02-2005|22:37] C:\DOCUME~1\JOSHOL~1\APPLIC~1\MSN6
    [0|bestand(en)] C:\DOCUME~1\JOSHOL~1\APPLIC~1\bytes
    [8|map(pen)] C:\DOCUME~1\JOSHOL~1\APPLIC~1\bytes beschikbaar

    [24-02-2005|09:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
    [24-02-2005|09:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
    [12-12-2010|16:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\Auslogics
    [21-11-2008|14:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\AutoSizer
    [09-02-2006|06:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Desktop Sidebar
    [29-06-2005|09:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
    [26-06-2005|21:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
    [24-02-2005|08:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [24-02-2005|08:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
    [31-10-2010|08:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\MAGIX
    [31-05-2008|16:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes
    [18-09-2006|11:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Media Player Classic
    [18-02-2005|14:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [29-06-2005|11:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft Games
    [06-11-2010|16:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
    [21-09-2011|08:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\PCToolsFirewallPlus
    [26-02-2005|09:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
    [06-11-2010|16:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\TomTom
    [14-10-2008|19:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Uniblue
    [30-01-2011|10:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Desktop Search
    [30-01-2011|15:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Search
    [0|bestand(en)] C:\DOCUME~1\ADMINI~1\APPLIC~1\bytes
    [23|map(pen)] C:\DOCUME~1\ADMINI~1\APPLIC~1\bytes beschikbaar

    ——————–\\ Geplande Taken gelocaliseerd in C:\WINDOWS\Tasks

    [07-10-2011 10:28][–a——] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [07-10-2011 10:28][–a——] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [07-10-2011 10:53][–a——] C:\WINDOWS\tasks\Google Software Updater.job
    [16-09-2011 16:00][–ah—–] C:\WINDOWS\tasks\{35C9FC60-5B53-429A-A682-980BF67FE179}_DESKTOP_Administrator.job
    [22-09-2011 16:00][–ah—–] C:\WINDOWS\tasks\{02AA7507-4030-4389-9A16-BF1773F7748B}_DESKTOP_Administrator.job
    [07-10-2011 09:00][–ah—–] C:\WINDOWS\tasks\{A4261029-491F-408E-9B24-1CBDDA8068FA}_DESKTOP_Administrator.job
    [06-10-2011 16:26][–ah—–] C:\WINDOWS\tasks\SA.DAT
    [07-09-2001 13:00][-r-h—–] C:\WINDOWS\tasks\desktop.ini

    ——————–\\ Beschrijving van mappen in C:\Program Files

    [24-05-2010|20:36] C:\Program Files\7-Zip
    [22-02-2005|16:58] C:\Program Files\Adobe
    [01-03-2011|17:10] C:\Program Files\Argente - Registry Cleaner
    [24-04-2011|16:01] C:\Program Files\Auslogics
    [24-02-2005|09:26] C:\Program Files\AutoSizer
    [18-09-2011|15:22] C:\Program Files\AVAST Software
    [28-12-2007|14:09] C:\Program Files\Borland
    [10-06-2011|21:56] C:\Program Files\CCleaner
    [18-02-2005|14:22] C:\Program Files\Common Files
    [28-12-2007|14:22] C:\Program Files\ComPlus Applications
    [09-02-2006|06:19] C:\Program Files\Desktop Sidebar
    [21-09-2011|12:28] C:\Program Files\EMET
    [19-11-2009|14:33] C:\Program Files\GLS
    [20-12-2008|11:35] C:\Program Files\Google
    [05-12-2006|21:34] C:\Program Files\Hema Album Software Advanced
    [22-02-2005|16:00] C:\Program Files\InstallShield Installation Information
    [28-12-2007|14:21] C:\Program Files\InterBase Corp
    [18-02-2005|14:32] C:\Program Files\Internet Explorer
    [22-02-2009|15:42] C:\Program Files\Java
    [24-02-2005|11:30] C:\Program Files\Logitech
    [22-09-2011|19:43] C:\Program Files\Malwarebytes' Anti-Malware
    [26-02-2005|10:33] C:\Program Files\messenger
    [29-06-2005|10:19] C:\Program Files\Microsoft AntiSpyware
    [18-02-2005|14:35] C:\Program Files\microsoft frontpage
    [19-02-2005|17:04] C:\Program Files\Microsoft Office
    [18-02-2005|14:33] C:\Program Files\Movie Maker
    [23-09-2011|17:32] C:\Program Files\Mozilla Firefox
    [01-02-2011|11:44] C:\Program Files\MSBuild
    [26-03-2011|15:12] C:\Program Files\MSECache
    [18-02-2005|14:30] C:\Program Files\MSN Gaming Zone
    [15-11-2006|08:07] C:\Program Files\MSXML 4.0
    [18-02-2005|14:32] C:\Program Files\NetMeeting
    [20-06-2005|13:26] C:\Program Files\OfficeUpdate11
    [18-02-2005|14:31] C:\Program Files\Online Services
    [18-02-2005|14:32] C:\Program Files\Outlook Express
    [21-09-2011|08:08] C:\Program Files\PC Tools Firewall Plus
    [30-03-2005|12:15] C:\Program Files\QuickTime
    [01-02-2011|11:43] C:\Program Files\Reference Assemblies
    [01-03-2011|09:12] C:\Program Files\Secunia
    [05-05-2009|17:38] C:\Program Files\StatNeth
    [18-02-2005|15:42] C:\Program Files\support.com
    [01-04-2005|06:13] C:\Program Files\Teletekstbrowser
    [06-11-2010|16:03] C:\Program Files\TomTom HOME 2
    [06-11-2010|16:03] C:\Program Files\TomTom International B.V
    [02-12-2010|17:58] C:\Program Files\Trend Micro
    [18-02-2005|14:40] C:\Program Files\Uninstall Information
    [06-12-2006|14:24] C:\Program Files\Windows Defender
    [30-01-2011|10:29] C:\Program Files\Windows Desktop Search
    [14-12-2005|08:44] C:\Program Files\Windows Live Safety Center
    [18-02-2005|14:32] C:\Program Files\Windows Media Player
    [18-02-2005|14:30] C:\Program Files\Windows NT
    [18-02-2005|14:31] C:\Program Files\WindowsUpdate
    [18-02-2005|14:35] C:\Program Files\xerox
    [0|bestand(en)] C:\Program Files\bytes
    [55|map(pen)] C:\Program Files\bytes beschikbaar

    ——————–\\ Beschrijving van mappen in C:\Program Files\Common Files

    [22-02-2005|16:55] C:\Program Files\Common Files\Adobe
    [28-12-2007|14:09] C:\Program Files\Common Files\Borland Shared
    [19-02-2005|17:04] C:\Program Files\Common Files\Designer
    [22-02-2005|16:00] C:\Program Files\Common Files\InstallShield
    [22-09-2011|19:21] C:\Program Files\Common Files\Java
    [24-02-2005|11:30] C:\Program Files\Common Files\Logitech
    [31-10-2010|08:28] C:\Program Files\Common Files\MAGIX Services
    [18-02-2005|14:22] C:\Program Files\Common Files\Microsoft Shared
    [18-02-2005|14:32] C:\Program Files\Common Files\MSSoap
    [18-02-2005|14:22] C:\Program Files\Common Files\ODBC
    [21-09-2011|08:08] C:\Program Files\Common Files\PC Tools
    [18-02-2005|14:32] C:\Program Files\Common Files\Services
    [18-02-2005|14:22] C:\Program Files\Common Files\SpeechEngines
    [18-02-2005|14:32] C:\Program Files\Common Files\System
    [0|bestand(en)] C:\Program Files\Common Files\bytes
    [16|map(pen)] C:\Program Files\Common Files\bytes beschikbaar

    ——————–\\ Process

    ( 41 Processes )

    … OK !

    ——————–\\ Zoeken met S_Lop

    Geen Lop mappen gevonden !

    ——————–\\ Zoeken naar Lop Bestanden - Mappen

    Geen Lop mappen gevonden !

    ——————–\\ Zoeken doorheen het Register

    ….. OK !

    ——————–\\ Nazicht van het Hosts bestand

    Hosts bestand IN ORDE


    ——————–\\ Zoeken naar verborgen bestanden met Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-10-07 10:58:44
    Windows 5.1.2600 Service Pack 3 FAT NTAPI
    scanning hidden processes …
    scanning hidden files …
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    ——————–\\ Zoeken naar andere infecties


    Geen andere infecties gevonden !

    [F:25][D:11]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    [F:6][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
    [F:31][D:4]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5
    [F:2][D:0]-> C:\Recycled

    1 - "C:\Lop SD\LopR_1.txt" - vr 07-10-2011|11:00 - Option : [2]

    ——————–\\ Scan voltooid om 11:00:15
  • Goed zo.

    We gaan nu toch eerst kijken of er mogelijk een rootkit aktief is?

  • Hierbij de logs:

    12:02:25.0403 2172 TDSS rootkit removing tool 2.6.5.0 Oct 5 2011 20:52:46
    12:02:27.0406 2172 ============================================================
    12:02:27.0406 2172 Current date / time: 2011/10/07 12:02:27.0406
    12:02:27.0406 2172 SystemInfo:
    12:02:27.0406 2172
    12:02:27.0406 2172 OS Version: 5.1.2600 ServicePack: 3.0
    12:02:27.0406 2172 Product type: Workstation
    12:02:27.0406 2172 ComputerName: DESKTOP
    12:02:27.0406 2172 UserName: Administrator
    12:02:27.0406 2172 Windows directory: C:\WINDOWS
    12:02:27.0406 2172 System windows directory: C:\WINDOWS
    12:02:27.0406 2172 Processor architecture: Intel x86
    12:02:27.0406 2172 Number of processors: 1
    12:02:27.0406 2172 Page size: 0x1000
    12:02:27.0406 2172 Boot type: Normal boot
    12:02:27.0406 2172 ============================================================
    12:02:32.0393 2172 Initialize success
    12:02:58.0921 1460 ============================================================
    12:02:58.0921 1460 Scan started
    12:02:58.0921 1460 Mode: Manual;
    12:02:58.0921 1460 ============================================================
    12:02:59.0102 1460 Aavmker4 (95d1de2a6613494e853a9738d5d9acd4) C:\WINDOWS\system32\drivers\Aavmker4.sys
    12:02:59.0102 1460 Aavmker4 - ok
    12:02:59.0312 1460 Abiosdsk - ok
    12:02:59.0512 1460 abp480n5 - ok
    12:02:59.0562 1460 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    12:02:59.0572 1460 ACPI - ok
    12:02:59.0702 1460 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys
    12:02:59.0702 1460 ACPIEC - ok
    12:02:59.0893 1460 adpu160m - ok
    12:03:00.0043 1460 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    12:03:00.0053 1460 aec - ok
    12:03:00.0203 1460 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
    12:03:00.0213 1460 AFD - ok
    12:03:00.0423 1460 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
    12:03:00.0433 1460 agp440 - ok
    12:03:00.0644 1460 Aha154x - ok
    12:03:00.0844 1460 aic78u2 - ok
    12:03:01.0034 1460 aic78xx - ok
    12:03:01.0245 1460 AliIde - ok
    12:03:01.0435 1460 amsint - ok
    12:03:01.0585 1460 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    12:03:01.0595 1460 Arp1394 - ok
    12:03:01.0785 1460 asc - ok
    12:03:01.0986 1460 asc3350p - ok
    12:03:02.0176 1460 asc3550 - ok
    12:03:02.0416 1460 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\WINDOWS\system32\drivers\aswFsBlk.sys
    12:03:02.0426 1460 aswFsBlk - ok
    12:03:02.0506 1460 aswMon2 (fff2dbb17a3c89f87f78d5fa72ca47fd) C:\WINDOWS\system32\drivers\aswMon2.sys
    12:03:02.0516 1460 aswMon2 - ok
    12:03:02.0737 1460 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\WINDOWS\system32\drivers\aswRdr.sys
    12:03:02.0747 1460 aswRdr - ok
    12:03:02.0977 1460 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\WINDOWS\system32\drivers\aswSnx.sys
    12:03:02.0997 1460 aswSnx - ok
    12:03:03.0247 1460 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\WINDOWS\system32\drivers\aswSP.sys
    12:03:03.0268 1460 aswSP - ok
    12:03:03.0498 1460 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\WINDOWS\system32\drivers\aswTdi.sys
    12:03:03.0508 1460 aswTdi - ok
    12:03:03.0598 1460 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    12:03:03.0608 1460 AsyncMac - ok
    12:03:03.0768 1460 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    12:03:03.0778 1460 atapi - ok
    12:03:04.0009 1460 Atdisk - ok
    12:03:04.0059 1460 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    12:03:04.0059 1460 Atmarpc - ok
    12:03:04.0209 1460 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    12:03:04.0209 1460 audstub - ok
    12:03:04.0279 1460 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    12:03:04.0289 1460 Beep - ok
    12:03:04.0389 1460 catchme - ok
    12:03:04.0499 1460 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    12:03:04.0499 1460 cbidf2k - ok
    12:03:04.0710 1460 cd20xrnt - ok
    12:03:04.0780 1460 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    12:03:04.0780 1460 Cdaudio - ok
    12:03:04.0940 1460 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    12:03:04.0950 1460 Cdfs - ok
    12:03:05.0090 1460 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    12:03:05.0100 1460 Cdrom - ok
    12:03:05.0310 1460 Changer - ok
    12:03:05.0521 1460 CmdIde - ok
    12:03:05.0731 1460 Cpqarray - ok
    12:03:05.0881 1460 ctljystk (71007bd2e1e26927fe3e4eb00c0beedf) C:\WINDOWS\system32\DRIVERS\ctljystk.sys
    12:03:05.0881 1460 ctljystk - ok
    12:03:06.0082 1460 dac2w2k - ok
    12:03:06.0282 1460 dac960nt - ok
    12:03:06.0342 1460 DiCapi (16a6f479f49fd1fa06bb5539a3d493f8) C:\WINDOWS\system32\DRIVERS\DISDN\capi20.sys
    12:03:06.0352 1460 DiCapi - ok
    12:03:06.0382 1460 DiMaint (99a1ffd0e527d3b88e34735d85eaaa04) C:\WINDOWS\system32\DRIVERS\DISDN\dimaint.sys
    12:03:06.0392 1460 DiMaint - ok
    12:03:06.0492 1460 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    12:03:06.0502 1460 Disk - ok
    12:03:06.0602 1460 DiWan (1e9038be171ce8374da0659474466280) C:\WINDOWS\system32\DRIVERS\DISDN\Diwan.sys
    12:03:06.0642 1460 DiWan - ok
    12:03:06.0853 1460 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys
    12:03:06.0883 1460 dmboot - ok
    12:03:07.0043 1460 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys
    12:03:07.0053 1460 dmio - ok
    12:03:07.0123 1460 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    12:03:07.0123 1460 dmload - ok
    12:03:07.0253 1460 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    12:03:07.0263 1460 DMusic - ok
    12:03:07.0464 1460 dpti2o - ok
    12:03:07.0584 1460 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    12:03:07.0584 1460 drmkaud - ok
    12:03:07.0724 1460 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
    12:03:07.0724 1460 EL90XBC - ok
    12:03:07.0864 1460 emu10k (01f83e1b5dce05f5cb7d99113ca9e890) C:\WINDOWS\system32\drivers\emu10k1m.sys
    12:03:07.0884 1460 emu10k - ok
    12:03:08.0024 1460 emu10k1 (7ffa171cce6a8bfc774862a578ba39a2) C:\WINDOWS\system32\drivers\ctlfacem.sys
    12:03:08.0034 1460 emu10k1 - ok
    12:03:08.0215 1460 ENTECH - ok
    12:03:08.0375 1460 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    12:03:08.0385 1460 Fastfat - ok
    12:03:08.0485 1460 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    12:03:08.0485 1460 Fdc - ok
    12:03:08.0615 1460 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys
    12:03:08.0625 1460 Fips - ok
    12:03:08.0745 1460 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    12:03:08.0745 1460 Flpydisk - ok
    12:03:08.0926 1460 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    12:03:08.0936 1460 FltMgr - ok
    12:03:09.0016 1460 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    12:03:09.0016 1460 Fs_Rec - ok
    12:03:09.0066 1460 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    12:03:09.0076 1460 Ftdisk - ok
    12:03:09.0226 1460 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
    12:03:09.0226 1460 gameenum - ok
    12:03:09.0286 1460 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    12:03:09.0286 1460 Gpc - ok
    12:03:09.0517 1460 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    12:03:09.0527 1460 HidUsb - ok
    12:03:09.0717 1460 hpn - ok
    12:03:09.0897 1460 hpt3xx - ok
    12:03:10.0037 1460 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    12:03:10.0057 1460 HTTP - ok
    12:03:10.0248 1460 i2omgmt - ok
    12:03:10.0438 1460 i2omp - ok
    12:03:10.0558 1460 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    12:03:10.0568 1460 i8042prt - ok
    12:03:10.0658 1460 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    12:03:10.0658 1460 Imapi - ok
    12:03:10.0858 1460 ini910u - ok
    12:03:11.0009 1460 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys
    12:03:11.0009 1460 IntelIde - ok
    12:03:11.0169 1460 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    12:03:11.0179 1460 ip6fw - ok
    12:03:11.0269 1460 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    12:03:11.0269 1460 IpFilterDriver - ok
    12:03:11.0359 1460 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    12:03:11.0359 1460 IpInIp - ok
    12:03:11.0489 1460 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    12:03:11.0499 1460 IpNat - ok
    12:03:11.0620 1460 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    12:03:11.0620 1460 IPSec - ok
    12:03:11.0740 1460 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    12:03:11.0740 1460 IRENUM - ok
    12:03:11.0880 1460 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    12:03:11.0890 1460 isapnp - ok
    12:03:12.0000 1460 itchfltr (8f1ba487b35f0c8f637e05113aa815f8) C:\WINDOWS\system32\DRIVERS\itchfltr.sys
    12:03:12.0000 1460 itchfltr - ok
    12:03:12.0090 1460 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    12:03:12.0100 1460 Kbdclass - ok
    12:03:12.0150 1460 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    12:03:12.0160 1460 kmixer - ok
    12:03:12.0260 1460 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    12:03:12.0270 1460 KSecDD - ok
    12:03:12.0471 1460 L8042pr2 (0f8b7bf7097d1e8d78f2f52a2bea03cd) C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys
    12:03:12.0481 1460 L8042pr2 - ok
    12:03:12.0691 1460 Lbd (419590ebe7855215bb157ea0cf0d0531) C:\WINDOWS\system32\DRIVERS\Lbd.sys
    12:03:12.0691 1460 Lbd - ok
    12:03:12.0881 1460 lbrtfdc - ok
    12:03:13.0092 1460 LMouFlt2 (aef09673376a4d93c09e8341854f1bf4) C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
    12:03:13.0102 1460 LMouFlt2 - ok
    12:03:13.0222 1460 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    12:03:13.0222 1460 mnmdd - ok
    12:03:13.0272 1460 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys
    12:03:13.0272 1460 Modem - ok
    12:03:13.0332 1460 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    12:03:13.0342 1460 Mouclass - ok
    12:03:13.0552 1460 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    12:03:13.0552 1460 mouhid - ok
    12:03:13.0612 1460 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    12:03:13.0612 1460 MountMgr - ok
    12:03:13.0793 1460 mraid35x - ok
    12:03:13.0993 1460 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    12:03:14.0003 1460 MRxDAV - ok
    12:03:14.0143 1460 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    12:03:14.0163 1460 MRxSmb - ok
    12:03:14.0253 1460 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    12:03:14.0253 1460 Msfs - ok
    12:03:14.0323 1460 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    12:03:14.0333 1460 MSKSSRV - ok
    12:03:14.0394 1460 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    12:03:14.0404 1460 MSPCLOCK - ok
    12:03:14.0514 1460 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    12:03:14.0514 1460 MSPQM - ok
    12:03:14.0684 1460 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    12:03:14.0684 1460 mssmbios - ok
    12:03:14.0854 1460 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    12:03:14.0874 1460 Mup - ok
    12:03:15.0024 1460 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    12:03:15.0044 1460 NDIS - ok
    12:03:15.0275 1460 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS
    distapi.sys
    12:03:15.0285 1460 NdisTapi - ok
    12:03:15.0395 1460 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS
    disuio.sys
    12:03:15.0395 1460 Ndisuio - ok
    12:03:15.0475 1460 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS
    diswan.sys
    12:03:15.0485 1460 NdisWan - ok
    12:03:15.0705 1460 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    12:03:15.0715 1460 NDProxy - ok
    12:03:15.0856 1460 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS
    etbios.sys
    12:03:15.0866 1460 NetBIOS - ok
    12:03:15.0996 1460 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS
    etbt.sys
    12:03:16.0016 1460 NetBT - ok
    12:03:16.0106 1460 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS
    ic1394.sys
    12:03:16.0116 1460 NIC1394 - ok
    12:03:16.0156 1460 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    12:03:16.0166 1460 Npfs - ok
    12:03:16.0316 1460 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    12:03:16.0346 1460 Ntfs - ok
    12:03:16.0436 1460 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    12:03:16.0446 1460 Null - ok
    12:03:16.0747 1460 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS
    v4_mini.sys
    12:03:16.0817 1460 nv - ok
    12:03:17.0007 1460 nv4 (4d31783965b0b7ced7db3f4ee14cf260) C:\WINDOWS\system32\DRIVERS
    v4.sys
    12:03:17.0037 1460 nv4 - ok
    12:03:17.0147 1460 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS
    wlnkflt.sys
    12:03:17.0147 1460 NwlnkFlt - ok
    12:03:17.0248 1460 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS
    wlnkfwd.sys
    12:03:17.0248 1460 NwlnkFwd - ok
    12:03:17.0368 1460 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    12:03:17.0368 1460 ohci1394 - ok
    12:03:17.0448 1460 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys
    12:03:17.0458 1460 Parport - ok
    12:03:17.0578 1460 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    12:03:17.0578 1460 PartMgr - ok
    12:03:17.0668 1460 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys
    12:03:17.0668 1460 ParVdm - ok
    12:03:17.0788 1460 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys
    12:03:17.0798 1460 PCI - ok
    12:03:17.0989 1460 PCIDump - ok
    12:03:18.0159 1460 PCIIde - ok
    12:03:18.0259 1460 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys
    12:03:18.0269 1460 Pcmcia - ok
    12:03:18.0509 1460 PCTAppEvent (7ea0ebd6e5aa687e116eb185a7cfb667) C:\WINDOWS\system32\drivers\PCTAppEvent.sys
    12:03:18.0519 1460 PCTAppEvent - ok
    12:03:18.0760 1460 PCTFW-PacketFilter (60af5fa418efe284fb81dbbf5a0391fb) C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys
    12:03:18.0770 1460 PCTFW-PacketFilter - ok
    12:03:19.0000 1460 pctgntdi (5be722c8c9bba995693c8cd524d83b27) C:\WINDOWS\system32\drivers\pctgntdi.sys
    12:03:19.0020 1460 pctgntdi - ok
    12:03:19.0251 1460 pctNdis (3ec79cfb2e0e74aada8b561ed8904577) C:\WINDOWS\system32\DRIVERS\pctNdis.sys
    12:03:19.0261 1460 pctNdis - ok
    12:03:19.0281 1460 pctNdisMP (3ec79cfb2e0e74aada8b561ed8904577) C:\WINDOWS\system32\DRIVERS\pctNdis.sys
    12:03:19.0281 1460 pctNdisMP - ok
    12:03:19.0401 1460 pctplfw (fe6803af91ddb32ff8edf5d6c0d370af) C:\WINDOWS\system32\drivers\pctplfw.sys
    12:03:19.0411 1460 pctplfw - ok
    12:03:19.0621 1460 PDCOMP - ok
    12:03:19.0831 1460 PDFRAME - ok
    12:03:20.0032 1460 PDRELI - ok
    12:03:20.0262 1460 PDRFRAME - ok
    12:03:20.0502 1460 perc2 - ok
    12:03:20.0703 1460 perc2hib - ok
    12:03:20.0893 1460 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    12:03:20.0893 1460 PptpMiniport - ok
    12:03:21.0003 1460 Processor (82a17eca34d801590a67c0a2244965ed) C:\WINDOWS\system32\DRIVERS\processr.sys
    12:03:21.0013 1460 Processor - ok
    12:03:21.0103 1460 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\WINDOWS\system32\DRIVERS\psi_mf.sys
    12:03:21.0103 1460 PSI - ok
    12:03:21.0153 1460 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    12:03:21.0163 1460 Ptilink - ok
    12:03:21.0213 1460 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
    12:03:21.0213 1460 PxHelp20 - ok
    12:03:21.0404 1460 ql1080 - ok
    12:03:21.0604 1460 Ql10wnt - ok
    12:03:21.0794 1460 ql12160 - ok
    12:03:21.0984 1460 ql1240 - ok
    12:03:22.0175 1460 ql1280 - ok
    12:03:22.0235 1460 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    12:03:22.0245 1460 RasAcd - ok
    12:03:22.0355 1460 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    12:03:22.0355 1460 Rasl2tp - ok
    12:03:22.0455 1460 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    12:03:22.0455 1460 RasPppoe - ok
    12:03:22.0515 1460 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    12:03:22.0515 1460 Raspti - ok
    12:03:22.0635 1460 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    12:03:22.0645 1460 Rdbss - ok
    12:03:22.0736 1460 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    12:03:22.0736 1460 RDPCDD - ok
    12:03:22.0836 1460 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    12:03:22.0846 1460 rdpdr - ok
    12:03:22.0996 1460 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
    12:03:23.0006 1460 RDPWD - ok
    12:03:23.0126 1460 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys
    12:03:23.0136 1460 redbook - ok
    12:03:23.0276 1460 SANDRA - ok
    12:03:23.0507 1460 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    12:03:23.0517 1460 Secdrv - ok
    12:03:23.0647 1460 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    12:03:23.0647 1460 serenum - ok
    12:03:23.0707 1460 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys
    12:03:23.0717 1460 Serial - ok
    12:03:23.0827 1460 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    12:03:23.0837 1460 Sfloppy - ok
    12:03:23.0957 1460 sfman (0b1a5e9cacb5cdd54a2815107bd7c772) C:\WINDOWS\system32\drivers\sfmanm.sys
    12:03:23.0967 1460 sfman - ok
    12:03:24.0178 1460 Simbad - ok
    12:03:24.0378 1460 Sparrow - ok
    12:03:24.0458 1460 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    12:03:24.0468 1460 splitter - ok
    12:03:24.0528 1460 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys
    12:03:24.0528 1460 sr - ok
    12:03:24.0678 1460 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    12:03:24.0698 1460 Srv - ok
    12:03:24.0899 1460 StillCam (bf8aa066bb0398ddcbc9573153d39b8c) C:\WINDOWS\system32\DRIVERS\serscan.sys
    12:03:24.0899 1460 StillCam - ok
    12:03:25.0059 1460 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    12:03:25.0069 1460 swenum - ok
    12:03:25.0139 1460 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    12:03:25.0149 1460 swmidi - ok
    12:03:25.0359 1460 symc810 - ok
    12:03:25.0550 1460 symc8xx - ok
    12:03:25.0740 1460 sym_hi - ok
    12:03:25.0930 1460 sym_u3 - ok
    12:03:26.0020 1460 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    12:03:26.0020 1460 sysaudio - ok
    12:03:26.0140 1460 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    12:03:26.0160 1460 Tcpip - ok
    12:03:26.0251 1460 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    12:03:26.0251 1460 TDPIPE - ok
    12:03:26.0331 1460 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    12:03:26.0331 1460 TDTCP - ok
    12:03:26.0401 1460 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    12:03:26.0401 1460 TermDD - ok
    12:03:26.0641 1460 TosIde - ok
    12:03:26.0801 1460 TVICHW32 (62c773d26f69b94c2ca1f15ccb43f021) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
    12:03:26.0801 1460 TVICHW32 - ok
    12:03:26.0891 1460 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    12:03:26.0902 1460 Udfs - ok
    12:03:27.0112 1460 ultra - ok
    12:03:27.0272 1460 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    12:03:27.0292 1460 Update - ok
    12:03:27.0532 1460 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    12:03:27.0532 1460 usbccgp - ok
    12:03:27.0603 1460 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    12:03:27.0613 1460 usbhub - ok
    12:03:27.0823 1460 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    12:03:27.0833 1460 usbprint - ok
    12:03:27.0883 1460 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    12:03:27.0893 1460 usbscan - ok
    12:03:27.0953 1460 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    12:03:27.0953 1460 USBSTOR - ok
    12:03:28.0023 1460 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    12:03:28.0023 1460 usbuhci - ok
    12:03:28.0063 1460 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    12:03:28.0073 1460 VgaSave - ok
    12:03:28.0263 1460 ViaIde - ok
    12:03:28.0334 1460 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys
    12:03:28.0344 1460 VolSnap - ok
    12:03:28.0564 1460 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    12:03:28.0574 1460 Wanarp - ok
    12:03:28.0724 1460 wceusbsh (dc7f91b2ed24a738c807ea07f298928c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
    12:03:28.0734 1460 wceusbsh - ok
    12:03:28.0934 1460 WDICA - ok
    12:03:29.0005 1460 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    12:03:29.0015 1460 wdmaud - ok
    12:03:29.0215 1460 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
    12:03:29.0215 1460 WS2IFSL - ok
    12:03:29.0465 1460 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    12:03:29.0475 1460 WudfPf - ok
    12:03:29.0686 1460 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    12:03:29.0696 1460 WudfRd - ok
    12:03:29.0746 1460 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0
    12:03:29.0866 1460 \Device\Harddisk0\DR0 - ok
    12:03:29.0886 1460 Boot (0x1200) (3e6bb32a7aba43607b52cb662a322fcc) \Device\Harddisk0\DR0\Partition0
    12:03:29.0886 1460 \Device\Harddisk0\DR0\Partition0 - ok
    12:03:29.0906 1460 Boot (0x1200) (c6aa12f58aa5890e91e4f3e1442b4a43) \Device\Harddisk0\DR0\Partition1
    12:03:29.0906 1460 \Device\Harddisk0\DR0\Partition1 - ok
    12:03:29.0916 1460 ============================================================
    12:03:29.0916 1460 Scan finished
    12:03:29.0916 1460 ============================================================
    12:03:29.0936 0220 Detected object count: 0
    12:03:29.0936 0220 Actual detected object count: 0
    12:06:03.0827 3040 Deinitialize success


    aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
    Run date: 2011-10-07 12:12:50
    —————————–
    12:12:50.782 OS Version: Windows 5.1.2600 Service Pack 3
    12:12:50.782 Number of processors: 1 586 0xA
    12:12:50.782 ComputerName: DESKTOP UserName:
    12:13:04.943 Initialize success
    12:13:05.934 AVAST engine defs: 11100601
    12:13:16.339 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
    12:13:16.339 Disk 0 Vendor: Maxtor_6Y060L0 YAR41VW0 Size: 58644MB BusType: 3
    12:13:16.349 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
    12:13:16.349 Disk 1 Vendor: IOMEGA_ZIP_250 41.S Size: 58644MB BusType: 2
    12:13:18.352 Disk 0 MBR read successfully
    12:13:18.352 Disk 0 MBR scan
    12:13:18.392 Disk 0 Windows XP default MBR code
    12:13:18.402 Disk 0 scanning sectors +120101940
    12:13:18.432 Disk 0 scanning C:\WINDOWS\system32\drivers
    12:13:30.289 Service scanning
    12:13:31.431 Modules scanning
    12:13:39.332 Disk 0 trace - called modules:
    12:13:39.352 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
    12:13:39.352 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82f7fab8]
    12:13:39.352 3 CLASSPNP.SYS[f758ffd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x82fa9d98]
    12:13:39.653 AVAST engine scan C:\WINDOWS
    12:13:43.638 AVAST engine scan C:\WINDOWS\system32
    12:15:24.624 AVAST engine scan C:\WINDOWS\system32\drivers
    12:15:35.740 AVAST engine scan C:\Documents and Settings\Administrator
    12:16:18.932 AVAST engine scan C:\Documents and Settings\All Users
    12:16:47.002 Scan finished successfully
    12:17:11.117 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Bureaublad\MBR.dat"
    12:17:11.127 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Bureaublad\aswMBR.txt"









  • Mooi, geen MBR-rootkits en een gezonde MBR ook.

    Graag de precieze lokatie van Jordan in C:\
  • Het bestand staat niet op het bureaublad maar in Administrator C:\Documents and settings.

    Ik heb nogmaals met Windows Search gezocht en het bestand staat er nog steeds.
    Ik kan het echter niet zichtbaar maken met de Windows Verkenner.
  • Moet ik het als zo zijnde interpreteren:

    C:\Documents and settings\Administrator\Jordan
  • Kon helaas geen Print Screen maken van Windows Search.
    Hieronder de tekst:

    Titel = .jordan
    Bestandsnaam = .jordan
    Datum = 14-4-2011
    Type = bestandsmap
    Map = Administrator (c:\documents and settings)

    Ik kan het bestand echter nergens vinden (via Windows Verkenner).

    ??????????
  • Dan gaan we wat proberen:

    download [b:84c03c7561]zoek.exe van Smeenk[/b:84c03c7561]
    Plaats hem op je bureaublad en dubbelklik hem om te starten.
    Typ [b:84c03c7561]A[/b:84c03c7561] gevolgd door [b:84c03c7561]Enter[/b:84c03c7561] om de "Standard search" te starten.
    Wacht geduldig tot het CMD-venster sluit en een kladblokvenster opent.
    Selecteer de volledige inhoud van het log en kopieer dit in je volgende bericht.
  • Hierbij het log van Zoek.exe:

    ==================
    Zoek.exe by smeenk
    Updated 22-03-2011
    ==================
    Windows: Windows XP Professional Service Pack 3 (Build 2600)
    Internet Explorer: 8.0.6001.18702
    Memory (RAM): 768 MB
    CPU Info: Intel(R) Pentium(R) 4 CPU 1700MHz
    CPU Speed: 1685,9 MHz
    Sound Card: SB Live!-waveapparaat
    Display Adapters: NVIDIA GeForce3 (Microsoft Corporation) | NetMeeting driver | RDPDD Chained DD
    Monitors: 1x; Plug en Play-monitor |
    Screen Resolution: 1024 X 768 - 32 bit
    Network: Network Present
    Network Adapters: 3Com 3C920 Integrated Fast Ethernet Controller (3C905C-TX-compatibel) - PC Tools Driver
    CD / DVD Drives: 2x (F: | G: | ) F: ASUS DVD-E616P2 | G: _NEC NR-7800A
    Ports: COM1 LPT1
    Mouse: 8 Button Wheel Mouse Present
    Hard Disks: C: 19,5GB | D: 37,7GB
    Hard Disks - Free: C: 7,4GB | D: 24,6GB
    USB Controllers: 2 host controllers.
    Firewire (1394): 1 host controllers.
    Manufacturer *: Dell Computer Corporation
    Product Make *: Dimension 8100
    AC Power Status: OnLine
    BIOS Info: AT/AT COMPATIBLE | 11/09/01 | DELL - 5
    Time Zone: West-Europa (standaardtijd)
    Battery Status: No Battery
    Motherboard *: Dell Computer Corporation Dimension 8100
    SM BIOS: XP2
    Sun Java version: 1.7.0
    Country: Nederland
    Language: NLD

    Files recently created/modified:
    ======C:\WINDOWS====
    2011-09-18 13:23:00 41184 —-a-w- C:\WINDOWS\avastSS.scr
    ======C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp====
    ======C:\WINDOWS\system32=====
    2011-09-22 17:21:00 128000 —-a-w- C:\WINDOWS\System32\javacpl.cpl
    2011-09-22 17:20:59 214408 —-a-w- C:\WINDOWS\System32\javaws.exe
    2011-09-22 17:20:59 173960 —-a-w- C:\WINDOWS\System32\javaw.exe
    2011-09-22 17:20:59 173960 —-a-w- C:\WINDOWS\System32\java.exe
    2011-09-22 17:08:26 404640 —-a-w- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    2011-09-18 13:23:00 199304 —-a-w- C:\WINDOWS\System32\aswBoot.exe
    ======C:\WINDOWS\system32\drivers=====
    2011-09-22 17:43:21 22216 —-a-w- C:\WINDOWS\System32\drivers\mbam.sys
    2011-09-21 06:10:00 218592 —-a-w- C:\WINDOWS\System32\drivers\PCTCore.sys
    2011-09-21 06:10:00 160576 —-a-w- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
    2011-09-21 06:09:53 251560 —-a-w- C:\WINDOWS\System32\drivers\pctgntdi.sys
    2011-09-21 06:08:20 89472 —-a-w- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
    2011-09-21 06:08:20 57536 —-a-w- C:\WINDOWS\System32\drivers\pctNdis.sys
    2011-09-21 06:08:20 32808 —-a-w- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
    2011-09-21 06:08:17 125248 —-a-w- C:\WINDOWS\System32\drivers\pctplfw.sys
    2011-09-18 13:23:18 20568 —-a-w- C:\WINDOWS\System32\drivers\aswFsBlk.sys
    2011-09-18 13:23:17 320856 —-a-w- C:\WINDOWS\System32\drivers\aswSP.sys
    2011-09-18 13:23:15 52568 —-a-w- C:\WINDOWS\System32\drivers\aswTdi.sys
    2011-09-18 13:23:15 34392 —-a-w- C:\WINDOWS\System32\drivers\aswRdr.sys
    2011-09-18 13:23:14 442200 —-a-w- C:\WINDOWS\System32\drivers\aswSnx.sys
    2011-09-18 13:23:14 110552 —-a-w- C:\WINDOWS\System32\drivers\aswmon2.sys
    2011-09-18 13:23:14 104536 —-a-w- C:\WINDOWS\System32\drivers\aswmon.sys
    2011-09-18 13:23:13 30808 —-a-w- C:\WINDOWS\System32\drivers\aavmker4.sys
    ======C:\WINDOWS\Tasks======
    ======C:\WINDOWS\Temp======
    =======C:\Program Files=====
    2011-09-23 15:32:35 ——– d—–w- C:\Program Files\Mozilla Firefox
    2011-09-22 17:43:20 ——– d—–w- C:\Program Files\Malwarebytes' Anti-Malware
    2011-09-22 17:21:24 ——– d—–w- C:\Program Files\Common Files\Java
    2011-09-21 10:28:20 ——– d—–w- C:\Program Files\EMET
    2011-09-21 06:08:20 ——– d—–w- C:\Program Files\Common Files\PC Tools
    2011-09-21 06:08:12 ——– d—–w- C:\Program Files\PC Tools Firewall Plus
    2011-09-18 13:22:40 ——– d—–w- C:\Program Files\AVAST Software
    =======C:=====
    2011-10-07 08:50:01 11051 —-a-w- C:\lopR.txt
    ======C:\Documents and Settings\Administrator\Application Data======
    2011-09-21 06:11:12 ——– d—–w- C:\Documents and Settings\Administrator\Application Data\PCToolsFirewallPlus
    2011-09-18 13:22:40 ——– d—–w- C:\Documents and Settings\All Users\Application Data\AVAST Software
    ======C:\Documents and Settings\Administrator======
    ======C:\WINDOWS\Downloaded Program Files====
    =============

    ======C:==exe-files==
    2011-10-07 10:11:20 1916416 —-a-w- C:\Documents and Settings\Administrator\Bureaublad\aswMBR.exe
    2011-10-07 08:48:28 98816 —-a-w- C:\Lop SD\sed.exe
    2011-10-07 08:48:28 61440 —-a-w- C:\Lop SD\pv.exe
    2011-10-07 08:48:28 45056 —-a-w- C:\Lop SD\lsTasks.exe
    2011-10-07 08:48:28 26624 —-a-w- C:\Lop SD\setpath.exe
    2011-10-07 08:48:28 24062 —-a-w- C:\Lop SD\OsV.exe
    2011-10-07 08:48:28 16738 —-a-w- C:\Lop SD\iNv.exe
    2011-10-07 08:48:28 141312 —-a-w- C:\Lop SD\catchme.exe
    2011-10-07 08:43:26 501736 —-a-w- C:\Documents and Settings\Administrator\Bureaublad\LopSD.exe
    2011-10-05 18:53:52 1548592 —-a-w- C:\Documents and Settings\Administrator\Bureaublad\TDSSKiller.exe
    2011-10-04 20:12:09 179256 —-a-w- C:\Program Files\Google\Google Updater\2.4.2432.1652\GoogleUpdaterSetup.exe
    2011-10-04 20:12:09 161336 —-a-w- C:\Program Files\Google\Google Updater\2.4.2432.1652\GoogleUpdaterRestartManager.exe
    2011-10-04 20:12:08 228920 —-a-w- C:\Program Files\Google\Google Updater\2.4.2432.1652\GoogleUpdaterAdminPrefs.exe
    2011-10-04 20:12:08 173112 —-a-w- C:\Program Files\Google\Google Updater\2.4.2432.1652\GoogleUpdaterInstallMgr.exe
    ===C:=other files==
    2011-10-07 10:46:46 1595904 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\algo.dll
    2011-10-07 10:46:44 98864 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\aswCmnOS.dll
    2011-10-07 10:46:44 87528 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\aswScan.dll
    2011-10-07 10:46:44 446016 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\aswCleanerDLL.dll
    2011-10-07 10:46:44 40672 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\fwAux.dll
    2011-10-07 10:46:44 359936 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\aswRawFS.dll
    2011-10-07 10:46:44 321832 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\aswCmnBS.dll
    2011-10-07 10:46:44 24672 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\uiext.dll
    2011-10-07 10:46:44 212640 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\aswRep.dll
    2011-10-07 10:46:44 183288 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\aswCmnIS.dll
    2011-10-07 10:46:44 13360 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\exts.dll
    2011-10-07 10:46:44 1212288 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\aswEngin.dll
    2011-10-07 10:46:43 45304 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\ArPot.dll
    2011-10-07 10:46:43 169904 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\aswAR.dll
    2011-10-07 10:46:43 1580504 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100700\aswBoot.dll
    2011-10-07 09:58:40 1529675 —-a-w- C:\Documents and Settings\Administrator\Bureaublad\tdsskiller.zip
    2011-10-07 08:48:30 1739 —-a-w- C:\Lop SD\paths.bat
    2011-10-06 23:00:53 1595904 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\algo.dll
    2011-10-06 23:00:50 98864 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\aswCmnOS.dll
    2011-10-06 23:00:50 87528 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\aswScan.dll
    2011-10-06 23:00:50 45304 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\ArPot.dll
    2011-10-06 23:00:50 446016 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\aswCleanerDLL.dll
    2011-10-06 23:00:50 40672 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\fwAux.dll
    2011-10-06 23:00:50 359936 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\aswRawFS.dll
    2011-10-06 23:00:50 321832 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\aswCmnBS.dll
    2011-10-06 23:00:50 24672 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\uiext.dll
    2011-10-06 23:00:50 212640 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\aswRep.dll
    2011-10-06 23:00:50 183288 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\aswCmnIS.dll
    2011-10-06 23:00:50 169904 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\aswAR.dll
    2011-10-06 23:00:50 1580504 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\aswBoot.dll
    2011-10-06 23:00:50 13360 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\exts.dll
    2011-10-06 23:00:50 1212288 —-a-w- C:\Program Files\AVAST Software\Avast\defs\11100601\aswEngin.dll
    2011-10-04 20:12:12 761840 —-a-w- C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    2011-10-04 20:12:12 49136 —-a-w- C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\gth.dll
    2011-10-04 20:12:12 141808 —-a-w- C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\gtn.dll
    2011-10-04 20:12:09 103480 —-a-w- C:\Program Files\Google\Google Updater\2.4.2432.1652\cires.dll
    2011-10-04 20:12:08 1210936 —-a-w- C:\Program Files\Google\Google Updater\2.4.2432.1652\ci.dll
    2011-10-04 20:12:08 102456 —-a-w- C:\Program Files\Google\Google Updater\2.4.2432.1652
    pCIDetect14.dll
    ==================
    "Silent Runners.vbs", revision 63, http://www.silentrunners.org/
    Output limited to non-default values, except where indicated by "{++}"


    Startup items buried in registry:
    ———————————

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
    "SIDEBAR" = ""C:\Program Files\Desktop Sidebar\dsidebar.exe"" ["Idea2"]
    "AutoSizer" = ""C:\Program Files\AutoSizer\AutoSizer.exe"" ["South Bay Software"]
    "ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
    "avast" = ""C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui" ["AVAST Software"]
    "00PCTFW" = ""C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s" ["PC Tools"]

    HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\
    >{26923b43-4d38-484f-9b9e-de460746276c}\(Default) = "Internet Explorer"
    \StubPath = "C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig" [MS]
    >{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\(Default) = "Outlook Express"
    \StubPath = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE" [MS]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

    {18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = "AcroIEHelperStub"
    -> {HKLM…CLSID} = "Adobe PDF Link Helper"
    \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll" ["Adobe Systems Incorporated"]

    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = (no title provided)
    -> {HKLM…CLSID} = "avast! WebRep"
    \InProcServer32\(Default) = "C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll" ["AVAST Software"]

    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\(Default) = (no title provided)
    -> {HKLM…CLSID} = "Google Toolbar Notifier BHO"
    \InProcServer32\(Default) = "C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll" ["Google Inc."]

    {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
    -> {HKLM…CLSID} = "Java™ Plug-In 2 SSV Helper"
    \InProcServer32\(Default) = "C:\Program Files\Java\jre7\bin\jp2ssv.dll" ["Oracle Corporation"]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

    00avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
    -> {HKLM…CLSID} = "avast"
    \InProcServer32\(Default) = "C:\Program Files\AVAST Software\Avast\ashShell.dll" ["AVAST Software"]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

    "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal-pictogramuitbreiding"
    -> {HKLM…CLSID} = "HyperTerminal Icon Ext"
    \InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]

    "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
    -> {HKLM…CLSID} = "Outlook-extensie voor bestandspictogrammen"
    \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL" [MS]

    "{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
    -> {HKLM…CLSID} = "Desktop Explorer"
    \InProcServer32\(Default) = "C:\WINDOWS\system32
    vshell.dll" ["NVIDIA Corporation"]

    "{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
    -> {HKLM…CLSID} = (no title provided)
    \InProcServer32\(Default) = "C:\WINDOWS\system32
    vshell.dll" ["NVIDIA Corporation"]

    "{e57ce731-33e8-4c51-8354-bb4de9d215d1}" = "Universele Plug en Play-apparaten"
    -> {HKLM…CLSID} = "Universele Plug en Play-apparaten"
    \InProcServer32\(Default) = "C:\WINDOWS\system32\upnpui.dll" [MS]

    "{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
    -> {HKLM…CLSID} = "DesktopContext Class"
    \InProcServer32\(Default) = "C:\WINDOWS\system32
    vcpl.dll" ["NVIDIA Corporation"]

    "{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
    -> {HKLM…CLSID} = "nView Desktop Context Menu"
    \InProcServer32\(Default) = "C:\WINDOWS\system32
    vshell.dll" ["NVIDIA Corporation"]

    "{F2185E5D-720E-4956-90D9-75F6AC141575}" = "Idea2 SidebarIconHandler Class"
    -> {HKLM…CLSID} = "SidebarIconHandler Class"
    \InProcServer32\(Default) = "C:\Program Files\Desktop Sidebar\sbhelp.dll" ["Idea2"]

    "{97090E2F-3062-4459-855B-014F0D3CDBB1}" = "Windows Search Deskbar"
    -> {HKCU…CLSID} = "Windows Search Bureaubalk"
    \InProcServer32\(Default) = "C:\Program Files\Windows Desktop Search\deskbar.dll" [MS]
    -> {HKLM…CLSID} = "Windows Search Deskbar"
    \InProcServer32\(Default) = "C:\Program Files\Windows Desktop Search\deskbar.dll" [MS]

    "{13E7F612-F261-4391-BEA2-39DF4F3FA311}" = "Windows Desktop Search"
    -> {HKLM…CLSID} = "Windows Desktop Search"
    \InProcServer32\(Default) = "C:\Program Files\Windows Desktop Search\msnlExt.dll" [MS]

    "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
    -> {HKLM…CLSID} = (no title provided)
    \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\msohev.dll" [MS]

    "{23170F69-40C1-278A-1000-000100020000}" = "7-Zip Shell Extension"
    -> {HKLM…CLSID} = "7-Zip Shell Extension"
    \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]

    "{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"
    -> {HKLM…CLSID} = "avast"
    \InProcServer32\(Default) = "C:\Program Files\AVAST Software\Avast\ashShell.dll" ["AVAST Software"]

    "{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" = "Microsoft Office Metadata Handler"
    -> {HKLM…CLSID} = "Microsoft Office Metadata Handler"
    \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS]

    "{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" = "Microsoft Office Thumbnail Handler"
    -> {HKLM…CLSID} = "Microsoft Office Thumbnail Handler"
    \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

    <<!>> "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" = "Microsoft AntiMalware ShellExecuteHook"
    -> {HKLM…CLSID} = "Microsoft AntiMalware ShellExecuteHook"
    \InProcServer32\(Default) = "C:\PROGRA~1\WIFD1F~1\MpShHook.dll" [MS]

    <<!>> "{56F9679E-7826-4C84-81F3-532071A8BCC5}" = (no title provided)
    -> {HKLM…CLSID} = "Windows Desktop Search Namespace Manager"
    \InProcServer32\(Default) = "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [MS]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

    "WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
    -> {HKLM…CLSID} = "WPDShServiceObj Class"
    \InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]

    HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

    7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"
    -> {HKLM…CLSID} = "7-Zip Shell Extension"
    \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]

    avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
    -> {HKLM…CLSID} = "avast"
    \InProcServer32\(Default) = "C:\Program Files\AVAST Software\Avast\ashShell.dll" ["AVAST Software"]

    HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

    00avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
    -> {HKLM…CLSID} = "avast"
    \InProcServer32\(Default) = "C:\Program Files\AVAST Software\Avast\ashShell.dll" ["AVAST Software"]

    HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

    7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"
    -> {HKLM…CLSID} = "7-Zip Shell Extension"
    \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]

    HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

    7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"
    -> {HKLM…CLSID} = "7-Zip Shell Extension"
    \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]

    HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

    00nView\(Default) = "{1E9B04FB-F9E5-4718-997B-B8DA88302A48}"
    -> {HKLM…CLSID} = "nView Desktop Context Menu"
    \InProcServer32\(Default) = "C:\WINDOWS\system32
    vshell.dll" ["NVIDIA Corporation"]

    NvCplDesktopContext\(Default) = "{A70C977A-BF00-412C-90B7-034C51DA2439}"
    -> {HKLM…CLSID} = "DesktopContext Class"
    \InProcServer32\(Default) = "C:\WINDOWS\system32
    vcpl.dll" ["NVIDIA Corporation"]

    HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

    {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
    -> {HKLM…CLSID} = "PDF Shell Extension"
    \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

    HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

    avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
    -> {HKLM…CLSID} = "avast"
    \InProcServer32\(Default) = "C:\Program Files\AVAST Software\Avast\ashShell.dll" ["AVAST Software"]


    Default executables:
    ——————–

    HKLM\SOFTWARE\Classes\.hta\(Default) = "htafile"
    <<!>> HKLM\SOFTWARE\Classes\htafile\shell\open\command\(Default) = "NOTEPAD.EXE %1" [MS]


    Group Policies {GPedit.msc branch and setting}:
    ———————————————–

    Note: detected settings may not have any effect.

    HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\

    "NoChangingWallpaper" = (REG_DWORD) dword:0x00000000
    {User Configuration|Administrative Templates|Control Panel|Display|
    Prevent changing wallpaper}

    HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

    "LinkResolveIgnoreLinkInfo" = (REG_DWORD) dword:0x00000000
    {unrecognized setting}

    "NoDrives" = (REG_DWORD) dword:0x00000000
    {unrecognized setting}

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\

    "LinkResolveIgnoreLinkInfo" = (REG_DWORD) dword:0x00000000
    {unrecognized setting}

    "NoResolveSearch" = (REG_DWORD) dword:0x00000001
    {unrecognized setting}

    "NoDrives" = (REG_DWORD) dword:0x00000000
    {unrecognized setting}

    HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

    "disableregistrytools" = (REG_DWORD) dword:0x00000000
    {User Configuration|Administrative Templates|System|
    Prevent access to registry editing tools}

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\

    "NoUpdateCheck" = (REG_DWORD) dword:0x00000001
    {unrecognized setting}

    HKCU\Software\Policies\Microsoft\Windows\System\

    "disablecmd" = (REG_DWORD) dword:0x00000000
    {User Configuration|Administrative Templates|System|
    Disable the command prompt}

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

    "DisableRegistryTools" = (REG_DWORD) dword:0x00000000
    {unrecognized setting}


    Active Desktop and Wallpaper:
    —————————–

    Active Desktop may be disabled at this entry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

    Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
    HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
    "Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"

    Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
    HKCU\Control Panel\Desktop\
    "Wallpaper" = "D:\Mijn documenten\Mijn afbeeldingen\Picasa\Achtergronden\picasabackground-3.bmp"


    Windows Portable Device AutoPlay Handlers
    —————————————–

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

    MSWPDShellNamespaceHandler\
    "Provider" = "@%SystemRoot%\System32\WPDShextRes.dll,-501"
    "CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}"
    "InitCmdLine" = " "
    -> {HKLM…CLSID} = "WPDShextAutoplay"
    \LocalServer32\(Default) = "C:\WINDOWS\system32\WPDShextAutoplay.exe" [MS]

    NeroAutoPlay7VideoCapture\
    "Provider" = "Nero Vision"
    "ProgID" = "Shell.HWEventHandlerShellExecute"
    "InitCmdLine" = "/New:VideoCapture"
    HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}"
    -> {HKLM…CLSID} = "ShellExecute HW Event Handler"
    \LocalServer32\(Default) = "rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" [MS]

    Picasa2ImportPicturesOnArrival\
    "Provider" = "Picasa3"
    "InvokeProgID" = "picasa2.autoplay"
    "InvokeVerb" = "import"
    HKLM\SOFTWARE\Classes\picasa2.autoplay\shell\import\command\(Default) = "C:\Program Files\Google\Picasa3\Picasa3.exe "%1"" ["Google Inc."]


    Enabled Scheduled Tasks:
    ————————

    "Google Software Updater" -> launches: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start" ["Google"]
    "{A4261029-491F-408E-9B24-1CBDDA8068FA}_DESKTOP_Administrator" -> launches: "C:\WINDOWS\system32\mobsync.exe /Schedule="{A4261029-491F-408E-9B24-1CBDDA8068FA}_DESKTOP_Administrator"" [MS]
    "{02AA7507-4030-4389-9A16-BF1773F7748B}_DESKTOP_Administrator" -> launches: "C:\WINDOWS\system32\mobsync.exe /Schedule="{02AA7507-4030-4389-9A16-BF1773F7748B}_DESKTOP_Administrator"" [MS]
    "{35C9FC60-5B53-429A-A682-980BF67FE179}_DESKTOP_Administrator" -> launches: "C:\WINDOWS\system32\mobsync.exe /Schedule="{35C9FC60-5B53-429A-A682-980BF67FE179}_DESKTOP_Administrator"" [MS]
    "GoogleUpdateTaskMachineCore" -> launches: "C:\Program Files\Google\Update\GoogleUpdate.exe /c" ["Google Inc."]
    "GoogleUpdateTaskMachineUA" -> launches: "C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler" ["Google Inc."]


    Winsock2 Service Provider DLLs:
    ——————————-

    Namespace Service Providers

    000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
    000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
    000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

    Transport Service Providers

    %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13
    %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


    Toolbars, Explorer Bars, Extensions:
    ————————————

    Toolbars

    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

    "{F2CF5485-4E02-4F68-819C-B92DE9277049}"
    -> {HKLM…CLSID} = "&Links"
    \InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]

    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
    "{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}" = (no title provided)
    -> {HKLM…CLSID} = "avast! WebRep"
    \InProcServer32\(Default) = "C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll" ["AVAST Software"]

    Extensions (Tools menu items, main toolbar menu buttons)

    HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
    {09FE188B-6E85-479E-9411-51FB2220DF80}\
    "ButtonText" = "Subscribe in Desktop Sidebar"
    "MenuText" = "Subscribe in Desktop Sidebar"
    "CLSIDExtension" = "{45AD732C-2CE2-4666-B366-B2214AD57A49}"
    -> {HKLM…CLSID} = "Idea2 SidebarBrowserMonitor Class"
    \InProcServer32\(Default) = "C:\Program Files\Desktop Sidebar\sbhelp.dll" ["Idea2"]


    Running Services (Display Name, Service Name, Path {Service DLL}):
    ——————————————————————

    ASP.NET State Service, aspnet_state, "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe" [MS]
    avast! Antivirus, avast! Antivirus, ""C:\Program Files\AVAST Software\Avast\AvastSvc.exe"" ["AVAST Software"]
    Extensible Authentication Protocol-service, EapHost, "C:\WINDOWS\System32\svchost.exe -k eapsvcs" {"C:\WINDOWS\System32\eapsvc.dll" [MS]}
    Health Key and Certificate Management-service, hkmsvc, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\kmsvc.dll" [MS]}
    InterBase Guardian, InterBaseGuardian, "C:\Program Files\InterBase Corp\InterBase\bin\ibguard.exe -s" ["InterBase Software Corp."]
    InterBase Server, InterBaseServer, "C:\Program Files\InterBase Corp\InterBase\bin\ibserver.exe -s -g" ["InterBase Software Corp."]
    Java Quick Starter, JavaQuickStarterService, ""C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"" ["Oracle Corporation"]
    PC Tools Firewall Plus, PCToolsFirewallPlus, "C:\Program Files\PC Tools Firewall Plus\FWService.exe" ["PC Tools"]
    Secunia Update Agent, Secunia Update Agent, ""C:\Program Files\Secunia\PSI\sua.exe" –start-service" ["Secunia"]
    TomTomHOMEService, TomTomHOMEService, "C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe" ["TomTom"]
    Visibroker Activation Daemon, oad, "C:\PROGRA~1\Borland\vbroker\bin\oad.exe" [null data]
    VisiBroker Smart Agent, osagent, "C:\PROGRA~1\Borland\vbroker\bin\osagent.exe" [null data]
    Windows Search, WSearch, "C:\WINDOWS\system32\SearchIndexer.exe /Embedding" [MS]
    WMI-prestatieadapter, WmiApSrv, "C:\WINDOWS\System32\wbem\wmiapsrv.exe" [MS]


    Safe Mode Drivers & Services (subkey name, subkey default value):
    —————————————————————–

    HKLM\System\CurrentControlSet\Control\SafeBoot\Network\

    <<!>> vsmon, "Service"






  • Geen rare dingen in het log!

    Maar ook geen map Jordan!


    Start Smeenks Zoekexe weer en kies nun voor "B".

    In het geopende kladblok plakje de onderstaande vetgedrukte tekst:

    [b:806e8534f1]Jordan;[/b:806e8534f1]


    Post wederom het log van de zoekscan.
  • Het bestand heet geen jordan maar .jordan!!!!
    Dit maakt volgens mij een wezenlijk verschil of niet?
  • Dan mag ik toch redelijkerwijze aannemen dat je de invoer dan verandert hebt naar "jordan?
  • Zoek.exe gestart met .jordan; het volgende log verschijnt:

    ==================
    Zoek.exe by smeenk
    Updated 22-03-2011
    ==================
    *************Folders************

    **************Files*************
    ********************************

    In de volgende post de log van Zoek.exe maar dan met jordan;
  • Inderdaad en ik ben benieuwd of er wat te voorschijn komt…..
  • Hierbij het log:

    ==================
    Zoek.exe by smeenk
    Updated 22-03-2011
    ==================
    *************Folders************

    **************Files*************

    — C:\WINDOWS\Downloaded Program Files\JordanApplet.dll —
    Company: IPLabs GmbH
    File Description: JordanApplet http file uploader
    File Version: 1, 4, 0, 6
    Product Name: JordanApplet Uploader
    Copyright: Copyright 2005-2010
    Original Filename: JordanApplet.DLL
    File size: 3252104
    Created time: 2009-05-04 11:02:52
    Modified time: 2011-04-04 09:22:48
    MD5: CD805920098465BEF37F5917C81E7A24
    SHA1: B664D521F57D8436CFAA9F0FC70FACEECE2346B6


    — C:\WINDOWS\Downloaded Program Files\Jordan.inf —
    Company: ——
    File Description: ——
    File Version: ——
    Product Name: ——
    Copyright: ——
    Original Filename: ——
    File size: 701
    Created time: 2009-05-04 11:02:48
    Modified time: 2011-04-04 09:22:46
    MD5: C64456A231CAF272562A7DD1DE442E09
    SHA1: 469C9DC3F77EE78CE8D0FB8D6CA377FDEAEA857B

    ********************************
  • Heb jij een Fujica camera?
  • Nee, wel een Fujifilm Finepix camera gehad maar deze is defect en gebruik ik al lang niet meer.
    Bestanden verwijderen?
  • Indien er nog sofrtware van/voor die camera aanwezig is en niet meer gebruikt wordt dan inderdaad gewoon verwijderen.

    Want wat ik hierboven vermeld, geldt feitelijk voor alle programma's die je niet meer gebruikt.

    Alleen door op die wijze Windows bij te houden, hou je tempo in Windows, want dan hoeft die software niet meer door Windows meegesleept te worden.

    En over die jordan map, uit alle logs bleek, dat er geen aktiviteiten er van uit gingen en dus ook geen malware is!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.