Vraag & Antwoord
isearch
54 antwoorden
- blijf last van isearch houden als ik een zoekopdracht geef, redelijk irritant.
vriendelijk verzoek om het logje van hijack this te bekijken en aan te geven wat ik veilig kan verwijderen.
dank alvast
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:28:36, on 4-3-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\SABnzbd\SABnzbd.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\anysee\Driver\CNO.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
C:\PROGRA~2\MICROS~3\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Spotnet\Spotnet.exe
C:\Program Files (x86)\Spotnet\SABnzbd.exe
F:\Newsleecher Downloads\Advanced Uninstaller PROv1057(2012)-banDulu\crck\Monitor.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={1EFD50B3-2E9B-46E0-80B2-6D099AB91773}&mid=3166752f6b8047d19e719128c0e116f6-86d575b5e754d087a77665dfbc778dde796ffc3c&lang=en&ds=ft011&pr=sa&d=2012-03-04 10:26:35&v=10.0.0.7&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [anysee CNO] C:\Program Files (x86)\anysee\Driver\CNO.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DriverMax] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: SABnzbd.lnk = C:\Program Files (x86)\SABnzbd\SABnzbd.exe
O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converteren naar bestaande PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaande PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Koppelingsdoel converteren naar Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Koppelingsdoel converteren naar bestaande PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Selectie converteren naar bestaande PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
O23 - Service: Acronis Scheduler2Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 13821 bytes - ondertussen wel de AVG Security toolbar uit de programma's verwijders, had zich weer geinstalleerd tijdens het installeren van een ander programma.
maar isearch blijft komen, - Post nu eerst het log van Zoek.exe!
- Hallo, in je log wordt isearch maar eenmaal opgevoerd: AVG-safesearch!
Verder blijkt uit je log dat er wel wat aan de hand is.
[b:67f51124c7]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:67f51124c7] - dank voor de reactie:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Databaseversie: v2012.03.04.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Nico :: NICO-PC [administrator]
4-3-2012 21:49:06
mbam-log-2012-03-04 (21-49-06).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 188114
Verstreken tijd: 1 minuut/minuten, 40 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Emsisoft Emergency Kit - Versie 1.0
Laatste Update: 4-3-2012 14:53:06
Scaninstellingen:
Scantype: Diepe Scan
Objecten: Geheugen, Sporen, Cookies, C:\, D:\, E:\, F:\, I:\
Scan archieven: Aan
Heuristieken: Uit
ADS Scan: Aan
Scan gestart: 4-3-2012 14:54:01
F:\Newsleecher Downloads\==HaroDeyv==Winzip 11\==HaroDeyv==Winzip 11\Winzip 11 Keygen.exe Ontdekt: Riskware.Keygen.WinZip11!IK
F:\Newsleecher Downloads\Nero 7.10.1.0 NL Premium\Nero 7.10.1.0 NL Premium\keygen.exe Ontdekt: Riskware.Hacktool.Keygen.Nero7!IK
F:\schoonmaak programma's\Uniblue Registry Booster 2.0\UBVarRB.dll Ontdekt: Virus.Win32.Sality!IK
I:\arie d schijf\Danmark-Faroe Isl-Sweden 2004\dragcopy.dll Ontdekt: Trojan.Win32.Sirefef!IK
Gescand
Bestanden: 715787
Sporen: 405133
Cookies: 8
Processen: 60
Gevonden
Bestanden: 4
Sporen: 0
Cookies: 0
Processen: 0
Registersleutels: 0
Scan Geëindigd: 4-3-2012 21:29:08
Scantijd: 6:35:07
I:\arie d schijf\Danmark-Faroe Isl-Sweden 2004\dragcopy.dll Verwijderd Trojan.Win32.Sirefef!IK
F:\schoonmaak programma's\Uniblue Registry Booster 2.0\UBVarRB.dll Verwijderd Virus.Win32.Sality!IK
F:\Newsleecher Downloads\Nero 7.10.1.0 NL Premium\Nero 7.10.1.0 NL Premium\keygen.exe Verwijderd Riskware.Hacktool.Keygen.Nero7!IK
F:\Newsleecher Downloads\==HaroDeyv==Winzip 11\==HaroDeyv==Winzip 11\Winzip 11 Keygen.exe Verwijderd Riskware.Keygen.WinZip11!IK
Verwijderd
Bestanden: 4
Sporen: 0
Cookies: 0 - Hoi, indien je keygens en dergelijke gebruikt om software gratis te kunnen gebruiken, kan je onheil in Windows verwachten!
- dank voor je belerende reactie.
- 23:35:44.0458 5580 TDSS rootkit removing tool 2.7.18.0 Mar 2 2012 09:40:07
23:35:44.0458 5580 ============================================================
23:35:44.0458 5580 Current date / time: 2012/03/04 23:35:44.0458
23:35:44.0458 5580 SystemInfo:
23:35:44.0458 5580
23:35:44.0458 5580 OS Version: 6.1.7601 ServicePack: 1.0
23:35:44.0458 5580 Product type: Workstation
23:35:44.0458 5580 ComputerName: NICO-PC
23:35:44.0458 5580 UserName: Nico
23:35:44.0458 5580 Windows directory: C:\Windows
23:35:44.0458 5580 System windows directory: C:\Windows
23:35:44.0458 5580 Running under WOW64
23:35:44.0458 5580 Processor architecture: Intel x64
23:35:44.0458 5580 Number of processors: 8
23:35:44.0458 5580 Page size: 0x1000
23:35:44.0458 5580 Boot type: Normal boot
23:35:44.0458 5580 ============================================================
23:35:44.0646 5580 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:35:44.0646 5580 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:35:44.0662 5580 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:35:44.0662 5580 \Device\Harddisk0\DR0:
23:35:44.0662 5580 MBR used
23:35:44.0662 5580 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:35:44.0662 5580 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31D800
23:35:44.0662 5580 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC350000, BlocksNum 0x683B6000
23:35:44.0662 5580 \Device\Harddisk1\DR1:
23:35:44.0662 5580 MBR used
23:35:44.0662 5580 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93800
23:35:44.0662 5580 \Device\Harddisk2\DR2:
23:35:44.0662 5580 MBR used
23:35:44.0662 5580 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
23:35:44.0708 5580 Initialize success
23:35:44.0708 5580 ============================================================
23:35:44.0740 5716 ============================================================
23:35:44.0740 5716 Scan started
23:35:44.0740 5716 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
23:35:44.0740 5716 ============================================================
23:35:45.0021 5716 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:35:45.0052 5716 1394ohci - ok
23:35:45.0068 5716 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:35:45.0083 5716 ACPI - ok
23:35:45.0099 5716 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:35:45.0099 5716 AcpiPmi - ok
23:35:45.0130 5716 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:35:45.0146 5716 adp94xx - ok
23:35:45.0162 5716 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:35:45.0177 5716 adpahci - ok
23:35:45.0193 5716 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:35:45.0193 5716 adpu320 - ok
23:35:45.0208 5716 afcdp (769b6f7dee0e943712a6316129d4bb0e) C:\Windows\system32\DRIVERS\afcdp.sys
23:35:45.0240 5716 afcdp - ok
23:35:45.0255 5716 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
23:35:45.0271 5716 AFD - ok
23:35:45.0271 5716 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:35:45.0287 5716 agp440 - ok
23:35:45.0302 5716 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:35:45.0302 5716 aliide - ok
23:35:45.0318 5716 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:35:45.0318 5716 amdide - ok
23:35:45.0333 5716 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:35:45.0349 5716 AmdK8 - ok
23:35:45.0349 5716 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:35:45.0365 5716 AmdPPM - ok
23:35:45.0365 5716 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:35:45.0380 5716 amdsata - ok
23:35:45.0396 5716 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:35:45.0396 5716 amdsbs - ok
23:35:45.0412 5716 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:35:45.0427 5716 amdxata - ok
23:35:45.0443 5716 AMTBDA_P861F (8d1730e518132a28e6c6a7e7b94cdf0b) C:\Windows\system32\DRIVERS\anyseeTU.SYS
23:35:45.0458 5716 AMTBDA_P861F - ok
23:35:45.0474 5716 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:35:45.0505 5716 AppID - ok
23:35:45.0521 5716 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:35:45.0521 5716 arc - ok
23:35:45.0537 5716 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:35:45.0537 5716 arcsas - ok
23:35:45.0552 5716 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:35:45.0583 5716 AsyncMac - ok
23:35:45.0599 5716 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:35:45.0599 5716 atapi - ok
23:35:45.0693 5716 atikmdag (52bd95caa9cae8977fe043e9ad6d2d0e) C:\Windows\system32\DRIVERS\atikmdag.sys
23:35:45.0755 5716 atikmdag - ok
23:35:45.0771 5716 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:35:45.0787 5716 b06bdrv - ok
23:35:45.0802 5716 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:35:45.0818 5716 b57nd60a - ok
23:35:45.0818 5716 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:35:45.0849 5716 Beep - ok
23:35:45.0865 5716 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:35:45.0880 5716 blbdrive - ok
23:35:45.0896 5716 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:35:45.0896 5716 bowser - ok
23:35:45.0912 5716 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:35:45.0927 5716 BrFiltLo - ok
23:35:45.0927 5716 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:35:45.0943 5716 BrFiltUp - ok
23:35:45.0958 5716 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
23:35:45.0990 5716 BridgeMP - ok
23:35:46.0005 5716 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:35:46.0021 5716 Brserid - ok
23:35:46.0037 5716 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:35:46.0052 5716 BrSerWdm - ok
23:35:46.0068 5716 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:35:46.0083 5716 BrUsbMdm - ok
23:35:46.0083 5716 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:35:46.0099 5716 BrUsbSer - ok
23:35:46.0115 5716 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
23:35:46.0115 5716 BthEnum - ok
23:35:46.0130 5716 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:35:46.0146 5716 BTHMODEM - ok
23:35:46.0162 5716 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
23:35:46.0177 5716 BthPan - ok
23:35:46.0193 5716 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
23:35:46.0208 5716 BTHPORT - ok
23:35:46.0224 5716 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
23:35:46.0224 5716 BTHUSB - ok
23:35:46.0240 5716 catchme - ok
23:35:46.0240 5716 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:35:46.0271 5716 cdfs - ok
23:35:46.0287 5716 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
23:35:46.0302 5716 cdrom - ok
23:35:46.0318 5716 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:35:46.0318 5716 circlass - ok
23:35:46.0333 5716 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:35:46.0349 5716 CLFS - ok
23:35:46.0365 5716 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:35:46.0380 5716 CmBatt - ok
23:35:46.0380 5716 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:35:46.0396 5716 cmdide - ok
23:35:46.0412 5716 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
23:35:46.0427 5716 CNG - ok
23:35:46.0443 5716 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:35:46.0443 5716 Compbatt - ok
23:35:46.0458 5716 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:35:46.0474 5716 CompositeBus - ok
23:35:46.0490 5716 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:35:46.0490 5716 crcdisk - ok
23:35:46.0521 5716 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
23:35:46.0537 5716 CSC - ok
23:35:46.0552 5716 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:35:46.0583 5716 DfsC - ok
23:35:46.0599 5716 DgiVecp - ok
23:35:46.0599 5716 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:35:46.0630 5716 discache - ok
23:35:46.0646 5716 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:35:46.0646 5716 Disk - ok
23:35:46.0662 5716 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:35:46.0677 5716 drmkaud - ok
23:35:46.0693 5716 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:35:46.0724 5716 DXGKrnl - ok
23:35:46.0740 5716 e.dentifier2 (a0d5450b3d4689dce4cbbc8268141c37) C:\Windows\system32\DRIVERS\aabed2.sys
23:35:46.0740 5716 e.dentifier2 - ok
23:35:46.0802 5716 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:35:46.0833 5716 ebdrv - ok
23:35:46.0865 5716 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:35:46.0880 5716 elxstor - ok
23:35:46.0896 5716 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:35:46.0896 5716 ErrDev - ok
23:35:46.0912 5716 ewusbnet (8adacffad67394c711698ea074ce3bab) C:\Windows\system32\DRIVERS\ewusbnet.sys
23:35:46.0927 5716 ewusbnet - ok
23:35:46.0943 5716 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:35:46.0974 5716 exfat - ok
23:35:46.0990 5716 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:35:47.0005 5716 fastfat - ok
23:35:47.0021 5716 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:35:47.0037 5716 fdc - ok
23:35:47.0052 5716 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:35:47.0052 5716 FileInfo - ok
23:35:47.0068 5716 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:35:47.0099 5716 Filetrace - ok
23:35:47.0099 5716 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:35:47.0115 5716 flpydisk - ok
23:35:47.0130 5716 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:35:47.0146 5716 FltMgr - ok
23:35:47.0162 5716 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:35:47.0162 5716 FsDepends - ok
23:35:47.0177 5716 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:35:47.0177 5716 Fs_Rec - ok
23:35:47.0193 5716 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:35:47.0208 5716 fvevol - ok
23:35:47.0224 5716 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:35:47.0224 5716 gagp30kx - ok
23:35:47.0240 5716 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:35:47.0240 5716 GEARAspiWDM - ok
23:35:47.0271 5716 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:35:47.0271 5716 hcw85cir - ok
23:35:47.0287 5716 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:35:47.0302 5716 HdAudAddService - ok
23:35:47.0318 5716 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:35:47.0333 5716 HDAudBus - ok
23:35:47.0333 5716 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:35:47.0349 5716 HidBatt - ok
23:35:47.0365 5716 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:35:47.0365 5716 HidBth - ok
23:35:47.0380 5716 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:35:47.0396 5716 HidIr - ok
23:35:47.0412 5716 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
23:35:47.0412 5716 HidUsb - ok
23:35:47.0427 5716 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:35:47.0443 5716 HpSAMD - ok
23:35:47.0458 5716 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:35:47.0490 5716 HTTP - ok
23:35:47.0505 5716 hwdatacard (d969d0e26c5b1e813b17066a8318d5d4) C:\Windows\system32\DRIVERS\ewusbmdm.sys
23:35:47.0521 5716 hwdatacard - ok
23:35:47.0521 5716 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:35:47.0537 5716 hwpolicy - ok
23:35:47.0552 5716 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:35:47.0568 5716 i8042prt - ok
23:35:47.0583 5716 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:35:47.0583 5716 iaStorV - ok
23:35:47.0599 5716 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:35:47.0615 5716 iirsp - ok
23:35:47.0630 5716 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:35:47.0630 5716 intelide - ok
23:35:47.0646 5716 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:35:47.0662 5716 intelppm - ok
23:35:47.0677 5716 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:35:47.0693 5716 IpFilterDriver - ok
23:35:47.0708 5716 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:35:47.0724 5716 IPMIDRV - ok
23:35:47.0740 5716 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:35:47.0755 5716 IPNAT - ok
23:35:47.0771 5716 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:35:47.0787 5716 IRENUM - ok
23:35:47.0802 5716 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:35:47.0802 5716 isapnp - ok
23:35:47.0818 5716 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:35:47.0833 5716 iScsiPrt - ok
23:35:47.0849 5716 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:35:47.0849 5716 kbdclass - ok
23:35:47.0865 5716 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
23:35:47.0880 5716 kbdhid - ok
23:35:47.0896 5716 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
23:35:47.0896 5716 KSecDD - ok
23:35:47.0912 5716 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
23:35:47.0927 5716 KSecPkg - ok
23:35:47.0927 5716 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:35:47.0958 5716 ksthunk - ok
23:35:47.0974 5716 LEqdUsb (ed7ec050cd6c20e1a93a4dafb7efd14d) C:\Windows\system32\DRIVERS\LEqdUsb.Sys
23:35:47.0990 5716 LEqdUsb - ok
23:35:48.0005 5716 LHidEqd (3267bc698e29474a8381e68904eb0390) C:\Windows\system32\DRIVERS\LHidEqd.Sys
23:35:48.0005 5716 LHidEqd - ok
23:35:48.0021 5716 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
23:35:48.0021 5716 LHidFilt - ok
23:35:48.0037 5716 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:35:48.0069 5716 lltdio - ok
23:35:48.0084 5716 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
23:35:48.0084 5716 LMouFilt - ok
23:35:48.0100 5716 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:35:48.0116 5716 LSI_FC - ok
23:35:48.0116 5716 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:35:48.0131 5716 LSI_SAS - ok
23:35:48.0147 5716 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:35:48.0147 5716 LSI_SAS2 - ok
23:35:48.0163 5716 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:35:48.0178 5716 LSI_SCSI - ok
23:35:48.0194 5716 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:35:48.0225 5716 luafv - ok
23:35:48.0225 5716 LUsbFilt (29c733e1de824670dc9315cfc9bdbcd3) C:\Windows\system32\Drivers\LUsbFilt.Sys
23:35:48.0241 5716 LUsbFilt - ok
23:35:48.0241 5716 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:35:48.0256 5716 megasas - ok
23:35:48.0272 5716 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:35:48.0288 5716 MegaSR - ok
23:35:48.0288 5716 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:35:48.0319 5716 Modem - ok
23:35:48.0334 5716 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:35:48.0350 5716 monitor - ok
23:35:48.0350 5716 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:35:48.0366 5716 mouclass - ok
23:35:48.0381 5716 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:35:48.0381 5716 mouhid - ok
23:35:48.0397 5716 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:35:48.0397 5716 mountmgr - ok
23:35:48.0413 5716 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
23:35:48.0428 5716 MpFilter - ok
23:35:48.0444 5716 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:35:48.0459 5716 mpio - ok
23:35:48.0459 5716 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
23:35:48.0475 5716 MpNWMon - ok
23:35:48.0475 5716 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:35:48.0506 5716 mpsdrv - ok
23:35:48.0538 5716 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:35:48.0553 5716 MRxDAV - ok
23:35:48.0584 5716 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:35:48.0584 5716 mrxsmb - ok
23:35:48.0616 5716 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:35:48.0616 5716 mrxsmb10 - ok
23:35:48.0647 5716 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:35:48.0663 5716 mrxsmb20 - ok
23:35:48.0678 5716 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:35:48.0678 5716 msahci - ok
23:35:48.0694 5716 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:35:48.0694 5716 msdsm - ok
23:35:48.0709 5716 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:35:48.0741 5716 Msfs - ok
23:35:48.0756 5716 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:35:48.0788 5716 mshidkmdf - ok
23:35:48.0788 5716 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:35:48.0803 5716 msisadrv - ok
23:35:48.0819 5716 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:35:48.0834 5716 MSKSSRV - ok
23:35:48.0850 5716 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:35:48.0881 5716 MSPCLOCK - ok
23:35:48.0881 5716 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:35:48.0913 5716 MSPQM - ok
23:35:48.0928 5716 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:35:48.0944 5716 MsRPC - ok
23:35:48.0959 5716 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:35:48.0959 5716 mssmbios - ok
23:35:48.0975 5716 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:35:48.0991 5716 MSTEE - ok
23:35:49.0006 5716 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:35:49.0022 5716 MTConfig - ok
23:35:49.0022 5716 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:35:49.0038 5716 Mup - ok
23:35:49.0053 5716 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:35:49.0069 5716 NativeWifiP - ok
23:35:49.0100 5716 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:35:49.0116 5716 NDIS - ok
23:35:49.0131 5716 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:35:49.0147 5716 NdisCap - ok
23:35:49.0163 5716 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:35:49.0194 5716 NdisTapi - ok
23:35:49.0194 5716 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:35:49.0225 5716 Ndisuio - ok
23:35:49.0241 5716 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:35:49.0256 5716 NdisWan - ok
23:35:49.0272 5716 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:35:49.0303 5716 NDProxy - ok
23:35:49.0303 5716 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:35:49.0334 5716 NetBIOS - ok
23:35:49.0350 5716 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:35:49.0366 5716 NetBT - ok
23:35:49.0381 5716 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:35:49.0397 5716 nfrd960 - ok
23:35:49.0413 5716 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:35:49.0413 5716 NisDrv - ok
23:35:49.0428 5716 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:35:49.0459 5716 Npfs - ok
23:35:49.0459 5716 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:35:49.0491 5716 nsiproxy - ok
23:35:49.0538 5716 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:35:49.0584 5716 Ntfs - ok
23:35:49.0584 5716 ntk_PowerDVD (7420b2e1f65642129b6e23bd42f752aa) C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys
23:35:49.0600 5716 ntk_PowerDVD - ok
23:35:49.0616 5716 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:35:49.0647 5716 Null - ok
23:35:49.0647 5716 nusb3hub (c25cc69829e976c67b34152334eeddd1) C:\Windows\system32\DRIVERS\nusb3hub.sys
23:35:49.0663 5716 nusb3hub - ok
23:35:49.0678 5716 nusb3xhc (20bc4b57a6dba0447adb3b623c200f8e) C:\Windows\system32\DRIVERS\nusb3xhc.sys
23:35:49.0678 5716 nusb3xhc - ok
23:35:49.0694 5716 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:35:49.0694 5716 nvraid - ok
23:35:49.0709 5716 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:35:49.0725 5716 nvstor - ok
23:35:49.0725 5716 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:35:49.0741 5716 nv_agp - ok
23:35:49.0756 5716 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:35:49.0756 5716 ohci1394 - ok
23:35:49.0788 5716 P17 (634347adebc790b8f07654a3ea8034fd) C:\Windows\system32\drivers\P17.sys
23:35:49.0803 5716 P17 - ok
23:35:49.0819 5716 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:35:49.0819 5716 Parport - ok
23:35:49.0834 5716 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
23:35:49.0850 5716 partmgr - ok
23:35:49.0866 5716 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:35:49.0881 5716 pci - ok
23:35:49.0897 5716 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:35:49.0913 5716 pciide - ok
23:35:49.0928 5716 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:35:49.0944 5716 pcmcia - ok
23:35:49.0959 5716 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:35:49.0975 5716 pcw - ok
23:35:50.0006 5716 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:35:50.0038 5716 PEAUTH - ok
23:35:50.0069 5716 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:35:50.0100 5716 PptpMiniport - ok
23:35:50.0100 5716 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:35:50.0116 5716 Processor - ok
23:35:50.0131 5716 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:35:50.0147 5716 Psched - ok
23:35:50.0178 5716 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:35:50.0209 5716 ql2300 - ok
23:35:50.0225 5716 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:35:50.0225 5716 ql40xx - ok
23:35:50.0241 5716 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:35:50.0256 5716 QWAVEdrv - ok
23:35:50.0272 5716 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:35:50.0303 5716 RasAcd - ok
23:35:50.0319 5716 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:35:50.0334 5716 RasAgileVpn - ok
23:35:50.0350 5716 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:35:50.0381 5716 Rasl2tp - ok
23:35:50.0397 5716 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:35:50.0413 5716 RasPppoe - ok
23:35:50.0428 5716 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:35:50.0459 5716 RasSstp - ok
23:35:50.0475 5716 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:35:50.0491 5716 rdbss - ok
23:35:50.0506 5716 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:35:50.0522 5716 rdpbus - ok
23:35:50.0538 5716 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:35:50.0569 5716 RDPCDD - ok
23:35:50.0584 5716 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
23:35:50.0600 5716 RDPDR - ok
23:35:50.0616 5716 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:35:50.0631 5716 RDPENCDD - ok
23:35:50.0647 5716 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:35:50.0678 5716 RDPREFMP - ok
23:35:50.0694 5716 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
23:35:50.0709 5716 RDPWD - ok
23:35:50.0725 5716 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:35:50.0741 5716 rdyboost - ok
23:35:50.0756 5716 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
23:35:50.0772 5716 RFCOMM - ok
23:35:50.0788 5716 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:35:50.0803 5716 rspndr - ok
23:35:50.0834 5716 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
23:35:50.0834 5716 RTL8167 - ok
23:35:50.0850 5716 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
23:35:50.0850 5716 s3cap - ok
23:35:50.0881 5716 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:35:50.0897 5716 sbp2port - ok
23:35:50.0913 5716 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:35:50.0928 5716 scfilter - ok
23:35:50.0944 5716 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:35:50.0975 5716 secdrv - ok
23:35:50.0991 5716 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:35:51.0006 5716 Serenum - ok
23:35:51.0006 5716 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:35:51.0022 5716 Serial - ok
23:35:51.0022 5716 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:35:51.0038 5716 sermouse - ok
23:35:51.0053 5716 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:35:51.0069 5716 sffdisk - ok
23:35:51.0069 5716 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:35:51.0084 5716 sffp_mmc - ok
23:35:51.0100 5716 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:35:51.0100 5716 sffp_sd - ok
23:35:51.0131 5716 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:35:51.0131 5716 sfloppy - ok
23:35:51.0147 5716 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:35:51.0163 5716 SiSRaid2 - ok
23:35:51.0178 5716 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:35:51.0178 5716 SiSRaid4 - ok
23:35:51.0194 5716 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:35:51.0225 5716 Smb - ok
23:35:51.0241 5716 snapman (446eb38ce4a6d040f548b2f547ca96ff) C:\Windows\system32\DRIVERS\snapman.sys
23:35:51.0241 5716 snapman - ok
23:35:51.0256 5716 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:35:51.0272 5716 spldr - ok
23:35:51.0288 5716 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:35:51.0288 5716 srv - ok
23:35:51.0303 5716 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:35:51.0319 5716 srv2 - ok
23:35:51.0334 5716 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:35:51.0350 5716 srvnet - ok
23:35:51.0350 5716 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
23:35:51.0366 5716 SSPORT - ok
23:35:51.0366 5716 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:35:51.0381 5716 stexstor - ok
23:35:51.0397 5716 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
23:35:51.0397 5716 storflt - ok
23:35:51.0413 5716 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
23:35:51.0413 5716 storvsc - ok
23:35:51.0428 5716 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:35:51.0428 5716 swenum - ok
23:35:51.0459 5716 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
23:35:51.0491 5716 Tcpip - ok
23:35:51.0522 5716 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
23:35:51.0553 5716 TCPIP6 - ok
23:35:51.0569 5716 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:35:51.0600 5716 tcpipreg - ok
23:35:51.0616 5716 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:35:51.0631 5716 TDPIPE - ok
23:35:51.0678 5716 tdrpman255 (5a1ce027712f76ad4c485e803db7d08c) C:\Windows\system32\DRIVERS\tdrpm255.sys
23:35:51.0709 5716 tdrpman255 - ok
23:35:51.0725 5716 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
23:35:51.0756 5716 TDTCP - ok
23:35:51.0772 5716 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:35:51.0803 5716 tdx - ok
23:35:51.0819 5716 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:35:51.0819 5716 TermDD - ok
23:35:51.0850 5716 timounter (f7546ead58cc3000ac02cf9529b9934e) C:\Windows\system32\DRIVERS\timntr.sys
23:35:51.0866 5716 timounter - ok
23:35:51.0881 5716 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:35:51.0913 5716 tssecsrv - ok
23:35:51.0913 5716 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:35:51.0928 5716 TsUsbFlt - ok
23:35:51.0944 5716 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:35:51.0959 5716 tunnel - ok
23:35:51.0975 5716 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:35:51.0991 5716 uagp35 - ok
23:35:51.0991 5716 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:35:52.0022 5716 udfs - ok
23:35:52.0038 5716 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:35:52.0038 5716 uliagpkx - ok
23:35:52.0053 5716 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
23:35:52.0069 5716 umbus - ok
23:35:52.0069 5716 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:35:52.0084 5716 UmPass - ok
23:35:52.0100 5716 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
23:35:52.0100 5716 USBAAPL64 - ok
23:35:52.0116 5716 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:35:52.0131 5716 usbccgp - ok
23:35:52.0131 5716 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:35:52.0147 5716 usbcir - ok
23:35:52.0163 5716 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
23:35:52.0178 5716 usbehci - ok
23:35:52.0194 5716 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:35:52.0194 5716 usbhub - ok
23:35:52.0209 5716 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
23:35:52.0225 5716 usbohci - ok
23:35:52.0241 5716 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:35:52.0256 5716 usbprint - ok
23:35:52.0272 5716 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:35:52.0288 5716 usbscan - ok
23:35:52.0288 5716 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:35:52.0303 5716 USBSTOR - ok
23:35:52.0319 5716 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
23:35:52.0319 5716 usbuhci - ok
23:35:52.0334 5716 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:35:52.0350 5716 vdrvroot - ok
23:35:52.0366 5716 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:35:52.0381 5716 vga - ok
23:35:52.0397 5716 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:35:52.0428 5716 VgaSave - ok
23:35:52.0428 5716 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:35:52.0444 5716 vhdmp - ok
23:35:52.0459 5716 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:35:52.0459 5716 viaide - ok
23:35:52.0491 5716 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
23:35:52.0506 5716 vmbus - ok
23:35:52.0522 5716 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
23:35:52.0569 5716 VMBusHID - ok
23:35:52.0584 5716 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:35:52.0600 5716 volmgr - ok
23:35:52.0616 5716 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:35:52.0616 5716 volmgrx - ok
23:35:52.0631 5716 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:35:52.0647 5716 volsnap - ok
23:35:52.0663 5716 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
23:35:52.0663 5716 vpcbus - ok
23:35:52.0678 5716 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
23:35:52.0694 5716 vpcnfltr - ok
23:35:52.0709 5716 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
23:35:52.0709 5716 vpcusb - ok
23:35:52.0725 5716 vpcuxd (63f4e10873beb4124028c6d1a66b0968) C:\Windows\system32\DRIVERS\vpcuxd.sys
23:35:52.0741 5716 vpcuxd - ok
23:35:52.0756 5716 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
23:35:52.0772 5716 vpcvmm - ok
23:35:52.0788 5716 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:35:52.0788 5716 vsmraid - ok
23:35:52.0803 5716 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
23:35:52.0819 5716 vwifibus - ok
23:35:52.0834 5716 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:35:52.0834 5716 WacomPen - ok
23:35:52.0850 5716 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:35:52.0881 5716 WANARP - ok
23:35:52.0881 5716 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:35:52.0897 5716 Wanarpv6 - ok
23:35:52.0928 5716 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:35:52.0928 5716 Wd - ok
23:35:52.0944 5716 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
23:35:52.0944 5716 WDC_SAM - ok
23:35:52.0959 5716 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:35:52.0975 5716 Wdf01000 - ok
23:35:53.0006 5716 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:35:53.0022 5716 WfpLwf - ok
23:35:53.0038 5716 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:35:53.0038 5716 WIMMount - ok
23:35:53.0069 5716 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
23:35:53.0084 5716 WinUsb - ok
23:35:53.0084 5716 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
23:35:53.0100 5716 WmiAcpi - ok
23:35:53.0116 5716 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:35:53.0147 5716 ws2ifsl - ok
23:35:53.0163 5716 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:35:53.0194 5716 WudfPf - ok
23:35:53.0194 5716 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:35:53.0225 5716 WUDFRd - ok
23:35:53.0241 5716 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (1870a74ee2901ca09ffbfe79a5ee0e94) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
23:35:53.0241 5716 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
23:35:53.0350 5716 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:35:53.0850 5716 \Device\Harddisk0\DR0 - ok
23:35:53.0850 5716 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
23:35:53.0866 5716 \Device\Harddisk1\DR1 - ok
23:35:53.0866 5716 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
23:35:53.0897 5716 \Device\Harddisk2\DR2 - ok
23:35:53.0897 5716 Boot (0x1200) (f69857d7f3642abf55f6fd184713e3df) \Device\Harddisk0\DR0\Partition0
23:35:53.0897 5716 \Device\Harddisk0\DR0\Partition0 - ok
23:35:53.0897 5716 Boot (0x1200) (680a4bb76e237684b92ae6593dc546e0) \Device\Harddisk0\DR0\Partition1
23:35:53.0897 5716 \Device\Harddisk0\DR0\Partition1 - ok
23:35:53.0897 5716 Boot (0x1200) (66c67a03c135113bdf3016fa97c7d11c) \Device\Harddisk0\DR0\Partition2
23:35:53.0897 5716 \Device\Harddisk0\DR0\Partition2 - ok
23:35:53.0897 5716 Boot (0x1200) (34b720c963a42fa1e50e36df239d8bdd) \Device\Harddisk1\DR1\Partition0
23:35:53.0897 5716 \Device\Harddisk1\DR1\Partition0 - ok
23:35:53.0897 5716 Boot (0x1200) (738560f7b9ff8f74bb2e827fb2b1702d) \Device\Harddisk2\DR2\Partition0
23:35:53.0897 5716 \Device\Harddisk2\DR2\Partition0 - ok
23:35:53.0897 5716 ============================================================
23:35:53.0897 5716 Scan finished
23:35:53.0897 5716 ============================================================
23:35:54.0413 3644 Deinitialize success
==============================================
System Restore Point Check:
TDSSKiller Starter Restore Point Created Succesfully
==============================================
Older logs
==============================================
C:\TDSSStarter\Report_04-03-2012_2319_.log
==============================================
EOF
ComboFix 12-03-04.01 - Nico 04-03-2012 23:29:44.2.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.6135.4390 [GMT 1:00]
Gestart vanuit: c:\users\Nico\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-02-04 to 2012-03-04 ))))))))))))))))))))))))))))))
.
.
2012-03-04 22:32 . 2012-03-04 22:32 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-03-04 22:19 . 2012-03-04 22:19 ——– d—–w- C:\TDSSStarter
2012-03-04 14:36 . 2012-03-04 14:36 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-04 14:36 . 2011-12-10 14:24 23152 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-03-04 09:26 . 2012-03-04 09:26 388096 —-a-r- c:\users\Nico\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-03-04 09:26 . 2012-03-04 09:26 ——– d—–w- c:\program files (x86)\Trend Micro
2012-03-04 09:24 . 2012-03-04 09:24 484664 —-a-w- c:\program files\hijackthis-s32-downloader.exe
2012-03-04 08:58 . 2012-03-04 08:58 ——– d—–w- c:\program files (x86)\Common Files\Innovative Solutions
2012-03-04 08:58 . 2009-11-05 15:36 47984 —-a-w- c:\windows\SysWow64\AdvUninstCPL.cpl
2012-03-04 08:57 . 2012-03-04 08:58 ——– d—–w- c:\programdata\Innovative Solutions
2012-03-04 08:41 . 2012-03-04 08:41 ——– d—–w- c:\programdata\PC Tools
2012-03-04 08:41 . 2012-03-04 08:41 ——– d—–w- c:\users\Nico\AppData\Roaming\TestApp
2012-03-04 08:20 . 2012-03-04 08:20 ——– d—–w- c:\programdata\Binarysense
2012-03-04 08:18 . 2012-03-04 08:18 ——– d—–w- c:\program files (x86)\BinarySense
2012-03-04 08:07 . 2012-02-08 07:13 8643640 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB4B815E-872A-4D17-A182-3BF4DB650E45}\mpengine.dll
2012-02-26 15:22 . 2009-12-07 18:53 117504 —-a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-02-26 15:22 . 2009-12-07 18:36 246224 —-a-w- c:\windows\system32\drivers\ewusbnet.sys
2012-02-26 15:22 . 2009-10-12 14:23 114304 —-a-w- c:\windows\system32\drivers\ewusbdev.sys
2012-02-26 15:22 . 2007-08-09 03:10 29696 —-a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-02-26 15:22 . 2012-02-26 15:23 ——– d—–w- c:\program files (x86)\Mobile Partner
2012-02-26 15:11 . 2012-02-26 15:11 ——– d—–w- c:\program files (x86)\Xirrus
2012-02-26 07:18 . 2012-02-26 07:18 ——– d—–w- c:\users\Nico\AppData\Local\MetaGeek,_LLC
2012-02-25 21:33 . 2012-02-25 21:33 ——– d—–w- c:\program files (x86)\MetaGeek
2012-02-24 21:55 . 2010-05-26 10:41 470880 —-a-w- c:\windows\SysWow64\d3dx10_43.dll
2012-02-24 21:55 . 2010-05-26 10:41 248672 —-a-w- c:\windows\SysWow64\d3dx11_43.dll
2012-02-24 21:55 . 2010-05-26 10:41 2106216 —-a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2012-02-24 21:55 . 2010-05-26 10:41 1998168 —-a-w- c:\windows\SysWow64\D3DX9_43.dll
2012-02-24 21:55 . 2010-05-26 10:41 1868128 —-a-w- c:\windows\SysWow64\d3dcsx_43.dll
2012-02-24 21:55 . 2009-09-04 16:29 1974616 —-a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2012-02-24 21:55 . 2009-09-04 16:29 1892184 —-a-w- c:\windows\SysWow64\D3DX9_42.dll
2012-02-24 21:55 . 2008-10-15 05:22 4379984 —-a-w- c:\windows\SysWow64\D3DX9_40.dll
2012-02-24 21:55 . 2007-07-19 17:14 3727720 —-a-w- c:\windows\SysWow64\d3dx9_35.dll
2012-02-24 21:55 . 2007-05-16 15:45 3497832 —-a-w- c:\windows\SysWow64\d3dx9_34.dll
2012-02-20 19:56 . 2012-02-20 19:56 ——– d—–w- c:\users\Nico\AppData\Roaming\CyberLink
2012-02-20 19:55 . 2012-02-20 19:55 ——– d—–w- c:\programdata\PDVD
2012-02-20 19:54 . 2012-02-20 19:57 ——– d—–w- c:\programdata\CyberLink
2012-02-20 19:54 . 2012-02-20 19:54 ——– d—–w- c:\users\Nico\AppData\Local\MediaServer
2012-02-20 19:54 . 2012-02-20 19:54 ——– d—–w- c:\program files (x86)\CyberLink
2012-02-20 19:53 . 2012-02-20 19:54 ——– d—–w- c:\programdata\install_clap
2012-02-19 20:50 . 2012-02-19 20:54 ——– d—–w- c:\users\Nico\AppData\Roaming\TeamViewer
2012-02-19 07:21 . 2012-02-19 07:21 ——– d—–w- c:\users\Nico\AppData\Roaming\Downloaded Installations
2012-02-15 21:04 . 2012-02-15 21:04 ——– d—–w- c:\programdata\4Videosoft Studio
2012-02-15 21:03 . 2012-02-15 21:03 ——– d—–w- c:\program files (x86)\4Videosoft Studio
2012-02-15 20:58 . 2012-02-15 20:58 ——– d—–w- c:\users\Nico\AppData\Roaming\WinAVI
2012-02-15 20:58 . 2012-02-15 20:58 ——– d—–w- c:\users\Nico\AppData\Local\WinAVI
2012-02-15 20:58 . 2012-02-15 21:08 ——– d—–w- c:\program files (x86)\WinAVI
2012-02-15 20:43 . 2012-02-15 20:43 ——– d—–w- c:\programdata\Nero
2012-02-15 20:43 . 2012-02-15 20:43 ——– d—–w- c:\program files (x86)\Nero
2012-02-15 20:43 . 2012-02-15 20:43 ——– d—–w- c:\program files (x86)\Common Files\Ahead
2012-02-15 07:01 . 2012-01-04 10:44 509952 —-a-w- c:\windows\system32\ntshrui.dll
2012-02-15 07:01 . 2012-01-04 08:58 442880 —-a-w- c:\windows\SysWow64\ntshrui.dll
2012-02-15 07:01 . 2011-12-30 06:26 515584 —-a-w- c:\windows\system32\timedate.cpl
2012-02-15 07:01 . 2011-12-30 05:27 478720 —-a-w- c:\windows\SysWow64\timedate.cpl
2012-02-15 07:01 . 2012-01-14 04:06 3145728 —-a-w- c:\windows\system32\win32k.sys
2012-02-15 07:01 . 2011-12-28 03:59 498688 —-a-w- c:\windows\system32\drivers\afd.sys
2012-02-15 07:01 . 2011-12-16 08:46 634880 —-a-w- c:\windows\system32\msvcrt.dll
2012-02-15 07:01 . 2011-12-16 07:52 690688 —-a-w- c:\windows\SysWow64\msvcrt.dll
2012-02-14 16:23 . 2012-02-14 16:23 ——– d—–w- C:\Need4Video files
2012-02-14 16:20 . 2012-02-14 16:20 ——– d—–w- c:\program files (x86)\Need4 Video Converter 9
2012-02-14 15:50 . 2012-02-14 15:50 ——– d—–w- c:\users\Nico\AppData\Local\Western Digital
2012-02-14 11:36 . 2012-02-14 11:36 ——– d—–w- c:\users\Nico\AppData\Roaming\AVS4YOU
2012-02-14 11:32 . 2012-02-14 11:37 ——– d—–w- c:\program files (x86)\Common Files\AVSMedia
2012-02-14 11:32 . 2012-02-14 11:37 ——– d—–w- c:\program files (x86)\AVS4YOU
2012-02-14 11:32 . 2012-02-14 11:36 ——– d—–w- c:\programdata\AVS4YOU
2012-02-14 11:32 . 2011-08-22 15:33 1700352 —-a-w- c:\windows\SysWow64\GdiPlus.dll
2012-02-14 11:32 . 2011-08-22 15:32 24576 —-a-w- c:\windows\SysWow64\msxml3a.dll
2012-02-14 11:20 . 2012-02-14 11:22 ——– d—–w- c:\users\Nico\AppData\Local\Ahead
2012-02-14 11:19 . 2012-02-15 21:22 ——– d—–w- c:\users\Nico\AppData\Roaming\Ahead
2012-02-14 11:19 . 2012-02-14 11:19 ——– d—–w- c:\programdata\Ahead
2012-02-11 10:50 . 2012-02-11 10:50 927800 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0D14A808-BD25-41E3-94DF-A603DD648E24}\gapaengine.dll
2012-02-11 10:50 . 2011-12-31 17:55 917840 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-02-09 19:37 . 2012-02-09 19:54 ——– d—–w- c:\programdata\Spybot - Search & Destroy
2012-02-09 19:37 . 2012-02-09 19:38 ——– d—–w- c:\program files (x86)\Spybot - Search & Destroy
2012-02-09 11:10 . 2012-02-09 11:11 ——– d—–w- c:\users\Nico\AppData\Roaming\tiger-k
2012-02-09 11:10 . 2012-02-09 11:10 ——– d—–w- c:\users\Nico\AppData\Roaming\Leawo
2012-02-09 11:08 . 2011-03-02 10:43 175616 —-a-w- c:\windows\SysWow64\unrar.dll
2012-02-09 11:08 . 2012-02-09 11:08 ——– d—–w- c:\program files (x86)\K-Lite Codec Pack
2012-02-09 11:08 . 2008-10-28 09:10 139264 —-a-w- c:\windows\SysWow64\xvid.ax
2012-02-09 11:08 . 2008-10-08 08:45 606208 —-a-w- c:\windows\SysWow64\xvidcore.dll
2012-02-09 08:41 . 2012-02-09 08:41 ——– d—–w- c:\program files (x86)\Productivity_3.1
2012-02-05 18:59 . 2012-02-05 18:59 ——– d—–w- c:\programdata\InstallShield
2012-02-05 18:59 . 2012-02-05 18:59 ——– d—–w- c:\program files (x86)\Common Files\InstallShield Shared
2012-02-04 11:42 . 2012-02-04 11:42 ——– d—–w- c:\program files (x86)\Alex
2012-02-04 11:35 . 2012-02-04 11:35 ——– d—–w- c:\windows\system32\appmgmt
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-29 06:36 . 2011-12-31 19:09 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-08 07:13 . 2012-01-01 14:25 8643640 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-01-31 12:44 . 2011-12-31 16:50 279656 ——w- c:\windows\system32\MpSigStub.exe
2012-01-02 07:56 . 2012-01-02 07:56 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
2012-01-01 15:36 . 2011-12-31 17:53 18960 —-a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-01-01 15:20 . 2012-01-01 15:20 48648 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-01-01 15:20 . 2012-01-01 15:20 882512 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-01 09:37 . 2012-01-01 09:37 250464 —-a-w- c:\windows\system32\drivers\afcdp.sys
2012-01-01 09:37 . 2012-01-01 09:37 1477152 —-a-w- c:\windows\system32\drivers\tdrpm255.sys
2012-01-01 09:37 . 2012-01-01 09:37 929312 —-a-w- c:\windows\system32\drivers\timntr.sys
2012-01-01 09:37 . 2012-01-01 09:37 254496 —-a-w- c:\windows\system32\drivers\snapman.sys
2011-12-31 18:13 . 2009-07-14 02:36 175616 —-a-w- c:\windows\system32\msclmd.dll
2011-12-31 18:13 . 2009-07-14 02:36 152576 —-a-w- c:\windows\SysWow64\msclmd.dll
2011-12-31 17:54 . 2011-12-31 17:54 53248 —-a-r- c:\users\Nico\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-12-31 16:39 . 2011-12-31 16:39 91648 —-a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-12-31 16:39 . 2011-12-31 16:39 89088 —-a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-12-31 16:39 . 2011-12-31 16:39 86528 —-a-w- c:\windows\SysWow64\iesysprep.dll
2011-12-31 16:39 . 2011-12-31 16:39 85504 —-a-w- c:\windows\system32\iesetup.dll
2011-12-31 16:39 . 2011-12-31 16:39 76800 —-a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-12-31 16:39 . 2011-12-31 16:39 76800 —-a-w- c:\windows\system32\tdc.ocx
2011-12-31 16:39 . 2011-12-31 16:39 74752 —-a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-12-31 16:39 . 2011-12-31 16:39 74752 —-a-w- c:\windows\SysWow64\iesetup.dll
2011-12-31 16:39 . 2011-12-31 16:39 63488 —-a-w- c:\windows\SysWow64\tdc.ocx
2011-12-31 16:39 . 2011-12-31 16:39 603648 —-a-w- c:\windows\system32\vbscript.dll
2011-12-31 16:39 . 2011-12-31 16:39 49664 —-a-w- c:\windows\system32\imgutil.dll
2011-12-31 16:39 . 2011-12-31 16:39 48640 —-a-w- c:\windows\SysWow64\mshtmler.dll
2011-12-31 16:39 . 2011-12-31 16:39 48640 —-a-w- c:\windows\system32\mshtmler.dll
2011-12-31 16:39 . 2011-12-31 16:39 448512 —-a-w- c:\windows\system32\html.iec
2011-12-31 16:39 . 2011-12-31 16:39 420864 —-a-w- c:\windows\SysWow64\vbscript.dll
2011-12-31 16:39 . 2011-12-31 16:39 367104 —-a-w- c:\windows\SysWow64\html.iec
2011-12-31 16:39 . 2011-12-31 16:39 35840 —-a-w- c:\windows\SysWow64\imgutil.dll
2011-12-31 16:39 . 2011-12-31 16:39 30720 —-a-w- c:\windows\system32\licmgr10.dll
2011-12-31 16:39 . 2011-12-31 16:39 23552 —-a-w- c:\windows\SysWow64\licmgr10.dll
2011-12-31 16:39 . 2011-12-31 16:39 222208 —-a-w- c:\windows\system32\msls31.dll
2011-12-31 16:39 . 2011-12-31 16:39 173056 —-a-w- c:\windows\system32\ieUnatt.exe
2011-12-31 16:39 . 2011-12-31 16:39 165888 —-a-w- c:\windows\system32\iexpress.exe
2011-12-31 16:39 . 2011-12-31 16:39 161792 —-a-w- c:\windows\SysWow64\msls31.dll
2011-12-31 16:39 . 2011-12-31 16:39 160256 —-a-w- c:\windows\system32\wextract.exe
2011-12-31 16:39 . 2011-12-31 16:39 152064 —-a-w- c:\windows\SysWow64\wextract.exe
2011-12-31 16:39 . 2011-12-31 16:39 150528 —-a-w- c:\windows\SysWow64\iexpress.exe
2011-12-31 16:39 . 2011-12-31 16:39 142848 —-a-w- c:\windows\SysWow64\ieUnatt.exe
2011-12-31 16:39 . 2011-12-31 16:39 135168 —-a-w- c:\windows\system32\IEAdvpack.dll
2011-12-31 16:39 . 2011-12-31 16:39 12288 —-a-w- c:\windows\system32\mshta.exe
2011-12-31 16:39 . 2011-12-31 16:39 11776 —-a-w- c:\windows\SysWow64\mshta.exe
2011-12-31 16:39 . 2011-12-31 16:39 114176 —-a-w- c:\windows\system32\admparse.dll
2011-12-31 16:39 . 2011-12-31 16:39 111616 —-a-w- c:\windows\system32\iesysprep.dll
2011-12-31 16:39 . 2011-12-31 16:39 110592 —-a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-12-31 16:39 . 2011-12-31 16:39 101888 —-a-w- c:\windows\SysWow64\admparse.dll
2011-12-31 15:59 . 2011-12-31 15:59 419840 —-a-w- c:\windows\system32\wrap_oal.dll
2011-12-31 15:59 . 2011-12-31 15:59 413696 —-a-w- c:\windows\SysWow64\wrap_oal.dll
2011-12-31 15:59 . 2011-12-31 15:59 133632 —-a-w- c:\windows\system32\OpenAL32.dll
2011-12-31 15:59 . 2011-12-31 15:59 110592 —-a-w- c:\windows\SysWow64\OpenAL32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-11-29 14:26 3908192 —-a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-11-29 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 —-a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 —-a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 —-a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 —-a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-31 39408]
"DriverMax"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-03-02 8557464]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-11-13 5075776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"anysee CNO"="c:\program files (x86)\anysee\Driver\CNO.EXE" [2010-12-08 1273856]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-05-19 234792]
.
c:\users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SABnzbd.lnk - c:\program files (x86)\SABnzbd\SABnzbd.exe [2011-12-9 350208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 136176]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-31 79360]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 136176]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vpcuxd;Stubservice voor USB-virtualisatie;c:\windows\system32\DRIVERS\vpcuxd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
S0 tdrpman255;Acronis Try&Decide and Restore Points filter (build 255);c:\windows\system32\DRIVERS\tdrpm255.sys [x]
S1 AMTBDA_P861F;anysee Capture Service;c:\windows\system32\DRIVERS\anyseeTU.SYS [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/02/20 20:55];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-05-20 14:31 148976]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-01-01 2475952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-05-19 83240]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-05-12 70952]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-05-12 312616]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-05-19 75248]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
— Andere Services/Drivers In Geheugen —
.
*NewlyCreated* - 92553294
*Deregistered* - 92553294
.
Inhoud van de 'Gedeelde Taken' map
.
2012-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 16:06]
.
2012-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 16:06]
.
.
——— x86-64 ———–
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 —-a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HK - Zoek.exe Version 2.0.0.9 Updated 04-March-2012
Tool run by Nico on ma 05-03-2012 at 19:44:16,72.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running from: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5575LC1\zoek.exe
==== Folders Found ======================
2012-03-04 08:41:03 2012-03-04 08:41:03 ——– d—–w- C:\ProgramData\PC Tools
2012-03-04 08:41:03 2012-03-04 08:41:03 ——– d—–w- C:\Users\All Users\PC Tools
==== Files Found ====================== - Er zit een map PCTools in jouw Windows.
Heb je ooit deze beveiligingssoftware gebruikt.
Doe nu ook het volgende: [b:c354a7ee2a]de ESET online scan (Klik).[/b:c354a7ee2a]
[list:c354a7ee2a]
[*:c354a7ee2a]Klik op de knop [b:c354a7ee2a]ESET Online Scanner[/b:c354a7ee2a]
[*:c354a7ee2a]Zet een vinkje bij [b:c354a7ee2a]YES, I accept the Terms of Use[/b:c354a7ee2a]
[*:c354a7ee2a]Klik op [b:c354a7ee2a]Start[/b:c354a7ee2a]
[*:c354a7ee2a]Sta het ActiveX control toe om te installeren.
[*:c354a7ee2a]Zet een vinkje bij de volgende opties:
[list:c354a7ee2a][*:c354a7ee2a][b:c354a7ee2a]Remove found threats[/b:c354a7ee2a]
[*:c354a7ee2a][b:c354a7ee2a]Scan archives[/b:c354a7ee2a][/list:u:c354a7ee2a]
[*:c354a7ee2a]Klik vervolgens op [b:c354a7ee2a] - kan die pctools niet vinden hoor.
en nee die gebruik ik niet, staat waarschijnlijk ergens op een externe schijf.
is in ieder geval niet geinstalleerd voor zover ik kan nagaan., - We gaan dan maar eens zoeken:
[b:2fac3ab996]Welk programma[/b:2fac3ab996]: Zoek.exe
[b:2fac3ab996]Waarvoor/waarom[/b:2fac3ab996]: multifunktioneel tool
[b:2fac3ab996]Moeilijkheidsgraad[/b:2fac3ab996]: geen.
[b:2fac3ab996]Download[/b:2fac3ab996]: [b:2fac3ab996]zoek.exe[/b:2fac3ab996]
[b:2fac3ab996]"Zoek.exe" gebruiken[/b:2fac3ab996]:
[list:2fac3ab996][*:2fac3ab996] [b:2fac3ab996] - ja gevonden, zal ik het maar verwijderen?
staat bij programdata - ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=5aa199a374dafc498c151a7377bece71
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-05 06:47:31
# local_time=2012-03-05 07:47:31 (+0100, West-Europa (standaardtijd))
# country="Netherlands"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 117785 117785 0 0
# compatibility_mode=5893 16776574 100 94 70318 82597237 0 0
# compatibility_mode=8192 67108863 100 0 3794 3794 0 0
# scanned=181772
# found=1
# cleaned=1
# scan_time=5864
F:\Newsleecher Downloads\Advanced Uninstaller PROv1057(2012)-banDulu\Advanced_Uninstaller10.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C - Het begint er inmiddels goed uit te zien.
[b:4561a38ae4]"Zoek.exe van Smeenk" gebruiken[/b:4561a38ae4]:
[list:4561a38ae4][*:4561a38ae4] [b:4561a38ae4] - Zoek.exe Version 2.0.0.9 Updated 04-March-2012
Tool run by Nico on ma 05-03-2012 at 21:17:06,40.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running from: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\388BECAG\zoek.exe
==== Deleting Files \ Folders ======================
"C:\Users\All Users\PC Tools" deleted
"C:\Users\All Users\PC Tools\DownloadManager" deleted
"C:\Users\All Users\PC Tools\DownloadManager\Security" deleted
"C:\Users\All Users\PC Tools\DownloadManager\Security\7.0.0.0" deleted
"C:\Users\All Users\PC Tools\DownloadManager\Security\7.0.0.0\SD" deleted
"C:\Users\All Users\PC Tools\DownloadManager\Security\7.0.0.0\SD\NRM" deleted
"C:\Users\All Users\PC Tools\DownloadManager\Security\7.0.0.0\SD\NRMA" deleted
"C:\Users\All Users\PC Tools\DownloadManager\Security\7.0.0.0\SD\NRM\1" deleted
"C:\Users\All Users\PC Tools\DownloadManager\Security\7.0.0.0\SD\NRMA\17" delete - Hmm PCTools is dus nog niet helemaal verwijdert.
Zorg ervoor dat alle openstaande webbrowservensters gesloten zijn.
Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:d43c7beefb]Kladblok (of Notepad)[/b:d43c7beefb]". .
Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster
[b:d43c7beefb] - ComboFix 12-03-04.01 - Nico 06-03-2012 16:30:31.3.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.6135.4477 [GMT 1:00]
Gestart vanuit: c:\users\Nico\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Nico\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-02-06 to 2012-03-06 ))))))))))))))))))))))))))))))
.
.
2012-03-06 15:33 . 2012-03-06 15:33 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-03-05 20:33 . 2012-02-08 07:13 8643640 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{38F93891-5235-468D-A92A-53D48EF295AE}\mpengine.dll
2012-03-05 18:44 . 2012-03-05 18:44 ——– d—–w- c:\users\Nico\AppData\Roaming\Gena01
2012-03-05 18:11 . 2012-03-05 18:11 ——– d—–w- c:\users\Nico\AppData\Local\CyberLink
2012-03-05 17:06 . 2012-03-05 17:06 ——– d—–w- c:\program files (x86)\ESET
2012-03-04 22:19 . 2012-03-04 22:35 ——– d—–w- C:\TDSSStarter
2012-03-04 14:36 . 2012-03-04 14:36 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-04 14:36 . 2011-12-10 14:24 23152 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-03-04 09:26 . 2012-03-04 09:26 388096 —-a-r- c:\users\Nico\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-03-04 09:26 . 2012-03-04 09:26 ——– d—–w- c:\program files (x86)\Trend Micro
2012-03-04 09:24 . 2012-03-04 09:24 484664 —-a-w- c:\program files\hijackthis-s32-downloader.exe
2012-03-04 08:58 . 2012-03-04 08:58 ——– d—–w- c:\program files (x86)\Common Files\Innovative Solutions
2012-03-04 08:58 . 2009-11-05 15:36 47984 —-a-w- c:\windows\SysWow64\AdvUninstCPL.cpl
2012-03-04 08:57 . 2012-03-04 08:58 ——– d—–w- c:\programdata\Innovative Solutions
2012-03-04 08:41 . 2012-03-04 08:41 ——– d—–w- c:\users\Nico\AppData\Roaming\TestApp
2012-03-04 08:20 . 2012-03-04 08:20 ——– d—–w- c:\programdata\Binarysense
2012-03-04 08:18 . 2012-03-04 08:18 ——– d—–w- c:\program files (x86)\BinarySense
2012-02-26 15:22 . 2009-12-07 18:53 117504 —-a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-02-26 15:22 . 2009-12-07 18:36 246224 —-a-w- c:\windows\system32\drivers\ewusbnet.sys
2012-02-26 15:22 . 2009-10-12 14:23 114304 —-a-w- c:\windows\system32\drivers\ewusbdev.sys
2012-02-26 15:22 . 2007-08-09 03:10 29696 —-a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-02-26 15:22 . 2012-02-26 15:23 ——– d—–w- c:\program files (x86)\Mobile Partner
2012-02-26 15:11 . 2012-02-26 15:11 ——– d—–w- c:\program files (x86)\Xirrus
2012-02-26 07:18 . 2012-02-26 07:18 ——– d—–w- c:\users\Nico\AppData\Local\MetaGeek,_LLC
2012-02-25 21:33 . 2012-02-25 21:33 ——– d—–w- c:\program files (x86)\MetaGeek
2012-02-24 21:55 . 2010-05-26 10:41 470880 —-a-w- c:\windows\SysWow64\d3dx10_43.dll
2012-02-24 21:55 . 2010-05-26 10:41 248672 —-a-w- c:\windows\SysWow64\d3dx11_43.dll
2012-02-24 21:55 . 2010-05-26 10:41 2106216 —-a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2012-02-24 21:55 . 2010-05-26 10:41 1998168 —-a-w- c:\windows\SysWow64\D3DX9_43.dll
2012-02-24 21:55 . 2010-05-26 10:41 1868128 —-a-w- c:\windows\SysWow64\d3dcsx_43.dll
2012-02-24 21:55 . 2009-09-04 16:29 1974616 —-a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2012-02-24 21:55 . 2009-09-04 16:29 1892184 —-a-w- c:\windows\SysWow64\D3DX9_42.dll
2012-02-24 21:55 . 2008-10-15 05:22 4379984 —-a-w- c:\windows\SysWow64\D3DX9_40.dll
2012-02-24 21:55 . 2007-07-19 17:14 3727720 —-a-w- c:\windows\SysWow64\d3dx9_35.dll
2012-02-24 21:55 . 2007-05-16 15:45 3497832 —-a-w- c:\windows\SysWow64\d3dx9_34.dll
2012-02-20 19:56 . 2012-02-20 19:56 ——– d—–w- c:\users\Nico\AppData\Roaming\CyberLink
2012-02-20 19:55 . 2012-02-20 19:55 ——– d—–w- c:\programdata\PDVD
2012-02-20 19:54 . 2012-02-20 19:57 ——– d—–w- c:\programdata\CyberLink
2012-02-20 19:54 . 2012-02-20 19:54 ——– d—–w- c:\users\Nico\AppData\Local\MediaServer
2012-02-20 19:54 . 2012-02-20 19:54 ——– d—–w- c:\program files (x86)\CyberLink
2012-02-20 19:53 . 2012-02-20 19:54 ——– d—–w- c:\programdata\install_clap
2012-02-19 20:50 . 2012-02-19 20:54 ——– d—–w- c:\users\Nico\AppData\Roaming\TeamViewer
2012-02-19 07:21 . 2012-02-19 07:21 ——– d—–w- c:\users\Nico\AppData\Roaming\Downloaded Installations
2012-02-15 21:04 . 2012-02-15 21:04 ——– d—–w- c:\programdata\4Videosoft Studio
2012-02-15 21:03 . 2012-02-15 21:03 ——– d—–w- c:\program files (x86)\4Videosoft Studio
2012-02-15 20:58 . 2012-02-15 20:58 ——– d—–w- c:\users\Nico\AppData\Roaming\WinAVI
2012-02-15 20:58 . 2012-02-15 20:58 ——– d—–w- c:\users\Nico\AppData\Local\WinAVI
2012-02-15 20:58 . 2012-02-15 21:08 ——– d—–w- c:\program files (x86)\WinAVI
2012-02-15 20:43 . 2012-02-15 20:43 ——– d—–w- c:\programdata\Nero
2012-02-15 20:43 . 2012-02-15 20:43 ——– d—–w- c:\program files (x86)\Nero
2012-02-15 20:43 . 2012-02-15 20:43 ——– d—–w- c:\program files (x86)\Common Files\Ahead
2012-02-15 07:01 . 2012-01-04 10:44 509952 —-a-w- c:\windows\system32\ntshrui.dll
2012-02-15 07:01 . 2012-01-04 08:58 442880 —-a-w- c:\windows\SysWow64\ntshrui.dll
2012-02-15 07:01 . 2011-12-30 06:26 515584 —-a-w- c:\windows\system32\timedate.cpl
2012-02-15 07:01 . 2011-12-30 05:27 478720 —-a-w- c:\windows\SysWow64\timedate.cpl
2012-02-15 07:01 . 2012-01-14 04:06 3145728 —-a-w- c:\windows\system32\win32k.sys
2012-02-15 07:01 . 2011-12-28 03:59 498688 —-a-w- c:\windows\system32\drivers\afd.sys
2012-02-15 07:01 . 2011-12-16 08:46 634880 —-a-w- c:\windows\system32\msvcrt.dll
2012-02-15 07:01 . 2011-12-16 07:52 690688 —-a-w- c:\windows\SysWow64\msvcrt.dll
2012-02-14 16:23 . 2012-02-14 16:23 ——– d—–w- C:\Need4Video files
2012-02-14 16:20 . 2012-02-14 16:20 ——– d—–w- c:\program files (x86)\Need4 Video Converter 9
2012-02-14 15:50 . 2012-02-14 15:50 ——– d—–w- c:\users\Nico\AppData\Local\Western Digital
2012-02-14 11:36 . 2012-02-14 11:36 ——– d—–w- c:\users\Nico\AppData\Roaming\AVS4YOU
2012-02-14 11:32 . 2012-02-14 11:37 ——– d—–w- c:\program files (x86)\Common Files\AVSMedia
2012-02-14 11:32 . 2012-02-14 11:37 ——– d—–w- c:\program files (x86)\AVS4YOU
2012-02-14 11:32 . 2012-02-14 11:36 ——– d—–w- c:\programdata\AVS4YOU
2012-02-14 11:32 . 2011-08-22 15:33 1700352 —-a-w- c:\windows\SysWow64\GdiPlus.dll
2012-02-14 11:32 . 2011-08-22 15:32 24576 —-a-w- c:\windows\SysWow64\msxml3a.dll
2012-02-14 11:20 . 2012-02-14 11:22 ——– d—–w- c:\users\Nico\AppData\Local\Ahead
2012-02-14 11:19 . 2012-03-05 19:20 ——– d—–w- c:\users\Nico\AppData\Roaming\Ahead
2012-02-14 11:19 . 2012-02-14 11:19 ——– d—–w- c:\programdata\Ahead
2012-02-11 10:50 . 2012-02-11 10:50 927800 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0D14A808-BD25-41E3-94DF-A603DD648E24}\gapaengine.dll
2012-02-11 10:50 . 2011-12-31 17:55 917840 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-02-09 19:37 . 2012-02-09 19:54 ——– d—–w- c:\programdata\Spybot - Search & Destroy
2012-02-09 19:37 . 2012-02-09 19:38 ——– d—–w- c:\program files (x86)\Spybot - Search & Destroy
2012-02-09 11:10 . 2012-02-09 11:11 ——– d—–w- c:\users\Nico\AppData\Roaming\tiger-k
2012-02-09 11:10 . 2012-02-09 11:10 ——– d—–w- c:\users\Nico\AppData\Roaming\Leawo
2012-02-09 11:08 . 2011-03-02 10:43 175616 —-a-w- c:\windows\SysWow64\unrar.dll
2012-02-09 11:08 . 2012-02-09 11:08 ——– d—–w- c:\program files (x86)\K-Lite Codec Pack
2012-02-09 11:08 . 2008-10-28 09:10 139264 —-a-w- c:\windows\SysWow64\xvid.ax
2012-02-09 11:08 . 2008-10-08 08:45 606208 —-a-w- c:\windows\SysWow64\xvidcore.dll
2012-02-09 08:41 . 2012-02-09 08:41 ——– d—–w- c:\program files (x86)\Productivity_3.1
2012-02-05 18:59 . 2012-02-05 18:59 ——– d—–w- c:\programdata\InstallShield
2012-02-05 18:59 . 2012-02-05 18:59 ——– d—–w- c:\program files (x86)\Common Files\InstallShield Shared
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-29 06:36 . 2011-12-31 19:09 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-08 07:13 . 2012-01-01 14:25 8643640 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-01-31 12:44 . 2011-12-31 16:50 279656 ——w- c:\windows\system32\MpSigStub.exe
2012-01-02 07:56 . 2012-01-02 07:56 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
2012-01-01 15:36 . 2011-12-31 17:53 18960 —-a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-01-01 15:20 . 2012-01-01 15:20 48648 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-01-01 15:20 . 2012-01-01 15:20 882512 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-01 09:37 . 2012-01-01 09:37 250464 —-a-w- c:\windows\system32\drivers\afcdp.sys
2012-01-01 09:37 . 2012-01-01 09:37 1477152 —-a-w- c:\windows\system32\drivers\tdrpm255.sys
2012-01-01 09:37 . 2012-01-01 09:37 929312 —-a-w- c:\windows\system32\drivers\timntr.sys
2012-01-01 09:37 . 2012-01-01 09:37 254496 —-a-w- c:\windows\system32\drivers\snapman.sys
2011-12-31 18:13 . 2009-07-14 02:36 175616 —-a-w- c:\windows\system32\msclmd.dll
2011-12-31 18:13 . 2009-07-14 02:36 152576 —-a-w- c:\windows\SysWow64\msclmd.dll
2011-12-31 17:54 . 2011-12-31 17:54 53248 —-a-r- c:\users\Nico\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-12-31 16:39 . 2011-12-31 16:39 91648 —-a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-12-31 16:39 . 2011-12-31 16:39 89088 —-a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-12-31 16:39 . 2011-12-31 16:39 86528 —-a-w- c:\windows\SysWow64\iesysprep.dll
2011-12-31 16:39 . 2011-12-31 16:39 85504 —-a-w- c:\windows\system32\iesetup.dll
2011-12-31 16:39 . 2011-12-31 16:39 76800 —-a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-12-31 16:39 . 2011-12-31 16:39 76800 —-a-w- c:\windows\system32\tdc.ocx
2011-12-31 16:39 . 2011-12-31 16:39 74752 —-a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-12-31 16:39 . 2011-12-31 16:39 74752 —-a-w- c:\windows\SysWow64\iesetup.dll
2011-12-31 16:39 . 2011-12-31 16:39 63488 —-a-w- c:\windows\SysWow64\tdc.ocx
2011-12-31 16:39 . 2011-12-31 16:39 603648 —-a-w- c:\windows\system32\vbscript.dll
2011-12-31 16:39 . 2011-12-31 16:39 49664 —-a-w- c:\windows\system32\imgutil.dll
2011-12-31 16:39 . 2011-12-31 16:39 48640 —-a-w- c:\windows\SysWow64\mshtmler.dll
2011-12-31 16:39 . 2011-12-31 16:39 48640 —-a-w- c:\windows\system32\mshtmler.dll
2011-12-31 16:39 . 2011-12-31 16:39 448512 —-a-w- c:\windows\system32\html.iec
2011-12-31 16:39 . 2011-12-31 16:39 420864 —-a-w- c:\windows\SysWow64\vbscript.dll
2011-12-31 16:39 . 2011-12-31 16:39 367104 —-a-w- c:\windows\SysWow64\html.iec
2011-12-31 16:39 . 2011-12-31 16:39 35840 —-a-w- c:\windows\SysWow64\imgutil.dll
2011-12-31 16:39 . 2011-12-31 16:39 30720 —-a-w- c:\windows\system32\licmgr10.dll
2011-12-31 16:39 . 2011-12-31 16:39 23552 —-a-w- c:\windows\SysWow64\licmgr10.dll
2011-12-31 16:39 . 2011-12-31 16:39 222208 —-a-w- c:\windows\system32\msls31.dll
2011-12-31 16:39 . 2011-12-31 16:39 173056 —-a-w- c:\windows\system32\ieUnatt.exe
2011-12-31 16:39 . 2011-12-31 16:39 165888 —-a-w- c:\windows\system32\iexpress.exe
2011-12-31 16:39 . 2011-12-31 16:39 161792 —-a-w- c:\windows\SysWow64\msls31.dll
2011-12-31 16:39 . 2011-12-31 16:39 160256 —-a-w- c:\windows\system32\wextract.exe
2011-12-31 16:39 . 2011-12-31 16:39 152064 —-a-w- c:\windows\SysWow64\wextract.exe
2011-12-31 16:39 . 2011-12-31 16:39 150528 —-a-w- c:\windows\SysWow64\iexpress.exe
2011-12-31 16:39 . 2011-12-31 16:39 142848 —-a-w- c:\windows\SysWow64\ieUnatt.exe
2011-12-31 16:39 . 2011-12-31 16:39 135168 —-a-w- c:\windows\system32\IEAdvpack.dll
2011-12-31 16:39 . 2011-12-31 16:39 12288 —-a-w- c:\windows\system32\mshta.exe
2011-12-31 16:39 . 2011-12-31 16:39 11776 —-a-w- c:\windows\SysWow64\mshta.exe
2011-12-31 16:39 . 2011-12-31 16:39 114176 —-a-w- c:\windows\system32\admparse.dll
2011-12-31 16:39 . 2011-12-31 16:39 111616 —-a-w- c:\windows\system32\iesysprep.dll
2011-12-31 16:39 . 2011-12-31 16:39 110592 —-a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-12-31 16:39 . 2011-12-31 16:39 101888 —-a-w- c:\windows\SysWow64\admparse.dll
2011-12-31 15:59 . 2011-12-31 15:59 419840 —-a-w- c:\windows\system32\wrap_oal.dll
2011-12-31 15:59 . 2011-12-31 15:59 413696 —-a-w- c:\windows\SysWow64\wrap_oal.dll
2011-12-31 15:59 . 2011-12-31 15:59 133632 —-a-w- c:\windows\system32\OpenAL32.dll
2011-12-31 15:59 . 2011-12-31 15:59 110592 —-a-w- c:\windows\SysWow64\OpenAL32.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-04_22.27.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-31 16:20 . 2012-03-06 15:04 46158 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-06 15:04 32520 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-12-31 16:00 . 2012-03-04 20:46 5808 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1109764070-618117929-3508857997-1001_UserData.bin
+ 2011-12-31 16:00 . 2012-03-06 15:04 5808 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1109764070-618117929-3508857997-1001_UserData.bin
- 2012-03-04 20:45 . 2012-03-04 20:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-06 15:02 . 2012-03-06 15:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-04 20:45 . 2012-03-04 20:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-06 15:02 . 2012-03-06 15:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 09:16 . 2012-03-06 15:08 708176 c:\windows\system32\perfh013.dat
- 2009-07-14 09:16 . 2012-03-04 20:52 708176 c:\windows\system32\perfh013.dat
+ 2009-07-14 02:36 . 2012-03-06 15:08 621352 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-03-04 20:52 621352 c:\windows\system32\perfh009.dat
+ 2009-07-14 09:16 . 2012-03-06 15:08 136066 c:\windows\system32\perfc013.dat
- 2009-07-14 09:16 . 2012-03-04 20:52 136066 c:\windows\system32\perfc013.dat
+ 2009-07-14 02:36 . 2012-03-06 15:08 108572 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-03-04 20:52 108572 c:\windows\system32\perfc009.dat
+ 2009-07-14 04:46 . 2012-03-05 16:55 107952 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 05:01 . 2012-03-04 20:44 392092 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-03-06 09:11 392092 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-31 17:57 . 2012-03-06 09:11 32119890 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1109764070-618117929-3508857997-1001-12288.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-11-29 14:26 3908192 —-a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-11-29 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 —-a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 —-a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 —-a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 —-a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-31 39408]
"DriverMax"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-03-02 8557464]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-11-13 5075776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"anysee CNO"="c:\program files (x86)\anysee\Driver\CNO.EXE" [2010-12-08 1273856]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-05-19 234792]
.
c:\users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SABnzbd.lnk - c:\program files (x86)\SABnzbd\SABnzbd.exe [2011-12-9 350208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 136176]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-31 79360]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 136176]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vpcuxd;Stubservice voor USB-virtualisatie;c:\windows\system32\DRIVERS\vpcuxd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
S0 tdrpman255;Acronis Try&Decide and Restore Points filter (build 255);c:\windows\system32\DRIVERS\tdrpm255.sys [x]
S1 AMTBDA_P861F;anysee Capture Service;c:\windows\system32\DRIVERS\anyseeTU.SYS [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/02/20 20:55];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-05-20 14:31 148976]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-01-01 2475952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-05-19 83240]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-05-12 70952]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-05-12 312616]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-05-19 75248]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2012-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 16:06]
.
2012-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 16:06]
.
.
——— x86-64 ———–
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 —-a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 —-a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 —-a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 —-a-w- c:\users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"Acronis Scheduler2Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-11-13 357304]
.
——- Bijkomende Scan ——-
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.symbaloo.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Converteren naar Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converteren naar bestaande PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Geselecteerde koppelingen converteren naar Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Geselecteerde koppelingen converteren naar bestaande PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Koppelingsdoel converteren naar Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Koppelingsdoel converteren naar bestaande PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Selectie converteren naar Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Selectie converteren naar bestaande PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 192.168.178.1
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.032"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.abr"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ani"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.arw"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bay"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bmp"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bw"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cr2"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.crw"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cs1"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cur"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcr"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcx"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dib"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djv"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djvu"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dng"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.emf"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.eps"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.erf"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fff"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fpx"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.gif"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.hdr"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icl"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icn"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iff"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ilbm"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.int"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.inta"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iw4"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2c"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2k"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jbr"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jfif"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jif"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jp2"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpc"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpe"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpeg"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpg"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpk"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpx"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.kdc"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.lbm"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mef"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mos"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mrw"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.nef"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.orf"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbm"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbr"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcd"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pct"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcx"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pef"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pgm"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pic"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pict"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pix"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.png"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ppm"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.psd"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.psp"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspbrush"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspimage"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.raf"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ras"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.raw"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgb"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgba"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rle"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rsb"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sgi"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sr2"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.srf"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tga"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.thm"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tif"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tiff"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttc"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttf"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11o"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11p"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11pf"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbm"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbmp"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wmf"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xbm"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xif"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xmp"
.
[HKEY_USERS\S-1-5-21-1109764070-618117929-3508857997-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-03-06 16:34:55
ComboFix-quarantined-files.txt 2012-03-06 15:34
ComboFix2.txt 2012-03-04 22:33
ComboFix3.txt 2012-03-04 22:28
.
Pre-Run: 77.815.324.672 bytes beschikbaar
Post-Run: 78.439.641.088 bytes beschikbaar
.
- - End Of File - - 39891E75B8F1BA6873B258A1EB84CF67 - Hoi, via OTL gaan we de laatste instellingen van AVG verwijderen.
Wat de rest betreft: je hebt AVG keurig verwijdert.
Ik raad je dan ook aan na de OTL-scan AVAST 7 Free te installeren!
Verder vermoed ik dat je vrijveel aan muziek en video's via Sabzind download.
Dit blijkt dus niet zonder gevaar te zijn.
Ik adviseer je een speciale downloadmap aan te maken voor die Sabzind downloads en nadat de downloads er in staan de map cannen met de antivirus en met MBAM.
En zorg er dan voor dat de gevonden en besmette bestanden dan ook echt verwijderd worden!
Want er zijn door die besmettingen meerdere obscure ADSL-streams in het NTSF-bestandssysteemj ontstaan!
Ik hoop dat je mijn advies opvolgd, want via dezelfde weg ligt het vieze kreng ZeroAcces op de loer!
[b:724faf9243]Sluit voordat je OTL de fix laat doen, eerst alle andere openstaande vensters![/b:724faf9243]
Start OTL[list:724faf9243][*:724faf9243]Plak de volgende (vetgedrukte, blauwe tekst) onder - Ga het volgende doen: [b:9913b2176d]de ESET online scan (Klik).[/b:9913b2176d]
[list:9913b2176d]
[*:9913b2176d]Klik op de knop [b:9913b2176d]ESET Online Scanner[/b:9913b2176d]
[*:9913b2176d]Zet een vinkje bij [b:9913b2176d]YES, I accept the Terms of Use[/b:9913b2176d]
[*:9913b2176d]Klik op [b:9913b2176d]Start[/b:9913b2176d]
[*:9913b2176d]Sta het ActiveX control toe om te installeren.
[*:9913b2176d]Zet een vinkje bij de volgende opties:
[list:9913b2176d][*:9913b2176d][b:9913b2176d]Remove found threats[/b:9913b2176d]
[*:9913b2176d][b:9913b2176d]Scan archives[/b:9913b2176d][/list:u:9913b2176d]
[*:9913b2176d]Klik vervolgens op [b:9913b2176d]
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.
