Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

OS Windows

Schokkerig Flash en 100%CPU na opstarten

None
39 antwoorden
  • Beste heren en dames,

    Op de volgende pc (van mijn moeder):

    Amd Sempron 3000+
    1GB RAM
    ASUS K8V SE Deluxe
    Ati Radeon X800
    Windows XP Pro SP3

    Heb ik de volgende 2 problemen die ik maar niet op kan lossen:

    1. Na het opstarten draait de pc ca. 5 min op 100% cpu-gebruik, veroorzaakt door svchost.exe. Ik dacht eerst aan de virusscanner (NOD32), maar na het verwijderen hiervan nog steeds. MBAM geeft geen nieuws.

    2. Al geruime tijd zijn flash filmpjes op verschillende websites verschrikkelijk traag/schokkerig/blokkerig. Ik heb al geexperimenteerd met verschillende versies van Flash en met het aan en uit zetten van hardwareversnelling, zonder resultaat. Zowel in FF als in IE als in Chrome.

    Wie weet raad?
  • Is jouw antivirus gekocht of geaktiveerd met Fix?

    Graag de drie logs in één keer posten.

    [b:108d0cc355]Stap •1•[/b:108d0cc355][/color:108d0cc355]
    [b:108d0cc355]Welk programma[/b:108d0cc355]: [img:108d0cc355]http://www.imgdumper.nl/uploads7/51e27edfbcfc0/51e27edfbcbdc-AdwCleaner_icon_Canned_1349013334.jpg[/img:108d0cc355][b:108d0cc355] AdwCleaner[/b:108d0cc355][/color:108d0cc355]
    [b:108d0cc355]Waarvoor/waarom[/b:108d0cc355]: Scanner om Windows op te schonen en te ontdoen van malafide toolbars.
    [b:108d0cc355]Moeilijkheidsgraad[/b:108d0cc355]: Geen.
    [b:108d0cc355]Downloadlokatie[/b:108d0cc355]: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen!
    [b:108d0cc355]Download[/b:108d0cc355]: [b:108d0cc355]AdwCleaner by Xplode[/b:108d0cc355].

    [b:108d0cc355]Opmerkingen[/b:108d0cc355]:
    [list:108d0cc355]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
    [*:108d0cc355]Dat na opstarten van [b:108d0cc355]AdwCleaner[/b:108d0cc355] de snelkoppelingen verdwijnen van bureaublad, is normaal.[/list:u:108d0cc355]
    [b:108d0cc355]AdwCleaner opstarten[/b:108d0cc355]:
    [list:108d0cc355][*:108d0cc355][b:108d0cc355]Windows 2000[/color:108d0cc355][/b:108d0cc355] en [b:108d0cc355]Windows XP[/b:108d0cc355][/color:108d0cc355]: dubbelklik op adwcleaner.exe.
    [*:108d0cc355][b:108d0cc355]Windows Vista[/b:108d0cc355][/color:108d0cc355], [b:108d0cc355]Windows 7[/b:108d0cc355][/color:108d0cc355] en [b:108d0cc355]Windows 8[/b:108d0cc355][/color:108d0cc355]: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".[/list:u:108d0cc355]
    [b:108d0cc355]AdwCleaner is opgestart[/b:108d0cc355]:
    [list:108d0cc355][*:108d0cc355]Klik op de knop [b:108d0cc355]Verwijderen[/b:108d0cc355]
    [*:108d0cc355]Klik bij [b:108d0cc355]AdwCleaner – Afsluiting van de programma's[/b:108d0cc355] op [b:108d0cc355]OK[/b:108d0cc355]
    [*:108d0cc355]Klik bij [b:108d0cc355]AdwCleaner – Herstarten noodzakelijk[/b:108d0cc355] op [b:108d0cc355]OK[/b:108d0cc355][/list:u:108d0cc355]
    [b:108d0cc355]AdwCleaner logbestand[/b:108d0cc355]:
    [list:108d0cc355][*:108d0cc355]Nadat de PC opnieuw is opgestart, opent een logfile.
    [*:108d0cc355]Post vervolgens de inhoud van dit log in je volgende bericht.[/list:u:108d0cc355]

    [b:108d0cc355]Stap •2•[/b:108d0cc355][/color:108d0cc355]
    [b:108d0cc355]Welk programma[/b:108d0cc355]: [img:108d0cc355]http://www.imgdumper.nl/uploads7/51e281a62c587/51e281a62c183-Junkware_Removal_Tool_icon_Canned_1351185104.png.jpg[/img:108d0cc355][b:108d0cc355] Junkware Removal Tool by Thisisu[/b:108d0cc355][/color:108d0cc355]
    [b:108d0cc355]Waarvoor/waarom[/b:108d0cc355]: Scanner om Windows o.a. te ontdoen van malafide toolbars.
    [b:108d0cc355]Moeilijkheidsgraad[/b:108d0cc355]: Geen.
    [b:108d0cc355]Downloadlokatie[/b:108d0cc355]: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen!
    [b:108d0cc355]Download[/b:108d0cc355]: [b:108d0cc355]JRT.exe[/b:108d0cc355].
    [b:108d0cc355]Opmerkingen[/b:108d0cc355]:
    [list:108d0cc355][*:108d0cc355]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
    [*:108d0cc355]Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.:
    [*:108d0cc355][b:108d0cc355]Hier[/color:108d0cc355][/b:108d0cc355] en [b:108d0cc355]hier[/color:108d0cc355][/b:108d0cc355] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
    [*:108d0cc355]Dat tijdens de scan van [b:108d0cc355]JRT.exe[/b:108d0cc355] tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.[/list:u:108d0cc355]
    [b:108d0cc355]Junkware Removal Tool by Thisisu opstarten[/b:108d0cc355]:
    [list:108d0cc355][*:108d0cc355][b:108d0cc355]Windows 2000[/color:108d0cc355][/b:108d0cc355] en [b:108d0cc355]Windows XP[/b:108d0cc355][/color:108d0cc355]: dubbelklik op [b:108d0cc355]JRT.exe[/b:108d0cc355].
    [*:108d0cc355][b:108d0cc355]Windows Vista[/b:108d0cc355][/color:108d0cc355], [b:108d0cc355]Windows 7[/b:108d0cc355][/color:108d0cc355] en [b:108d0cc355]Windows 8[/b:108d0cc355][/color:108d0cc355]: via rechtsklik op [b:108d0cc355]JRT.exe[/b:108d0cc355] en kies voor "Als Administrator uitvoeren".
    [*:108d0cc355][b:108d0cc355]JRT.exe[/b:108d0cc355] zal daarna Windows gaan scannen.
    [*:108d0cc355]Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig.
    [*:108d0cc355]Indien de scan voltooid is, zal een logje ([b:108d0cc355]JRT.txt[/b:108d0cc355]) op het bureaublad opgeslagen worden en automatisch openen.
    [*:108d0cc355]Post de inhoud van dit log in je volgende bericht.[/list:u:108d0cc355]

    [b:108d0cc355]Stap •3•[/b:108d0cc355]
    [/color:108d0cc355][b:108d0cc355]Welk programma[/b:108d0cc355]: [img:108d0cc355]http://www.imgdumper.nl/uploads6/51c58e5decb73/51c58e5dea07b-Mbam_resized.png[/img:108d0cc355][b:108d0cc355] Malwarebytes MBAM[/b:108d0cc355][/color:108d0cc355]
    [b:108d0cc355]Waarvoor/waarom[/b:108d0cc355]: gratis specialistische ondemandscanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
    [b:108d0cc355]Moeilijkheidsgraad[/b:108d0cc355]: geen.
    [b:108d0cc355]Download: Malwarebytes MBAM[/b:108d0cc355]

    [b:108d0cc355]Allereerst[/b:108d0cc355]:[list:108d0cc355][*:108d0cc355] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
    [*:108d0cc355] Ook bij herhaald gebruik: eerst [b:108d0cc355]Malwarebytes MBAM[/b:108d0cc355] updaten via de tab 'Update'![/list:u:108d0cc355]
    [b:108d0cc355]Malwarebytes MBAM opstarten[/b:108d0cc355]:
    [list:108d0cc355][*:108d0cc355]Sluit nu eerst alle nog openstaande programmavensters!
    [*:108d0cc355][b:108d0cc355]Windows 2000[/color:108d0cc355][/b:108d0cc355] en [b:108d0cc355]Windows XP[/b:108d0cc355][/color:108d0cc355]: dubbelklik op de MBAM -snelkoppeling.
    [*:108d0cc355][b:108d0cc355]Windows Vista[/b:108d0cc355][/color:108d0cc355], [b:108d0cc355]Windows 7[/b:108d0cc355][/color:108d0cc355] en [b:108d0cc355]Windows 8[/b:108d0cc355][/color:108d0cc355]: rechtsklik op de MBAM-snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:108d0cc355]
    [b:108d0cc355]Let op:[/b:108d0cc355]
    [list:108d0cc355][*:108d0cc355]Malwarebytes MBAM verstrekt nu de volledige versie van MBAM.
    [*:108d0cc355]Bij de eerste start kijg je de mogelijkheid de gratis probeerversie van Malwarebytes AntiMalware tijdelijk te gebruiken.
    [*:108d0cc355]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan voor de gratis versie te gaan en dus het vinkje bij de probeerversie te verwijderen.
    [*:108d0cc355]Zodoende zal Malwarebytes MBAM als gratis versie verder te gebruiken zijn[/list:u:108d0cc355]

    [b:108d0cc355]Doe ook nog het volgende:[/b:108d0cc355]
    [list:108d0cc355][*:108d0cc355]Zodra het programma gestart is, ga dan naar het tabblad "[b:108d0cc355]Instellingen[/b:108d0cc355]".
    [*:108d0cc355]Vink hier aan: "[b:108d0cc355]Sluit Internet Explorer tijdens verwijdering van malware[/b:108d0cc355]".[/list:u:108d0cc355]

    [b:108d0cc355]Scannen[/b:108d0cc355]:
    [list:108d0cc355][*:108d0cc355] Bij het starten [b:108d0cc355]Malwarebytes MBAM[/b:108d0cc355] kies je voor 'Snelle Scan'.
    [*:108d0cc355]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
    [*:108d0cc355]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:108d0cc355]
    [b:108d0cc355]Infecties gevonden[/b:108d0cc355]:
    [list:108d0cc355][*:108d0cc355]Klik nu eerst op OK om de melding weg te klikken
    [*:108d0cc355]Klik vervolgens rechtsonder op de knop Bekijk resultaten.
    [*:108d0cc355]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
    [*:108d0cc355]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    [*:108d0cc355]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
    [*:108d0cc355]Daarna zal [b:108d0cc355]Malwarebytes MBAM[/b:108d0cc355] vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:108d0cc355]
    [b:108d0cc355]MBAM-Log[/b:108d0cc355]:
    [list:108d0cc355][*:108d0cc355] Het log wordt automatisch bewaard door [b:108d0cc355]Malwarebytes MBAM[/b:108d0cc355] en dat kan je terugvinden door in het hoofdmenu van [b:108d0cc355]Malwarebytes MBAM[/b:108d0cc355] op de tab 'Logbestanden' te klikken.[/list:u:108d0cc355]
    Post aansluitend in je volgende bericht de inhoud van het MBAM-log.
  • Thanks voor je reactie! Ik woon niet mijn mn moeder, dus het lukte me niet eerder…

    Adwcleaner:
    [code:1:9bf6478a61]# AdwCleaner v2.306 - Verslag gemaakt op 13/08/2013 om 17:42:33
    # Geactualiseerd op 19/07/2013 door Xplode
    # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
    # Gebruiker :
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Documents and Settings\\Bureaublad\adwcleaner.exe
    # Optie [Verwijderen]


    ***** [Diensten] *****


    ***** [Files / Mappen] *****

    File Verwijderd : C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\searchplugins\Askcom.xml
    Map Verwijderd : C:\Documents and Settings\All Users\Application Data\Ask

    ***** [Register] *****

    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar
    Sleutel Verwijderd : HKLM\Software\TENCENT
    Waarde Verwijderd : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]

    ***** [Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    -\\ Mozilla Firefox v22.0 (nl)

    File : C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\prefs.js

    Verwijderd : user_pref("browser.search.order.1", "Ask.com");

    -\\ Google Chrome v28.0.1500.95

    File : C:\Documents and Settings\\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] De file bevat geen enkele ongeoorloofde invoer.

    *************************

    AdwCleaner[R1].txt - [2008 octets] - [13/08/2013 17:42:11]
    AdwCleaner[S1].txt - [1964 octets] - [13/08/2013 17:42:33]

    ########## EOF - C:\AdwCleaner[S1].txt - [2024 octets] ##########
    [/code:1:9bf6478a61]

    JTR:
    [code:1:9bf6478a61]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 5.4.4 (08.12.2013:1)
    OS: Microsoft Windows XP x86
    Ran by on di 13-08-2013 at 17:47:46,76
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FA2BD296-1BE4-46E3-89A5-2F7B83324C74}



    ~~~ Files



    ~~~ Folders



    ~~~ Chrome

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [Blacklisted Policy]





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on di 13-08-2013 at 17:52:13,40
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    [/code:1:9bf6478a61]

    MBAM:
    [code:1:9bf6478a61]Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Databaseversie: v2013.08.12.02

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    [administrator]

    13-8-2013 17:52:59
    MBAM-log-2013-08-13 (17-59-02).txt

    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 227084
    Verstreken tijd: 5 minuut/minuten, 23 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 2
    HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Slecht: (1) Goed: (0) -> Geen actie ondernomen.
    HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Slecht: (1) Goed: (0) -> Geen actie ondernomen.

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)
    [/code:1:9bf6478a61]

    Edit: na een reboot gecheckt: nog steeds 100% cpu voor een paar minuten…
  • Doe nu dan het volgende:

    [b:c048badec3]Welk programma[/b:c048badec3]: [img:c048badec3]http://www.imgdumper.nl/uploads7/51f8d0367469c/51f8d03670fd5-RogueKiller_icon_Canned_def.jpg[/img:c048badec3][b:c048badec3] RogueKiller[/b:c048badec3][/color:c048badec3]
    [b:c048badec3]Waarvoor/waarom[/b:c048badec3]: gratis specialistische scanner om lopende processen te scannen en om malware processen te kunnen uitschakelen.
    [b:c048badec3]Moeilijkheidsgraad[/b:c048badec3]: geen.
    [b:c048badec3]Download: RogueKiller 32 bit (x86) of RogueKiller 64 bit (x64)[/b:c048badec3]
    [b:c048badec3]RogueKiller opstarten[/b:c048badec3]:
    [list:c048badec3][*:c048badec3]Sluit nu eerst alle nog openstaande programmavensters!
    [*:c048badec3][b:c048badec3]Windows 2000[/color:c048badec3][/b:c048badec3] en [b:c048badec3]Windows XP[/b:c048badec3][/color:c048badec3]: dubbelklik op RogueKiller.exe.
    [*:c048badec3][b:c048badec3]Windows Vista[/b:c048badec3][/color:c048badec3], [b:c048badec3]Windows 7[/b:c048badec3][/color:c048badec3] en [b:c048badec3]Windows 8[/b:c048badec3][/color:c048badec3]: rechtsklik op RogueKiller.exe en dan kiezen voor Als Administrator uitvoeren.[/list:u:c048badec3]
    [b:c048badec3]Scannen[/b:c048badec3]:
    [list:c048badec3][*:c048badec3][b:c048badec3]Sluit voordat RogueKiller gaat scannen, eerst alle andere openstaande vensters![/b:c048badec3]
    [*:c048badec3]Na opstarten begint RogueKiller meteen een pre-scan, dus wacht tot de scan klaar is.
    [*:c048badec3]Let op - activeer de volgende opties in RogueKiller:
    [list:c048badec3]
    [*:c048badec3] MBR Scan
    [*:c048badec3] Check Faked
    [*:c048badec3] Anti-Rootkit[/list:u:c048badec3]
    [*:c048badec3]Klik vervolgens op de knop [b:c048badec3]Scan[/b:c048badec3]
    [*:c048badec3]Wacht tot het einde van de scan.
    [*:c048badec3]Een log wordt aangemaakt en geplaatst op het bureaublad.[/list:u:c048badec3]
    [b:c048badec3]Hoe nu verder[/b:c048badec3]:
    [list:c048badec3][*:c048badec3][b:c048badec3]Doe verder nog niks maar plaats eerst de inhoud van dat log in jouw volgende bericht en sluit RogueKiller.[/color:c048badec3][/b:c048badec3][/list:u:c048badec3]
  • Logje:

    [code:1:2583c74ec1]RogueKiller V8.6.5 [Aug 5 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.adlice.com/forum/
    Website : http://www.adlice.com/softwares
    oguekiller/
    Blog : http://tigzyrk.blogspot.com/

    besturingssysteem : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Gestart vanuit : Normale modus
    Gebruiker : Rikie [Administrator rechten]
    Modus : Scan – Datum : 08/14/2013 14:39:32
    | ARK || FAK || MBR |

    ¤¤¤ Kwaadaardige processen : 0 ¤¤¤

    ¤¤¤ Register verwijzingen : 7 ¤¤¤
    [HJ POL] HKCU\[…]\System : DisableTaskMgr (0) -> gevonden
    [HJ POL] HKCU\[…]\System : DisableRegistryTools (0) -> gevonden
    [HJ SECU] HKLM\[…]\Security Center : AntiVirusDisableNotify (1) -> gevonden
    [HJ SECU] HKLM\[…]\Security Center : UpdatesDisableNotify (1) -> gevonden
    [HJ SMENU] HKCU\[…]\Advanced : Start_ShowRecentDocs (0) -> gevonden
    [HJ SMENU] HKCU\[…]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> gevonden
    [HJ DESK] HKLM\[…]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden

    ¤¤¤ geplande taken : 0 ¤¤¤

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ webbrowsers : 0 ¤¤¤

    ¤¤¤ Speciale Files / Folders: ¤¤¤

    ¤¤¤ Driver : [Geladen] ¤¤¤

    ¤¤¤ Externe Hives: ¤¤¤

    ¤¤¤ Infectie : ¤¤¤

    ¤¤¤ HOSTS Bestand: ¤¤¤
    –> %SystemRoot%\System32\drivers\etc\hosts


    127.0.0.1 localhost


    ¤¤¤ MBR Controle: ¤¤¤

    +++++ PhysicalDrive0: HDS728080PLAT20 +++++
    — User —
    [MBR] c34d3e47d21041e057960e0f97f58f5f
    [BSP] 860f41f9c704aff60a781fa0af1b6f86 : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 78530 Mo
    User = LL1 … OK!
    User = LL2 … OK!

    +++++ PhysicalDrive1: HDS728080PLAT20 +++++
    — User —
    [MBR] cb32521b5d688e4edaa2a44592b92b6a
    [BSP] 6d66002a8d6974c383976245bbe2ae3a : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 122879 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 251658225 | Size: 182362 Mo
    User = LL1 … OK!
    Error reading LL2 MBR!

    Gereed : << RKreport[0]_S_08142013_143932.txt >>




    [/code:1:2583c74ec1]
  • Is de HD - PhysicalDrive1: HDS728080PLAT20 - extern aangesloten?
  • Nee, is een interne dataschijf, PATA geloof ik. Why?

    Edit: I stand corrected. Numero 1 is een SATA schijf van Samsung, 2 partities waarvan 1 Windows en 1 data. Ik raakte in de war door de naam (HDS) omdat de andere een 80Gb PATA Hitachi is (HDS dus)
  • Oké.

    [img:9b525e3e43]http://www.imgdumper.nl/uploads7/51f8d0367469c/51f8d03670fd5-RogueKiller_icon_Canned_def.jpg[/img:9b525e3e43][b:9b525e3e43] RogueKiller opstarten[/b:9b525e3e43]:
    [list:9b525e3e43][*:9b525e3e43]Sluit nu eerst alle nog openstaande programmavensters!
    [*:9b525e3e43][b:9b525e3e43]Windows 2000[/color:9b525e3e43][/b:9b525e3e43] en [b:9b525e3e43]Windows XP[/b:9b525e3e43][/color:9b525e3e43]: dubbelklik op RogueKiller.exe.
    [*:9b525e3e43][b:9b525e3e43]Windows Vista[/b:9b525e3e43][/color:9b525e3e43], [b:9b525e3e43]Windows 7[/b:9b525e3e43][/color:9b525e3e43] en [b:9b525e3e43]Windows 8[/b:9b525e3e43][/color:9b525e3e43]: rechtsklik op RogueKiller.exe en dan kiezen voor Als Administrator uitvoeren.[/list:u:9b525e3e43]
    [b:9b525e3e43]Scannen[/b:9b525e3e43]:
    [list:9b525e3e43][*:9b525e3e43][b:9b525e3e43]Sluit voordat RogueKiller gaat scannen, eerst alle andere openstaande vensters![/b:9b525e3e43]
    [*:9b525e3e43]Na opstarten begint RogueKiller meteen een pre-scan, dus wacht tot de scan klaar is.
    [*:9b525e3e43]Let op - activeer de volgende opties in RogueKiller:
    [list:9b525e3e43]
    [*:9b525e3e43]MBR Scan
    [*:9b525e3e43]Check Faked
    [*:9b525e3e43]Anti-Rootkit[/list:u:9b525e3e43]
    [*:9b525e3e43]Klik vervolgens op de knop [b:9b525e3e43]Scan[/b:9b525e3e43]
    [*:9b525e3e43]Wacht tot het einde van de scan.
    [*:9b525e3e43]Zorg nu ervoor dat bij enkel bij de onderstaand vermelde regels het vinkje blijft staan.
    [code:1:9b525e3e43]¤¤¤ Register verwijzingen : 7 ¤¤¤
    [HJ POL] HKCU\[…]\System : DisableTaskMgr (0) -> gevonden
    [HJ POL] HKCU\[…]\System : DisableRegistryTools (0) -> gevonden
    [HJ SECU] HKLM\[…]\Security Center : AntiVirusDisableNotify (1) -> gevonden
    [HJ SECU] HKLM\[…]\Security Center : UpdatesDisableNotify (1) -> gevonden
    [HJ SMENU] HKCU\[…]\Advanced : Start_ShowRecentDocs (0) -> gevonden
    [HJ SMENU] HKCU\[…]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> gevonden
    [HJ DESK] HKLM\[…]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden [/code:1:9b525e3e43]
    [*:9b525e3e43]Klik vervolgens op de knop [b:9b525e3e43]Verwijderen[/b:9b525e3e43] teneinde RogueKiller reparaties en verwijderingen te laten uitvoeren.
    [*:9b525e3e43]Er zal op het bureaublad een nieuw log worden aangemaakt - RKreport (Mode: Delete) - post hiervan de inhoud in jouw volgende bericht.
    [*:9b525e3e43][b:9b525e3e43]Belangrijk[/color:9b525e3e43][/b:9b525e3e43]: omdat het Windows register bewerkt is, nu de PC eerst opnieuw opstarten.[/list:u:9b525e3e43]
  • Done, geen verschil.
    Logje:

    [code:1:cd675ea10c]RogueKiller V8.6.5 [Aug 5 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.adlice.com/forum/
    Website : http://www.adlice.com/softwares
    oguekiller/
    Blog : http://tigzyrk.blogspot.com/

    besturingssysteem : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Gestart vanuit : Normale modus
    Gebruiker : Rikie [Administrator rechten]
    Modus : Verwijder – Datum : 08/15/2013 10:50:48
    | ARK || FAK || MBR |

    ¤¤¤ Kwaadaardige processen : 0 ¤¤¤

    ¤¤¤ Register verwijzingen : 7 ¤¤¤
    [HJ POL] HKCU\[…]\System : DisableTaskMgr (0) -> Verwijderd
    [HJ POL] HKCU\[…]\System : DisableRegistryTools (0) -> Verwijderd
    [HJ SECU] HKLM\[…]\Security Center : AntiVirusDisableNotify (1) -> VERVANGEN (0)
    [HJ SECU] HKLM\[…]\Security Center : UpdatesDisableNotify (1) -> VERVANGEN (0)
    [HJ SMENU] HKCU\[…]\Advanced : Start_ShowRecentDocs (0) -> VERVANGEN (1)
    [HJ SMENU] HKCU\[…]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> VERVANGEN (1)
    [HJ DESK] HKLM\[…]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> VERVANGEN (0)

    ¤¤¤ geplande taken : 0 ¤¤¤

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ webbrowsers : 0 ¤¤¤

    ¤¤¤ Speciale Files / Folders: ¤¤¤

    ¤¤¤ Driver : [Geladen] ¤¤¤

    ¤¤¤ Externe Hives: ¤¤¤

    ¤¤¤ Infectie : ¤¤¤

    ¤¤¤ HOSTS Bestand: ¤¤¤
    –> %SystemRoot%\System32\drivers\etc\hosts


    127.0.0.1 localhost


    ¤¤¤ MBR Controle: ¤¤¤

    +++++ PhysicalDrive0: HDS728080PLAT20 +++++
    — User —
    [MBR] c34d3e47d21041e057960e0f97f58f5f
    [BSP] 860f41f9c704aff60a781fa0af1b6f86 : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 78530 Mo
    User = LL1 … OK!
    User = LL2 … OK!

    +++++ PhysicalDrive1: HDS728080PLAT20 +++++
    — User —
    [MBR] cb32521b5d688e4edaa2a44592b92b6a
    [BSP] 6d66002a8d6974c383976245bbe2ae3a : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 122879 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 251658225 | Size: 182362 Mo
    User = LL1 … OK!
    Error reading LL2 MBR!

    Gereed : << RKreport[0]_D_08152013_105048.txt >>
    RKreport[0]_S_08142013_143932.txt;RKreport[0]_S_08152013_104731.txt



    [/code:1:cd675ea10c]
  • [b:d176eb3a76]Download[/b:d176eb3a76] [img:d176eb3a76]http://www.imgdumper.nl/uploads7/5207507ebb657/5207507eb6836-SecurityCheck_cannednieuw.jpg[/img:d176eb3a76] [b:d176eb3a76]Security Check[/b:d176eb3a76]
    [b:d176eb3a76]Downloadlokatie[/b:d176eb3a76]: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
    [b:d176eb3a76]TFC opstarten[/b:d176eb3a76]:
    [list:d176eb3a76][*:d176eb3a76][b:d176eb3a76]Windows 2000[/b:d176eb3a76][/color:d176eb3a76] en [b:d176eb3a76]Windows XP[/b:d176eb3a76][/color:d176eb3a76]: dubbelklik op [b:d176eb3a76]TFC.exe[/b:d176eb3a76].
    [*:d176eb3a76][b:d176eb3a76]Windows Vista[/b:d176eb3a76][/color:d176eb3a76], [b:d176eb3a76]Windows 7[/b:d176eb3a76][/color:d176eb3a76] en [b:d176eb3a76]Windows 8[/b:d176eb3a76][/color:d176eb3a76] rechtsklik op [b:d176eb3a76]TFC.exe[/b:d176eb3a76] en kies "Als Administrator uitvoeren".
    [*:d176eb3a76]Let op de instrukties in het zwarte venster.
    [*:d176eb3a76]Een Kladblok document genaamd [b:d176eb3a76]checkup.txt[/b:d176eb3a76] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:d176eb3a76]Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:d176eb3a76]
    Post de inhoud van [b:d176eb3a76]checkup.txt [/b:d176eb3a76]in jouw volgende post.
  • Thanks so far, wederom een logje:

    Results of screen317's Security Check version 0.99.72
    Windows XP Service Pack 3 x86
    Internet Explorer 8
    [b:6c204ed501][u:6c204ed501]``````````````Antivirus/Firewall Check:``````````````[/b:6c204ed501][/u:6c204ed501]
    [size=1:6c204ed501]WMI entry may not exist for antivirus; attempting automatic update.[/size:6c204ed501]
    [b:6c204ed501][u:6c204ed501]`````````Anti-malware/Other Utilities Check:`````````[/b:6c204ed501][/u:6c204ed501]
    Java(TM) 6 Update 26
    Java 7 Update 21
    [b:6c204ed501]Java version out of Date![/b:6c204ed501][/color:6c204ed501]
    Adobe Flash Player 11.8.800.94
    Adobe Reader XI
    Mozilla Firefox 22.0 [b:6c204ed501]Firefox out of Date![/b:6c204ed501][/color:6c204ed501]
    Google Chrome 28.0.1500.95
    [b:6c204ed501][u:6c204ed501]````````Process Check: objlist.exe by Laurent````````[/b:6c204ed501][/u:6c204ed501]
    [b:6c204ed501][u:6c204ed501]`````````````````System Health check`````````````````[/b:6c204ed501][/u:6c204ed501]
    Total Fragmentation on Drive C::
    [b:6c204ed501][u:6c204ed501]````````````````````End of Log``````````````````````[/b:6c204ed501][/u:6c204ed501]
  • Ik heb je antwoord veranderd door de code-tags te verwijderen.
    Niet meer logs in code-tags plaatsen dus, want dan komen ook alle opmaakcoderingen er in te staan en dat maakt lezen ervan verdraaide lastig.

    Doe nu eerst het volgende: verwijder [b:2b25e87679]Java 7 Update 21[/b:2b25e87679].
    Om Windows veilig te houden altijd de laatste en nieuwste versie van Java gebruiken en ervoor zorgen dat er geen oudere versie aanwezig zijn.
    Deze bevatten veiligheidslekken waar malware gebruik van maakt!

    Firefox 23 is uit.

    Klik op de oranje knop of anders in het menu op Extra, vervolgens op Help en als laatste klik je dan op "Over Firefox".
    Vermoedelijk zal de "Updateknop" dan al aktief zijn.
    Volg de verdere instrukties op.

    En dan een vraag, in Windows heb jij de courante Adobe Flashplayer zitten; heb jij die ook in Firefox apart geïnstalleerd?
    Want ik vermoed dat Firefox ook jouw favoriet is?
  • Zowel Java als FF zouden automagisch moeten updaten, maar nu even handmatig gedaan.

    Ik ben inderdaad Firefox gebruiker. In Firefox heb ik ook de flashplayer geinstalleerd, 11.8. Vreemd is dat ik die van Adobe installeer, maar er Shockwave Flash in de addon-lijst komt te staan?

    Zie ook:

    [img:e49bf21120]http://s18.postimg.org/5gt1xus45/Clipboard01.jpg[/img:e49bf21120]

    Na een reboot nog steeds 100% CPU voor een paar minuten overigens…
  • Dit is het Windows forum en niet Beveiliging.
    Lees onderstaande goed door:

    Download [img:a591f343f7]http://www.imgdumper.nl/uploads7/51e290303993d/51e2903039553-TDSSKiller_Resized.png[/img:a591f343f7][b:a591f343f7] TDSSKiller[/color:a591f343f7][/b:a591f343f7] en plaats het op je bureaublad.
    [list:a591f343f7]
    [*:a591f343f7] Voordat je TDSSKiller uitvoert is het raadzaam om de onderstaande handleiding van TDSSKiller te raadplegen.
    [list:a591f343f7]
    [*:a591f343f7] [b:a591f343f7]Klik hier voor de handleiding van Kaspersky TDSSKiller[/color:a591f343f7][/b:a591f343f7][/list:u:a591f343f7]
    [*:a591f343f7] Dubbelklik op [b:a591f343f7]TDSSKiller.exe[/b:a591f343f7] om de tool te starten. ([i:a591f343f7]Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken[/i:a591f343f7]).
    [*:a591f343f7] [i:a591f343f7]Als er door TDSSkiller een update wordt gevonden klikt u op de knop "[b:a591f343f7]Load update[/b:a591f343f7]"[/i:a591f343f7]
    [img:a591f343f7]http://www.imgdumper.nl/uploads6/506422ecca8b3/506422ecc81a0-TDSSkiller%28update%29.jpg[/img:a591f343f7]
    [*:a591f343f7] [i:a591f343f7]Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.[/i:a591f343f7]
    [*:a591f343f7] [i:a591f343f7]Start nu TDSSkiller opnieuw.[/i:a591f343f7]
    [*:a591f343f7] Klik op "[b:a591f343f7]Change parameters[/b:a591f343f7]" en zorg dat de onderstaande opties allemaal aangevinkt zijn.
    [img:a591f343f7]http://www.imgdumper.nl/uploads6/5064230056569/506423005368c-TDSSkiller%28opties%29.jpg[/img:a591f343f7]
    [*:a591f343f7] Klik op de knop "[b:a591f343f7]Start Scan[/b:a591f343f7]" en volg de instructies.
    [list:a591f343f7]
    [*:a591f343f7] Gebruik nooit[/color:a591f343f7] de "[b:a591f343f7]Delete[/b:a591f343f7]" optie bij een "[b:a591f343f7]Fail signature[/b:a591f343f7]" melding.[/list:u:a591f343f7]
    [*:a591f343f7] Wanneer de scan klaar is klik je op de knop "[b:a591f343f7]Report[/b:a591f343f7]".
    [*:a591f343f7] Selecteer de inhoud (log) en plaats deze in uw volgende bericht.
    [*:a591f343f7] Na de herstart van de computer zal u in de meeste gevallen een leeg bureaublad met een commandprompt-venster en een beveiligingswaarschuwing te zien krijgen met de vraag om een bestand uit te voeren zoals u kunt zien op de onderstaande afbeelding.
    Sta dit altijd toe door het bestand van Kaspersky te laten uitvoeren, [b:a591f343f7]annuleer dit nooit[/color:a591f343f7][/b:a591f343f7] aangezien TDSSKiller dan niet volledig zijn werk kan doen.
    [img:a591f343f7]http://www.imgdumper.nl/uploads6/506423d393b7c/506423d38e588-TDSSkiller%28reboot%29.jpg[/img:a591f343f7][/list:u:a591f343f7]
    [list:a591f343f7]
    [*:a591f343f7] Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/list:u:a591f343f7]

    [list:a591f343f7][*:a591f343f7][b:a591f343f7]Notabene[/color:a591f343f7]: de unsigned files[/color:a591f343f7] skip je, dat zijn bestanden die door TDSSKiller opgevoerd worden omdat deze geen digitale handtekening bevatten![/b:a591f343f7][/list:u:a591f343f7]
  • Uitgevoerd zoals uitgelegd, logje:

    15:40:55.0609 1924 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
    15:40:55.0875 1924 ============================================================
    15:40:55.0875 1924 Current date / time: 2013/08/17 15:40:55.0875
    15:40:55.0875 1924 SystemInfo:
    15:40:55.0875 1924
    15:40:55.0875 1924 OS Version: 5.1.2600 ServicePack: 3.0
    15:40:55.0875 1924 Product type: Workstation
    15:40:55.0875 1924 ComputerName: PCBENEDEN
    15:40:56.0093 1924 UserName: Rikie
    15:40:56.0093 1924 Windows directory: C:\WINDOWS
    15:40:56.0093 1924 System windows directory: C:\WINDOWS
    15:40:56.0093 1924 Processor architecture: Intel x86
    15:40:56.0093 1924 Number of processors: 1
    15:40:56.0093 1924 Page size: 0x1000
    15:40:56.0093 1924 Boot type: Normal boot
    15:40:56.0109 1924 ============================================================
    15:40:56.0671 1924 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
    15:40:56.0671 1924 Drive \Device\Harddisk0\DR0 - Size: 0x132C570000 (76.69 Gb), SectorSize: 0x200, Cylinders: 0x298D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
    15:40:56.0718 1924 ============================================================
    15:40:56.0718 1924 \Device\Harddisk1\DR1:
    15:40:56.0718 1924 MBR partitions:
    15:40:56.0718 1924 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xEFFFFB2
    15:40:56.0718 1924 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xEFFFFF1, BlocksNum 0x1642D6D0
    15:40:56.0718 1924 \Device\Harddisk0\DR0:
    15:40:56.0718 1924 MBR partitions:
    15:40:56.0718 1924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9961791
    15:40:56.0718 1924 ============================================================
    15:40:56.0734 1924 C: <-> \Device\Harddisk1\DR1\Partition1
    15:40:56.0765 1924 D: <-> \Device\Harddisk0\DR0\Partition1
    15:40:56.0796 1924 E: <-> \Device\Harddisk1\DR1\Partition2
    15:40:56.0796 1924 ============================================================
    15:40:56.0796 1924 Initialize success
    15:40:56.0796 1924 ============================================================
    15:41:01.0890 2492 ============================================================
    15:41:01.0890 2492 Scan started
    15:41:01.0890 2492 Mode: Manual; SigCheck; TDLFS;
    15:41:01.0890 2492 ============================================================
    15:41:02.0031 2492 ================ Scan system memory ========================
    15:41:02.0031 2492 System memory - ok
    15:41:02.0031 2492 ================ Scan services =============================
    15:41:02.0171 2492 Abiosdsk - ok
    15:41:02.0187 2492 abp480n5 - ok
    15:41:02.0234 2492 [ 02273A448BA21A7D447DAEB47810D40C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
    15:41:03.0109 2492 ACPI - ok
    15:41:03.0187 2492 [ 63F517B1A87DABF3F5ACB8A7952FC1D1 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
    15:41:03.0328 2492 ACPIEC - ok
    15:41:03.0343 2492 adpu160m - ok
    15:41:03.0390 2492 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
    15:41:03.0421 2492 aeaudio - ok
    15:41:03.0453 2492 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
    15:41:03.0609 2492 aec - ok
    15:41:03.0656 2492 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
    15:41:03.0687 2492 AFD - ok
    15:41:03.0687 2492 Aha154x - ok
    15:41:03.0703 2492 aic78u2 - ok
    15:41:03.0734 2492 aic78xx - ok
    15:41:03.0765 2492 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49 ] Alerter C:\WINDOWS\system32\alrsvc.dll
    15:41:03.0921 2492 Alerter - ok
    15:41:03.0937 2492 [ DAB2A89FDE5CF791161200D90C1BCB12 ] ALG C:\WINDOWS\System32\alg.exe
    15:41:04.0000 2492 ALG - ok
    15:41:04.0015 2492 AliIde - ok
    15:41:04.0046 2492 [ E33852324DA1978A10FD569B5A340E9B ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
    15:41:04.0078 2492 AmdK8 - ok
    15:41:04.0093 2492 amsint - ok
    15:41:04.0140 2492 [ 434A70FA278EB3C42140E3755C2FA4F8 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
    15:41:04.0203 2492 AppMgmt - ok
    15:41:04.0218 2492 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
    15:41:04.0375 2492 Arp1394 - ok
    15:41:04.0375 2492 asc - ok
    15:41:04.0390 2492 asc3350p - ok
    15:41:04.0406 2492 asc3550 - ok
    15:41:04.0546 2492 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
    15:41:04.0578 2492 aspnet_state - ok
    15:41:04.0578 2492 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    15:41:04.0750 2492 AsyncMac - ok
    15:41:04.0796 2492 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
    15:41:04.0984 2492 atapi - ok
    15:41:05.0000 2492 Atdisk - ok
    15:41:05.0078 2492 [ 471087B5E1E01CC82604E81EA14781D8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
    15:41:05.0109 2492 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
    15:41:05.0109 2492 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
    15:41:05.0171 2492 [ B979BA0120B6DB757196A8E2E873FE3C ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
    15:41:05.0203 2492 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
    15:41:05.0203 2492 ATI Smart - detected UnsignedFile.Multi.Generic (1)
    15:41:05.0343 2492 [ C0B86ECB324E50F6BBD529F9D5C6B24B ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
    15:41:05.0484 2492 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
    15:41:05.0484 2492 ati2mtag - detected UnsignedFile.Multi.Generic (1)
    15:41:05.0546 2492 [ 0E4BB35C5305099AC82053AC992E3E0E ] ATITool C:\WINDOWS\system32\DRIVERS\ATITool.sys
    15:41:05.0562 2492 ATITool ( UnsignedFile.Multi.Generic ) - warning
    15:41:05.0562 2492 ATITool - detected UnsignedFile.Multi.Generic (1)
    15:41:05.0578 2492 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    15:41:05.0750 2492 Atmarpc - ok
    15:41:05.0781 2492 [ F10745ED3195360E69AA4A6E7768C0E0 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
    15:41:05.0968 2492 AudioSrv - ok
    15:41:06.0046 2492 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
    15:41:06.0218 2492 audstub - ok
    15:41:06.0296 2492 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
    15:41:06.0484 2492 Beep - ok
    15:41:06.0531 2492 [ 5C0073A51C4873430FA8B262E92183FF ] BITS C:\WINDOWS\system32\qmgr.dll
    15:41:06.0734 2492 BITS - ok
    15:41:06.0765 2492 [ D3FACB34FFF5DB91ADB70987838F8BA7 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
    15:41:06.0796 2492 Brother XP spl Service - ok
    15:41:06.0828 2492 [ 69EAA7501F53A40E8C04C69F2391224F ] Browser C:\WINDOWS\System32\browser.dll
    15:41:07.0015 2492 Browser - ok
    15:41:07.0062 2492 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\Drivers\BrScnUsb.sys
    15:41:07.0078 2492 BrScnUsb - ok
    15:41:07.0093 2492 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
    15:41:07.0296 2492 cbidf2k - ok
    15:41:07.0312 2492 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    15:41:07.0500 2492 CCDECODE - ok
    15:41:07.0515 2492 cd20xrnt - ok
    15:41:07.0531 2492 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
    15:41:07.0734 2492 Cdaudio - ok
    15:41:07.0781 2492 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
    15:41:07.0953 2492 Cdfs - ok
    15:41:07.0968 2492 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
    15:41:08.0156 2492 Cdrom - ok
    15:41:08.0171 2492 Changer - ok
    15:41:08.0203 2492 [ BD85400700B80FBE3D4A3412BCE74861 ] CiSvc C:\WINDOWS\system32\cisvc.exe
    15:41:08.0406 2492 CiSvc - ok
    15:41:08.0406 2492 [ 4FB6108130829666C8FE96B442FEAD94 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
    15:41:08.0593 2492 ClipSrv - ok
    15:41:08.0671 2492 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    15:41:08.0703 2492 clr_optimization_v2.0.50727_32 - ok
    15:41:08.0750 2492 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    15:41:08.0796 2492 clr_optimization_v4.0.30319_32 - ok
    15:41:08.0812 2492 CmdIde - ok
    15:41:08.0828 2492 COMSysApp - ok
    15:41:08.0859 2492 Cpqarray - ok
    15:41:08.0890 2492 [ 0A9CF5D3CF63A8699F28C814EF821C7E ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
    15:41:09.0078 2492 CryptSvc - ok
    15:41:09.0093 2492 dac2w2k - ok
    15:41:09.0109 2492 dac960nt - ok
    15:41:09.0187 2492 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
    15:41:09.0250 2492 DcomLaunch - ok
    15:41:09.0281 2492 [ 146AB038F5DBB366122D28444999AB2C ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
    15:41:09.0453 2492 Dhcp - ok
    15:41:09.0468 2492 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
    15:41:09.0656 2492 Disk - ok
    15:41:09.0671 2492 dmadmin - ok
    15:41:09.0703 2492 [ DEC123E0C75971D0CC7A6C6A75E28429 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
    15:41:09.0906 2492 dmboot - ok
    15:41:09.0921 2492 [ 7268E66259722F6228C730685B201092 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
    15:41:10.0109 2492 dmio - ok
    15:41:10.0171 2492 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
    15:41:10.0343 2492 dmload - ok
    15:41:10.0359 2492 [ 127DB74184E2D3D31655DA525A5EFDE1 ] dmserver C:\WINDOWS\System32\dmserver.dll
    15:41:10.0546 2492 dmserver - ok
    15:41:10.0625 2492 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
    15:41:10.0796 2492 DMusic - ok
    15:41:10.0875 2492 [ DE6CDB6CBC5C27B9085CFA6DFE8E5025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
    15:41:10.0906 2492 Dnscache - ok
    15:41:10.0937 2492 [ 90EE765E1A598B578852901F74F914F1 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
    15:41:11.0109 2492 Dot3svc - ok
    15:41:11.0125 2492 dpti2o - ok
    15:41:11.0140 2492 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
    15:41:11.0328 2492 drmkaud - ok
    15:41:11.0359 2492 [ E6BBDEBF7081899D161C773E8D84D015 ] EapHost C:\WINDOWS\System32\eapsvc.dll
    15:41:11.0546 2492 EapHost - ok
    15:41:11.0562 2492 [ 2F5C7F650B7AF178988946EE4B0D9C01 ] ERSvc C:\WINDOWS\System32\ersvc.dll
    15:41:11.0734 2492 ERSvc - ok
    15:41:11.0765 2492 [ 657B69389B893F440B07590C9E963F23 ] Eventlog C:\WINDOWS\system32\services.exe
    15:41:11.0781 2492 Eventlog - ok
    15:41:11.0828 2492 [ 97912DC0679D2DA60CCE589BBC196D72 ] EventSystem C:\WINDOWS\system32\es.dll
    15:41:11.0875 2492 EventSystem - ok
    15:41:11.0906 2492 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
    15:41:12.0093 2492 Fastfat - ok
    15:41:12.0125 2492 [ CFB406497D9CF95DFFE17594899FD367 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
    15:41:12.0296 2492 FastUserSwitchingCompatibility - ok
    15:41:12.0328 2492 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
    15:41:12.0500 2492 Fdc - ok
    15:41:12.0531 2492 [ 8BFFFB5AC954E19DFDB96D56512AA518 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
    15:41:12.0703 2492 Fips - ok
    15:41:12.0734 2492 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    15:41:12.0906 2492 Flpydisk - ok
    15:41:12.0968 2492 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
    15:41:13.0140 2492 FltMgr - ok
    15:41:13.0203 2492 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    15:41:13.0218 2492 FontCache3.0.0.0 - ok
    15:41:13.0250 2492 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
    15:41:13.0406 2492 Fs_Rec - ok
    15:41:13.0421 2492 [ FA8CA22E70245C81FF29C36AF56292FC ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    15:41:13.0625 2492 Ftdisk - ok
    15:41:13.0671 2492 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
    15:41:13.0859 2492 gagp30kx - ok
    15:41:13.0906 2492 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
    15:41:14.0062 2492 Gpc - ok
    15:41:14.0171 2492 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
    15:41:14.0187 2492 gupdate - ok
    15:41:14.0203 2492 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
    15:41:14.0218 2492 gupdatem - ok
    15:41:14.0281 2492 [ 5327BAD9B35C33D2A64B64E4CF282ECD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    15:41:14.0453 2492 helpsvc - ok
    15:41:14.0546 2492 [ 10003105AAB8D5A7DB51A9CB3D9F55A3 ] HidServ C:\WINDOWS\System32\hidserv.dll
    15:41:14.0718 2492 HidServ - ok
    15:41:14.0781 2492 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
    15:41:14.0968 2492 hidusb - ok
    15:41:15.0000 2492 [ 1FF903FFA2DA1704E5A5443D37D8E49E ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
    15:41:15.0171 2492 hkmsvc - ok
    15:41:15.0203 2492 hpn - ok
    15:41:15.0296 2492 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
    15:41:15.0328 2492 HTCAND32 - ok
    15:41:15.0359 2492 [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
    15:41:15.0390 2492 htcnprot - ok
    15:41:15.0437 2492 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
    15:41:15.0625 2492 HTTP - ok
    15:41:15.0656 2492 [ 2529C7BA05242BEED0027F554D0513BB ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
    15:41:15.0812 2492 HTTPFilter - ok
    15:41:15.0828 2492 i2omgmt - ok
    15:41:15.0843 2492 i2omp - ok
    15:41:15.0875 2492 [ C43372D0682F8E32E4EC21117E089EC0 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    15:41:16.0062 2492 i8042prt - ok
    15:41:16.0109 2492 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    15:41:16.0171 2492 idsvc - ok
    15:41:16.0203 2492 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
    15:41:16.0375 2492 Imapi - ok
    15:41:16.0390 2492 [ A117772F94C854DE5D1BBC1F1962B192 ] ImapiService C:\WINDOWS\system32\imapi.exe
    15:41:16.0562 2492 ImapiService - ok
    15:41:16.0578 2492 ini910u - ok
    15:41:16.0609 2492 IntelIde - ok
    15:41:16.0625 2492 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
    15:41:16.0796 2492 Ip6Fw - ok
    15:41:16.0843 2492 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    15:41:17.0015 2492 IpFilterDriver - ok
    15:41:17.0031 2492 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
    15:41:17.0218 2492 IpInIp - ok
    15:41:17.0250 2492 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
    15:41:17.0421 2492 IpNat - ok
    15:41:17.0437 2492 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
    15:41:17.0609 2492 IPSec - ok
    15:41:17.0687 2492 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
    15:41:17.0750 2492 IRENUM - ok
    15:41:17.0796 2492 [ 0B78E1A31340E1FB1E389D5633F7C3A0 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
    15:41:17.0968 2492 isapnp - ok
    15:41:17.0984 2492 [ 380397621E94B32C744E7B2CC1330390 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    15:41:18.0140 2492 Kbdclass - ok
    15:41:18.0156 2492 [ B833B70FE639F01FB36CEDABE57EF031 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    15:41:18.0312 2492 kbdhid - ok
    15:41:18.0359 2492 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
    15:41:18.0546 2492 kmixer - ok
    15:41:18.0562 2492 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
    15:41:18.0750 2492 KSecDD - ok
    15:41:18.0812 2492 [ 0F01B503DA9BFFE16D7BC2179A6C68ED ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
    15:41:18.0984 2492 LanmanServer - ok
    15:41:19.0062 2492 [ A936A575EAF6DCE8DC08BC0C53972ADD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
    15:41:19.0109 2492 lanmanworkstation - ok
    15:41:19.0109 2492 lbrtfdc - ok
    15:41:19.0171 2492 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    15:41:19.0187 2492 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
    15:41:19.0187 2492 LightScribeService - detected UnsignedFile.Multi.Generic (1)
    15:41:19.0218 2492 [ 91AE20C5C2776C511994AA1308C05283 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
    15:41:19.0375 2492 LmHosts - ok
    15:41:19.0453 2492 [ DABCB3AD9B60BFDA876CB4F6081E822F ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
    15:41:19.0484 2492 LMIGuardianSvc - ok
    15:41:19.0515 2492 [ 26E3BEC8F2F0CFAF9FFE4C7AEF1BC049 ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
    15:41:19.0546 2492 LMIInfo - ok
    15:41:19.0593 2492 [ AB73A7C8594ABE0A7418626F0E742F40 ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
    15:41:19.0609 2492 LMIMaint - ok
    15:41:19.0625 2492 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
    15:41:19.0640 2492 lmimirr - ok
    15:41:19.0656 2492 LMIRfsClientNP - ok
    15:41:19.0687 2492 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
    15:41:19.0703 2492 LMIRfsDriver - ok
    15:41:19.0734 2492 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
    15:41:19.0750 2492 LogMeIn - ok
    15:41:19.0812 2492 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
    15:41:19.0843 2492 LVRS - ok
    15:41:19.0859 2492 [ C56A45A03DCA11712DE9FDF98224230B ] Messenger C:\WINDOWS\System32\msgsvc.dll
    15:41:20.0031 2492 Messenger - ok
    15:41:20.0125 2492 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
    15:41:20.0296 2492 mnmdd - ok
    15:41:20.0375 2492 [ 5B1D994DCF1895AFA27600E46A2F0FEA ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
    15:41:20.0546 2492 mnmsrvc - ok
    15:41:20.0562 2492 [ 8114EEAC353F549331AB73E9AF4219ED ] Modem C:\WINDOWS\system32\drivers\Modem.sys
    15:41:20.0734 2492 Modem - ok
    15:41:20.0781 2492 [ 1A4E2214DD63E4A876463D3427EE8261 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
    15:41:20.0953 2492 Mouclass - ok
    15:41:21.0031 2492 [ 18017899254E01371E1A39754D6BF98C ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
    15:41:21.0171 2492 mouhid - ok
    15:41:21.0187 2492 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
    15:41:21.0375 2492 MountMgr - ok
    15:41:21.0421 2492 [ 7E9DB3CD9D7F7A0320B09990818D1BFD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    15:41:21.0437 2492 MozillaMaintenance - ok
    15:41:21.0453 2492 mraid35x - ok
    15:41:21.0468 2492 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    15:41:21.0656 2492 MRxDAV - ok
    15:41:21.0750 2492 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    15:41:21.0812 2492 MRxSmb - ok
    15:41:21.0843 2492 [ 21EA21984D7D1AD50DB2E627020AB14C ] MSDTC C:\WINDOWS\system32\msdtc.exe
    15:41:22.0015 2492 MSDTC - ok
    15:41:22.0031 2492 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
    15:41:22.0187 2492 Msfs - ok
    15:41:22.0203 2492 MSIServer - ok
    15:41:22.0234 2492 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
    15:41:22.0390 2492 MSKSSRV - ok
    15:41:22.0468 2492 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    15:41:22.0640 2492 MSPCLOCK - ok
    15:41:22.0656 2492 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
    15:41:22.0812 2492 MSPQM - ok
    15:41:22.0812 2492 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    15:41:22.0968 2492 mssmbios - ok
    15:41:23.0031 2492 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
    15:41:23.0171 2492 MSTEE - ok
    15:41:23.0218 2492 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
    15:41:23.0250 2492 Mup - ok
    15:41:23.0265 2492 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    15:41:23.0406 2492 NABTSFEC - ok
    15:41:23.0453 2492 [ 87E394C810794D3C70CF22E8316CB23E ] napagent C:\WINDOWS\System32\qagentrt.dll
    15:41:23.0609 2492 napagent - ok
    15:41:23.0625 2492 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
    15:41:23.0781 2492 NDIS - ok
    15:41:23.0812 2492 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    15:41:23.0953 2492 NdisIP - ok
    15:41:23.0984 2492 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS
    distapi.sys
    15:41:24.0000 2492 NdisTapi - ok
    15:41:24.0046 2492 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS
    disuio.sys
    15:41:24.0187 2492 Ndisuio - ok
    15:41:24.0218 2492 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS
    diswan.sys
    15:41:24.0359 2492 NdisWan - ok
    15:41:24.0375 2492 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
    15:41:24.0421 2492 NDProxy - ok
    15:41:24.0500 2492 [ 27FE4B70C12A2C67A58D799B9A4E8D81 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    15:41:24.0562 2492 Nero BackItUp Scheduler 4.0 - ok
    15:41:24.0578 2492 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS
    etbios.sys
    15:41:24.0734 2492 NetBIOS - ok
    15:41:24.0796 2492 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS
    etbt.sys
    15:41:24.0937 2492 NetBT - ok
    15:41:24.0968 2492 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDE C:\WINDOWS\system32
    etdde.exe
    15:41:25.0125 2492 NetDDE - ok
    15:41:25.0125 2492 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDEdsdm C:\WINDOWS\system32
    etdde.exe
    15:41:25.0281 2492 NetDDEdsdm - ok
    15:41:25.0312 2492 [ 8754210A3399D19610CE2D71E0C3E5D9 ] Netlogon C:\WINDOWS\system32\lsass.exe
    15:41:25.0437 2492 Netlogon - ok
    15:41:25.0484 2492 [ 5431FB616ECAE0D587C5B97D0B86CBD8 ] Netman C:\WINDOWS\System32
    etman.dll
    15:41:25.0609 2492 Netman - ok
    15:41:25.0671 2492 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    15:41:25.0687 2492 NetTcpPortSharing - ok
    15:41:25.0718 2492 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS
    ic1394.sys
    15:41:25.0859 2492 NIC1394 - ok
    15:41:25.0906 2492 [ 4522CBE00A9E9EEE36AA82ED4B319148 ] Nla C:\WINDOWS\System32\mswsock.dll
    15:41:25.0921 2492 Nla - ok
    15:41:25.0937 2492 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
    15:41:26.0093 2492 Npfs - ok
    15:41:26.0140 2492 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
    15:41:26.0296 2492 Ntfs - ok
    15:41:26.0312 2492 [ 8754210A3399D19610CE2D71E0C3E5D9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
    15:41:26.0453 2492 NtLmSsp - ok
    15:41:26.0500 2492 [ AC1A78237B53044735693633F8235468 ] NtmsSvc C:\WINDOWS\system32
    tmssvc.dll
    15:41:26.0656 2492 NtmsSvc - ok
    15:41:26.0734 2492 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
    15:41:26.0875 2492 Null - ok
    15:41:26.0906 2492 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS
    wlnkflt.sys
    15:41:27.0031 2492 NwlnkFlt - ok
    15:41:27.0078 2492 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS
    wlnkfwd.sys
    15:41:27.0203 2492 NwlnkFwd - ok
    15:41:27.0218 2492 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    15:41:27.0359 2492 ohci1394 - ok
    15:41:27.0421 2492 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    15:41:27.0437 2492 ose - ok
    15:41:27.0468 2492 [ E3934CCC20A4D24F1924E13D36D2A5BD ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
    15:41:27.0609 2492 Parport - ok
    15:41:27.0625 2492 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
    15:41:27.0765 2492 PartMgr - ok
    15:41:27.0781 2492 [ 1EADE28746A64C21E0A808BB12A63326 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
    15:41:27.0921 2492 ParVdm - ok
    15:41:27.0968 2492 [ 5F731DD45D3B176C071E4CCEEB87B06B ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
    15:41:27.0968 2492 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
    15:41:27.0968 2492 PassThru Service - detected UnsignedFile.Multi.Generic (1)
    15:41:28.0000 2492 [ 3B166F9F753C21AEDAA9A6BD76B49655 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
    15:41:28.0125 2492 PCI - ok
    15:41:28.0140 2492 PCIDump - ok
    15:41:28.0156 2492 PCIIde - ok
    15:41:28.0187 2492 [ 2137FFD65F8E609A3A5ACD487C56CCE0 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
    15:41:28.0328 2492 Pcmcia - ok
    15:41:28.0343 2492 PDCOMP - ok
    15:41:28.0359 2492 PDFRAME - ok
    15:41:28.0375 2492 PDRELI - ok
    15:41:28.0390 2492 PDRFRAME - ok
    15:41:28.0484 2492 [ B20F958B207E6AAAC5F70D04DD2C30D8 ] pepifilter C:\WINDOWS\system32\DRIVERS\lv302af.sys
    15:41:28.0500 2492 pepifilter - ok
    15:41:28.0515 2492 perc2 - ok
    15:41:28.0531 2492 perc2hib - ok
    15:41:28.0671 2492 [ DD184D9ADFE2A8A21741DBDFE9E22F5C ] PID_PEPI C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
    15:41:28.0781 2492 PID_PEPI - ok
    15:41:28.0812 2492 [ 657B69389B893F440B07590C9E963F23 ] PlugPlay C:\WINDOWS\system32\services.exe
    15:41:28.0828 2492 PlugPlay - ok
    15:41:28.0843 2492 [ 8754210A3399D19610CE2D71E0C3E5D9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
    15:41:28.0984 2492 PolicyAgent - ok
    15:41:29.0062 2492 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
    15:41:29.0187 2492 PptpMiniport - ok
    15:41:29.0203 2492 [ 82A17ECA34D801590A67C0A2244965ED ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
    15:41:29.0343 2492 Processor - ok
    15:41:29.0343 2492 [ 8754210A3399D19610CE2D71E0C3E5D9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
    15:41:29.0484 2492 ProtectedStorage - ok
    15:41:29.0500 2492 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
    15:41:29.0625 2492 PSched - ok
    15:41:29.0640 2492 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
    15:41:29.0781 2492 Ptilink - ok
    15:41:29.0781 2492 ql1080 - ok
    15:41:29.0812 2492 Ql10wnt - ok
    15:41:29.0828 2492 ql12160 - ok
    15:41:29.0843 2492 ql1240 - ok
    15:41:29.0859 2492 ql1280 - ok
    15:41:29.0921 2492 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
    15:41:30.0031 2492 RasAcd - ok
    15:41:30.0062 2492 [ 0575D034B1292CA3A9BB9F67A8EE289C ] RasAuto C:\WINDOWS\System32\rasauto.dll
    15:41:30.0203 2492 RasAuto - ok
    15:41:30.0234 2492 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    15:41:30.0359 2492 Rasl2tp - ok
    15:41:30.0390 2492 [ 9E7E2DF6971A5F00102BE3F901CC3BDC ] RasMan C:\WINDOWS\System32\rasmans.dll
    15:41:30.0531 2492 RasMan - ok
    15:41:30.0546 2492 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    15:41:30.0687 2492 RasPppoe - ok
    15:41:30.0703 2492 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
    15:41:30.0828 2492 Raspti - ok
    15:41:30.0859 2492 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
    15:41:30.0984 2492 Rdbss - ok
    15:41:31.0000 2492 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    15:41:31.0125 2492 RDPCDD - ok
    15:41:31.0171 2492 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    15:41:31.0312 2492 rdpdr - ok
    15:41:31.0343 2492 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
    15:41:31.0390 2492 RDPWD - ok
    15:41:31.0421 2492 [ EA9FDF71D696B532BDC44C8BFF03A737 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
    15:41:31.0546 2492 RDSessMgr - ok
    15:41:31.0609 2492 [ 4173BC66E485FD77A03C4819F60BD0DA ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
    15:41:31.0734 2492 redbook - ok
    15:41:31.0765 2492 [ 4007ABF5D9BF0E55451D775443D1F985 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
    15:41:31.0875 2492 RemoteAccess - ok
    15:41:31.0921 2492 [ 2FD5B89BF9289C774C5C730DEA96CD91 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
    15:41:32.0046 2492 RemoteRegistry - ok
    15:41:32.0078 2492 [ BE078F8F7EC2491EFDD79A53353A060F ] RpcLocator C:\WINDOWS\system32\locator.exe
    15:41:32.0187 2492 RpcLocator - ok
    15:41:32.0234 2492 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
    15:41:32.0265 2492 RpcSs - ok
    15:41:32.0296 2492 [ AD1B5F1B99FFF08C99F443D784711A81 ] RSVP C:\WINDOWS\system32\rsvp.exe
    15:41:32.0421 2492 RSVP - ok
    15:41:32.0453 2492 [ 8754210A3399D19610CE2D71E0C3E5D9 ] SamSs C:\WINDOWS\system32\lsass.exe
    15:41:32.0578 2492 SamSs - ok
    15:41:32.0593 2492 [ 1B4CD62174E907C7EF8EC5D4D0A2A616 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
    15:41:32.0718 2492 SCardSvr - ok
    15:41:32.0781 2492 [ 7C288AE0F75CB18CFF1DF6179A67AD8F ] Schedule C:\WINDOWS\system32\schedsvc.dll
    15:41:32.0921 2492 Schedule - ok
    15:41:32.0937 2492 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
    15:41:33.0000 2492 Secdrv - ok
    15:41:33.0031 2492 [ 6983665BEA867125B1DA5757CD8B2F9D ] seclogon C:\WINDOWS\System32\seclogon.dll
    15:41:33.0156 2492 seclogon - ok
    15:41:33.0234 2492 [ F6EC8F1E50E40237BDDEE1CB7FE20B42 ] SENS C:\WINDOWS\system32\sens.dll
    15:41:33.0375 2492 SENS - ok
    15:41:33.0406 2492 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
    15:41:33.0531 2492 serenum - ok
    15:41:33.0546 2492 [ 92C21762653BB2CE51147EB8A9AA654F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
    15:41:33.0671 2492 Serial - ok
    15:41:33.0734 2492 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
    15:41:33.0859 2492 Sfloppy - ok
    15:41:33.0906 2492 [ 7579C4BE909D47F10F3D8D801CB13ED9 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
    15:41:34.0031 2492 SharedAccess - ok
    15:41:34.0062 2492 [ CFB406497D9CF95DFFE17594899FD367 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
    15:41:34.0187 2492 ShellHWDetection - ok
    15:41:34.0203 2492 Simbad - ok
    15:41:34.0296 2492 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
    15:41:34.0312 2492 SkypeUpdate - ok
    15:41:34.0343 2492 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
    15:41:34.0468 2492 SLIP - ok
    15:41:34.0562 2492 [ 1D381A07361E4D6A8BE95026B3EBA47A ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
    15:41:34.0593 2492 smwdm - ok
    15:41:34.0640 2492 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    15:41:34.0640 2492 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - warning
    15:41:34.0640 2492 SoundMAX Agent Service (default) - detected UnsignedFile.Multi.Generic (1)
    15:41:34.0671 2492 Sparrow - ok
    15:41:34.0687 2492 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
    15:41:34.0812 2492 splitter - ok
    15:41:34.0843 2492 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
    15:41:34.0859 2492 Spooler - ok
    15:41:34.0906 2492 [ 4F576E516CC76EC50A244586BCFA1C78 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
    15:41:34.0906 2492 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 4F576E516CC76EC50A244586BCFA1C78
    15:41:34.0921 2492 sptd ( LockedFile.Multi.Generic ) - warning
    15:41:34.0921 2492 sptd - detected LockedFile.Multi.Generic (1)
    15:41:34.0953 2492 [ 64D2A7640E0767ECD3BCB38D3200E7CE ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
    15:41:35.0015 2492 sr - ok
    15:41:35.0046 2492 [ 81CBF363C414620CAA61BD6843D8FDB9 ] srservice C:\WINDOWS\system32\srsvc.dll
    15:41:35.0125 2492 srservice - ok
    15:41:35.0156 2492 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
    15:41:35.0187 2492 Srv - ok
    15:41:35.0234 2492 [ 5B9D0DE64BE96A806819516440FD211C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
    15:41:35.0296 2492 SSDPSRV - ok
    15:41:35.0343 2492 [ 5AE996186D2DC694FEF88F14A3FC9242 ] stisvc C:\WINDOWS\system32\wiaservc.dll
    15:41:35.0500 2492 stisvc - ok
    15:41:35.0531 2492 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    15:41:35.0640 2492 streamip - ok
    15:41:35.0671 2492 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
    15:41:35.0796 2492 swenum - ok
    15:41:35.0812 2492 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
    15:41:35.0953 2492 swmidi - ok
    15:41:35.0968 2492 SwPrv - ok
    15:41:35.0984 2492 symc810 - ok
    15:41:36.0000 2492 symc8xx - ok
    15:41:36.0015 2492 sym_hi - ok
    15:41:36.0031 2492 sym_u3 - ok
    15:41:36.0062 2492 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
    15:41:36.0187 2492 sysaudio - ok
    15:41:36.0218 2492 [ 251EAE7C56C6AB9490311A3C9757E18D ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
    15:41:36.0359 2492 SysmonLog - ok
    15:41:36.0390 2492 [ 2BC9FB448F0C2394FF53C83A7BB04731 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
    15:41:36.0515 2492 TapiSrv - ok
    15:41:36.0625 2492 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
    15:41:36.0640 2492 Tcpip - ok
    15:41:36.0687 2492 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
    15:41:36.0812 2492 TDPIPE - ok
    15:41:36.0843 2492 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
    15:41:36.0953 2492 TDTCP - ok
    15:41:36.0968 2492 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
    15:41:37.0093 2492 TermDD - ok
    15:41:37.0156 2492 [ E0AEF86A594C9990D6321C5CA239C5B7 ] TermService C:\WINDOWS\System32\termsrv.dll
    15:41:37.0296 2492 TermService - ok
    15:41:37.0328 2492 [ CFB406497D9CF95DFFE17594899FD367 ] Themes C:\WINDOWS\System32\shsvcs.dll
    15:41:37.0453 2492 Themes - ok
    15:41:37.0484 2492 [ 78A2FE13662A119875F10E9FFCB49A8F ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
    15:41:37.0562 2492 TlntSvr - ok
    15:41:37.0578 2492 TosIde - ok
    15:41:37.0593 2492 [ 20655E8CA1C78BC7088B18E93806D21B ] TrkWks C:\WINDOWS\system32\trkwks.dll
    15:41:37.0718 2492 TrkWks - ok
    15:41:37.0750 2492 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
    15:41:37.0890 2492 Udfs - ok
    15:41:37.0921 2492 [ B37C465EC8029D732CD572B347DACC2E ] UlSata C:\WINDOWS\system32\DRIVERS\ulsata.sys
    15:41:37.0937 2492 UlSata ( UnsignedFile.Multi.Generic ) - warning
    15:41:37.0937 2492 UlSata - detected UnsignedFile.Multi.Generic (1)
    15:41:37.0953 2492 ultra - ok
    15:41:37.0984 2492 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
    15:41:38.0125 2492 Update - ok
    15:41:38.0156 2492 [ 01653D6C9604F1FB31A76EC94E08954F ] upnphost C:\WINDOWS\System32\upnphost.dll
    15:41:38.0218 2492 upnphost - ok
    15:41:38.0234 2492 [ A89796DD0DE24CF03B3A39407E1F46A3 ] UPS C:\WINDOWS\System32\ups.exe
    15:41:38.0375 2492 UPS - ok
    15:41:38.0406 2492 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
    15:41:38.0515 2492 usbaudio - ok
    15:41:38.0593 2492 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    15:41:38.0718 2492 usbccgp - ok
    15:41:38.0750 2492 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
    15:41:38.0875 2492 usbehci - ok
    15:41:38.0890 2492 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
    15:41:39.0015 2492 usbhub - ok
    15:41:39.0093 2492 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
    15:41:39.0203 2492 usbprint - ok
    15:41:39.0234 2492 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
    15:41:39.0343 2492 usbscan - ok
    15:41:39.0390 2492 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    15:41:39.0500 2492 USBSTOR - ok
    15:41:39.0531 2492 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    15:41:39.0656 2492 usbuhci - ok
    15:41:39.0718 2492 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
    15:41:39.0843 2492 usbvideo - ok
    15:41:39.0859 2492 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
    15:41:39.0984 2492 VgaSave - ok
    15:41:40.0000 2492 [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1 C:\WINDOWS\system32\DRIVERS\viaagp1.sys
    15:41:40.0046 2492 viaagp1 - ok
    15:41:40.0046 2492 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
    15:41:40.0187 2492 ViaIde - ok
    15:41:40.0203 2492 [ EBE101C01D80A42868F57B327BE1B564 ] viasraid C:\WINDOWS\system32\DRIVERS\viasraid.sys
    15:41:40.0234 2492 viasraid - ok
    15:41:40.0250 2492 [ 8AB662B3C4691E6DDF61C96BB5B7D103 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
    15:41:40.0375 2492 VolSnap - ok
    15:41:40.0406 2492 [ A585EDD6965B301DE8A45C6768C7C215 ] VSS C:\WINDOWS\System32\vssvc.exe
    15:41:40.0484 2492 VSS - ok
    15:41:40.0500 2492 [ C9A8BA443F809B70BCCCCD60CC73FA5C ] vulfnths C:\WINDOWS\System32\Drivers\vulfnth.sys
    15:41:40.0500 2492 vulfnths ( UnsignedFile.Multi.Generic ) - warning
    15:41:40.0500 2492 vulfnths - detected UnsignedFile.Multi.Generic (1)
    15:41:40.0515 2492 [ 2D8C55889616F7767E9FB8ADEE37A02A ] vulfntrs C:\WINDOWS\System32\Drivers\vulfntr.sys
    15:41:40.0531 2492 vulfntrs ( UnsignedFile.Multi.Generic ) - warning
    15:41:40.0531 2492 vulfntrs - detected UnsignedFile.Multi.Generic (1)
    15:41:40.0562 2492 [ 390D8E65F362327AD510B08971478301 ] W32Time C:\WINDOWS\system32\w32time.dll
    15:41:40.0687 2492 W32Time - ok
    15:41:40.0734 2492 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
    15:41:40.0843 2492 Wanarp - ok
    15:41:40.0921 2492 [ 4769596D7CC0F5FA447D2BABC239672A ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
    15:41:40.0968 2492 Wdf01000 - ok
    15:41:40.0968 2492 WDICA - ok
    15:41:41.0015 2492 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
    15:41:41.0125 2492 wdmaud - ok
    15:41:41.0156 2492 [ 33D8E2812054D97A0AEC9B8F04277927 ] WebClient C:\WINDOWS\System32\webclnt.dll
    15:41:41.0281 2492 WebClient - ok
    15:41:41.0406 2492 [ F9E105F369C18E4001E0C05AAF600D73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
    15:41:41.0531 2492 winmgmt - ok
    15:41:41.0578 2492 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
    15:41:41.0640 2492 WmdmPmSN - ok
    15:41:41.0687 2492 [ 93F8EB8C7CD4E325EC92EDBFC545103D ] Wmi C:\WINDOWS\System32\advapi32.dll
    15:41:41.0750 2492 Wmi - ok
    15:41:41.0796 2492 [ 87F11D161207C7063EDABAC0AADC33C3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
    15:41:41.0921 2492 WmiApSrv - ok
    15:41:41.0984 2492 [ E3F091C0F8FCF97CCD86FB6C1BEEF185 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
    15:41:42.0062 2492 WMPNetworkSvc - ok
    15:41:42.0078 2492 [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
    15:41:42.0109 2492 WpdUsb - ok
    15:41:42.0171 2492 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    15:41:42.0203 2492 WPFFontCache_v0400 - ok
    15:41:42.0250 2492 [ 843F7FA8EA38E6A4262976DCC994C81A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
    15:41:42.0375 2492 wscsvc - ok
    15:41:42.0406 2492 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    15:41:42.0531 2492 WSTCODEC - ok
    15:41:42.0609 2492 [ 1E8FDDDEF3FE260BADAB06DAE10D753A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
    15:41:42.0718 2492 wuauserv - ok
    15:41:42.0765 2492 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    15:41:42.0796 2492 WudfPf - ok
    15:41:42.0812 2492 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    15:41:42.0828 2492 WudfRd - ok
    15:41:42.0859 2492 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
    15:41:42.0890 2492 WudfSvc - ok
    15:41:42.0921 2492 [ E99782DBB8FFA2AEE72B31DAC8D8D887 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
    15:41:43.0062 2492 WZCSVC - ok
    15:41:43.0093 2492 [ FD3C38635808920F8235BF2FED642F54 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
    15:41:43.0218 2492 xmlprov - ok
    15:41:43.0265 2492 [ 4322C32CED8C4772E039616DCBF01D3F ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
    15:41:43.0312 2492 yukonwxp - ok
    15:41:43.0328 2492 ================ Scan global ===============================
    15:41:43.0375 2492 [ 953AD498333B03F7CE547151F96EF241 ] C:\WINDOWS\system32\basesrv.dll
    15:41:43.0406 2492 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll
    15:41:43.0437 2492 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll
    15:41:43.0468 2492 [ 657B69389B893F440B07590C9E963F23 ] C:\WINDOWS\system32\services.exe
    15:41:43.0468 2492 [Global] - ok
    15:41:43.0484 2492 ================ Scan MBR ==================================
    15:41:43.0500 2492 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk1\DR1
    15:41:43.0656 2492 \Device\Harddisk1\DR1 - ok
    15:41:43.0671 2492 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0
    15:41:44.0171 2492 \Device\Harddisk0\DR0 - ok
    15:41:44.0187 2492 ================ Scan VBR ==================================
    15:41:44.0187 2492 [ 03BD67799F6930102A3A21699A9B760A ] \Device\Harddisk1\DR1\Partition1
    15:41:44.0203 2492 \Device\Harddisk1\DR1\Partition1 - ok
    15:41:44.0234 2492 [ C6DA24CD42B0DC84BC1B5AAEF8A5E418 ] \Device\Harddisk1\DR1\Partition2
    15:41:44.0234 2492 \Device\Harddisk1\DR1\Partition2 - ok
    15:41:44.0250 2492 [ DA112F7A5EFEB6B6C31202ED630A7FDA ] \Device\Harddisk0\DR0\Partition1
    15:41:44.0250 2492 \Device\Harddisk0\DR0\Partition1 - ok
    15:41:44.0265 2492 ============================================================
    15:41:44.0265 2492 Scan finished
    15:41:44.0265 2492 ============================================================
    15:41:44.0390 3168 Detected object count: 11
    15:41:44.0390 3168 Actual detected object count: 11
    15:42:50.0953 3168 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
    15:42:50.0953 3168 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
    15:42:50.0953 3168 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
    15:42:50.0953 3168 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
    15:42:50.0953 3168 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
    15:42:50.0953 3168 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
    15:42:50.0953 3168 ATITool ( UnsignedFile.Multi.Generic ) - skipped by user
    15:42:50.0953 3168 ATITool ( UnsignedFile.Multi.Generic ) - User select action: Skip
    15:42:50.0968 3168 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
    15:42:50.0968 3168 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    15:42:50.0968 3168 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
    15:42:50.0968 3168 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
    15:42:50.0968 3168 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - skipped by user
    15:42:50.0968 3168 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - User select action: Skip
    15:42:51.0031 3168 C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine
    15:42:51.0031 3168 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
    15:42:51.0046 3168 UlSata ( UnsignedFile.Multi.Generic ) - skipped by user
    15:42:51.0046 3168 UlSata ( UnsignedFile.Multi.Generic ) - User select action: Skip
    15:42:51.0046 3168 vulfnths ( UnsignedFile.Multi.Generic ) - skipped by user
    15:42:51.0046 3168 vulfnths ( UnsignedFile.Multi.Generic ) - User select action: Skip
    15:42:51.0062 3168 vulfntrs ( UnsignedFile.Multi.Generic ) - skipped by user
    15:42:51.0062 3168 vulfntrs ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • Dat heb je prima gedaan en er gelukkig dus geen rootkit in de MBR van de HD.

    [b:67b9b68f49]Doe de [img:67b9b68f49]http://www.imgdumper.nl/uploads7/51e818553fadd/51e818553f6fd-EsetCanned.png[/img:67b9b68f49] ESET online scan (Klik).[/color:67b9b68f49][/b:67b9b68f49]
    [list:67b9b68f49]
    [*:67b9b68f49]Klik op de blauwe knop [b:67b9b68f49]Run ESET Online Scanner[/b:67b9b68f49]
    [*:67b9b68f49]Zet een vinkje bij [b:67b9b68f49]YES, I accept the Terms of Use[/b:67b9b68f49]
    [*:67b9b68f49]Klik op [b:67b9b68f49]Start[/b:67b9b68f49]
    [*:67b9b68f49]Sta het [b:67b9b68f49]ActiveX control[/b:67b9b68f49] toe om te installeren.
    [*:67b9b68f49]Zet een vinkje bij de volgende opties:
    [list:67b9b68f49][*:67b9b68f49][b:67b9b68f49][i:67b9b68f49]Remove found threats[/i:67b9b68f49][/b:67b9b68f49]
    [*:67b9b68f49][b:67b9b68f49][i:67b9b68f49]Scan archives[/i:67b9b68f49][/b:67b9b68f49][/list:u:67b9b68f49]
    [*:67b9b68f49]Klik vervolgens op [b:67b9b68f49]Advanced Settings[/b:67b9b68f49]
    [list:67b9b68f49][*:67b9b68f49][b:67b9b68f49][i:67b9b68f49]Scan for potentially unwanted applications[/i:67b9b68f49][/b:67b9b68f49]
    [*:67b9b68f49][b:67b9b68f49][i:67b9b68f49]Scan for potentially unsafe applications[/i:67b9b68f49][/b:67b9b68f49]
    [*:67b9b68f49][b:67b9b68f49][i:67b9b68f49]Enable Anti-Stealth technology[/i:67b9b68f49][/b:67b9b68f49][/list:u:67b9b68f49]
    [*:67b9b68f49]Klik op [b:67b9b68f49]Start[/b:67b9b68f49][/list:u:67b9b68f49]

    [list:67b9b68f49][*:67b9b68f49]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.
    [*:67b9b68f49]is de scan klaar, daarna mag jij het venster sluiten omdat de scan klaar is.
    [*:67b9b68f49]Ga vervolgens naar [b:67b9b68f49]C:\Program Files\ESET\ESET Online Scanner[/b:67b9b68f49] (Windows 64-bit: [b:67b9b68f49]C:\Program Files (x86)\ESET\ESET Online Scanner[/b:67b9b68f49]) en klik daar op [b:67b9b68f49]log.txt[/b:67b9b68f49]
    [*:67b9b68f49]Selekteer, kopieer en plak dan de inhoud van dit log in je volgende bericht.
    [*:67b9b68f49][b:67b9b68f49]Notabene:[/color:67b9b68f49] deaktiveer tijdelijk de eigen antivirus tijdens de scan, dan is de onlinescan sneller![/color:67b9b68f49][/b:67b9b68f49][/list:u:67b9b68f49]

    Gebruik je een andere browser dan IE, dan download je een kleine webinstaller, [b:67b9b68f49]esetsmartinstaller_enu.exe[/b:67b9b68f49].
    De Eset Online scanner zal vervolgens in een kleiner venster opstarten, je markeert dan eerst de instelling zoals hierboven aangegeven.
    Klik daarna op de knop "Start" - vervolgens zal eerst de database worden gedownload en is dat gebeurd, start de scan.
  • Een aantal dagen ziek geweest en dus niets kunnen doen…
    Maar nu weer (iets beter)!

    Logje:

    ESETSmartInstaller@High as downloader log:
    all ok
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6920
    # api_version=3.0.2
    # EOSSerial=1c66fcae4037bd44895c58c83f33470f
    # engine=14860
    # end=finished
    # remove_checked=false
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2013-08-22 10:00:59
    # local_time=2013-08-22 12:00:59 (+0100, West-Europa (zomertijd))
    # country="Netherlands"
    # lang=1033
    # osver=5.1.2600 NT Service Pack 3
    # scanned=49926
    # found=0
    # cleaned=0
    # scan_time=3231
  • Mooi resultaat.

    Wat betreft die hondert procent CPU, dat is mogelijk dus niet malware gerelateerd maar door een programma dan wel services daarvan.

    [b:3bf424c6fe]Download[/b:3bf424c6fe] [img:3bf424c6fe]http://www.imgdumper.nl/uploads7/51f51523a2765/51f51523a23a0-OTL_Canned_Nieuw.png[/img:3bf424c6fe] [b:3bf424c6fe]OTL.exe[/b:3bf424c6fe]

    [b:3bf424c6fe]Downloadlokatie[/b:3bf424c6fe]: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
    [b:3bf424c6fe]Sluit voordat OTL.exe gaat scannen, eerst alle andere openstaande vensters![/b:3bf424c6fe]

    [b:3bf424c6fe]OTL.exe gebruiken[/b:3bf424c6fe]:
    [b:3bf424c6fe]Sluit voordat OTL.exe gaat scannen, eerst alle andere openstaande vensters![/b:3bf424c6fe]
    [list:3bf424c6fe][*:3bf424c6fe][b:3bf424c6fe]Windows 2000[/color:3bf424c6fe][/b:3bf424c6fe] en [b:3bf424c6fe]Windows XP[/b:3bf424c6fe][/color:3bf424c6fe]: dubbelklik op [b:3bf424c6fe]OTL.exe[/b:3bf424c6fe].
    [*:3bf424c6fe][b:3bf424c6fe]Windows Vista[/b:3bf424c6fe][/color:3bf424c6fe], [b:3bf424c6fe]Windows 7[/b:3bf424c6fe][/color:3bf424c6fe] en [b:3bf424c6fe]Windows 8[/b:3bf424c6fe][/color:3bf424c6fe]: via rechtsklik op [b:3bf424c6fe]OTL.exe[/b:3bf424c6fe] en kies voor "Als Administrator uitvoeren".[/list:u:3bf424c6fe]

    [list:3bf424c6fe][*:3bf424c6fe]Zet een vinkje bij [b:3bf424c6fe]Scan All Users[/b:3bf424c6fe], [b:3bf424c6fe]LOP Check[/b:3bf424c6fe] en bij [b:3bf424c6fe]PURITY Check[/b:3bf424c6fe].
    [*:3bf424c6fe]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef.


    [*:3bf424c6fe]Klik vervolgens op de knop [img:3bf424c6fe]http://www.imgdumper.nl/uploads6/50cd93c69c626/50cd93c69be5b-OTL_-_Run_Scan_knop.jpg[/img:3bf424c6fe].

    [*:3bf424c6fe]De scan zal niet heel erg lang duren.
    [list:3bf424c6fe][*:3bf424c6fe]Er zal nu enkel één Kladblok-venster geopend worden wanneer de scan klaar is: [b:3bf424c6fe]OTL.Txt[/b:3bf424c6fe].
    [*:3bf424c6fe][b:3bf424c6fe]Extras.txt[/b:3bf424c6fe] wordt nu niet meer aangemaakt.
    [*:3bf424c6fe]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:3bf424c6fe][/list:u:3bf424c6fe]
    [b:3bf424c6fe]Notabene:[/color:3bf424c6fe] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/color:3bf424c6fe][/b:3bf424c6fe]
    [b:3bf424c6fe]Notabene 2:[/color:3bf424c6fe] Wanneer je een groot log post van bijv. OTL, dan heb je snel de neiging nogmaals op de knop te drukken, omdat het duurt.[/color:3bf424c6fe][/b:3bf424c6fe]
    Doordat de forum software even tijd nodig heeft zo'n groot log klaar te maken kan het dus even duren, voordat je resultaat krijgt en ziet.
    Heb je dan nogmaals op de nop geklikt, dan wordt het bericht dus nogmaals gepost!
  • OTL logfile created on: 24-8-2013 13:36:12 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Rikie\Bureaublad
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    1022,73 Mb Total Physical Memory | 668,03 Mb Available Physical Memory | 65,32% Memory free
    2,40 Gb Paging File | 2,11 Gb Available in Paging File | 87,75% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 120,00 Gb Total Space | 106,11 Gb Free Space | 88,42% Space Free | Partition Type: NTFS
    Drive D: | 76,69 Gb Total Space | 69,09 Gb Free Space | 90,09% Space Free | Partition Type: NTFS
    Drive E: | 178,09 Gb Total Space | 157,21 Gb Free Space | 88,28% Space Free | Partition Type: NTFS

    Computer Name: PCBENEDEN | User Name: Rikie | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========[/color:a2a8011611]

    PRC - [2013-08-24 13:35:07 | 000,602,112 | —- | M] (OldTimer Tools) – C:\Documents and Settings\Rikie\Bureaublad\OTL.exe
    PRC - [2013-06-08 20:36:24 | 000,202,576 | —- | M] (LogMeIn, Inc.) – C:\Program Files\LogMeIn\x86\ramaint.exe
    PRC - [2013-06-08 20:36:05 | 000,375,120 | —- | M] (LogMeIn, Inc.) – C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
    PRC - [2012-10-08 17:04:18 | 000,166,912 | —- | M] () – C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
    PRC - [2011-11-11 14:08:06 | 000,205,336 | —- | M] (Logitech Inc.) – C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
    PRC - [2011-01-11 19:04:04 | 000,390,528 | —- | M] (LogMeIn, Inc.) – C:\Program Files\LogMeIn\x86\LogMeIn.exe
    PRC - [2011-01-11 19:04:04 | 000,063,048 | —- | M] (LogMeIn, Inc.) – C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
    PRC - [2008-08-29 15:20:56 | 000,935,208 | —- | M] (Nero AG) – C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    PRC - [2008-04-15 14:00:00 | 001,037,312 | —- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe
    PRC - [2006-12-08 17:23:26 | 003,035,136 | —- | M] (http://atitool.techpowerup.com) – C:\Program Files\ATITool\ATITool.exe
    PRC - [2002-09-20 16:50:10 | 000,045,056 | —- | M] (Analog Devices, Inc.) – C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


    ========== Modules (No Company Name) ==========[/color:a2a8011611]

    MOD - [2013-08-12 11:18:22 | 001,728,512 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
    MOD - [2013-08-12 11:18:22 | 000,692,224 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
    MOD - [2013-08-12 11:18:22 | 000,491,520 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
    MOD - [2013-08-12 11:18:22 | 000,364,544 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
    MOD - [2013-08-12 11:18:22 | 000,290,816 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:22 | 000,204,800 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
    MOD - [2013-08-12 11:18:22 | 000,077,824 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:22 | 000,069,632 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:22 | 000,040,960 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
    MOD - [2013-08-12 11:18:22 | 000,036,864 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:22 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:22 | 000,011,776 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
    MOD - [2013-08-12 11:18:22 | 000,008,704 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
    MOD - [2013-08-12 11:18:22 | 000,007,680 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
    MOD - [2013-08-12 11:18:22 | 000,007,680 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
    MOD - [2013-08-12 11:18:21 | 000,364,544 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:21 | 000,286,720 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Dashboard\2.0.3693.42470__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:21 | 000,139,264 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:21 | 000,106,496 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:21 | 000,094,208 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
    MOD - [2013-08-12 11:18:21 | 000,073,728 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:21 | 000,061,440 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:21 | 000,028,672 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:21 | 000,028,672 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Runtime\2.0.3693.42470__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:20 | 000,811,008 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:20 | 000,479,232 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Dashboard\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:20 | 000,405,504 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
    MOD - [2013-08-12 11:18:20 | 000,225,280 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:20 | 000,126,976 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:20 | 000,081,920 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:20 | 000,028,672 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Runtime\2.0.3693.42471__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:19 | 000,798,720 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:19 | 000,712,704 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:19 | 000,675,840 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:19 | 000,589,824 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:19 | 000,450,560 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:19 | 000,438,272 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
    MOD - [2013-08-12 11:18:19 | 000,065,536 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:19 | 000,040,960 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:19 | 000,040,960 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:19 | 000,036,864 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:19 | 000,032,768 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
    MOD - [2013-08-12 11:18:19 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
    MOD - [2013-08-12 11:18:19 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
    MOD - [2013-08-12 11:18:19 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
    MOD - [2013-08-12 11:18:19 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
    MOD - [2013-08-12 11:18:19 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
    MOD - [2013-08-12 11:18:19 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
    MOD - [2013-08-12 11:18:19 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
    MOD - [2013-08-12 11:18:19 | 000,007,168 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
    MOD - [2013-08-12 11:18:18 | 000,073,728 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
    MOD - [2013-08-12 11:18:18 | 000,061,440 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:18 | 000,053,248 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:18 | 000,045,056 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
    MOD - [2013-08-12 11:18:18 | 000,040,960 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:18 | 000,032,768 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
    MOD - [2013-08-12 11:18:18 | 000,028,672 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
    MOD - [2013-08-12 11:18:18 | 000,028,672 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
    MOD - [2013-08-12 11:18:18 | 000,024,576 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:18 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
    MOD - [2013-08-12 11:18:18 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
    MOD - [2013-08-12 11:18:18 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
    MOD - [2013-08-12 11:18:18 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
    MOD - [2013-08-12 11:18:18 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:18 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
    MOD - [2013-08-12 11:18:18 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
    MOD - [2013-08-12 11:18:18 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
    MOD - [2013-08-12 11:18:18 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
    MOD - [2013-08-12 11:18:18 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
    MOD - [2013-08-12 11:18:18 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
    MOD - [2013-08-12 11:18:18 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
    MOD - [2013-08-12 11:18:18 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,503,808 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
    MOD - [2013-08-12 11:18:17 | 000,065,536 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,053,248 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,053,248 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,049,152 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,040,960 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,032,768 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,028,672 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,028,672 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,028,672 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,024,576 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,024,576 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,024,576 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
    MOD - [2013-08-12 11:18:17 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
    MOD - [2013-08-12 11:18:17 | 000,016,384 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
    MOD - [2013-08-12 11:18:16 | 000,544,768 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll
    MOD - [2013-08-12 11:18:16 | 000,405,504 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll
    MOD - [2013-08-12 11:18:16 | 000,106,496 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll
    MOD - [2013-08-12 11:18:16 | 000,081,920 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll
    MOD - [2013-08-12 11:18:16 | 000,061,440 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll
    MOD - [2013-08-12 11:18:16 | 000,057,344 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll
    MOD - [2013-08-12 11:18:16 | 000,045,056 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
    MOD - [2013-08-12 11:18:16 | 000,045,056 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
    MOD - [2013-08-12 11:18:16 | 000,040,960 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
    MOD - [2013-08-12 11:18:16 | 000,032,768 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
    MOD - [2013-08-12 11:18:16 | 000,024,576 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
    MOD - [2013-08-12 11:18:16 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
    MOD - [2013-08-12 11:18:16 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
    MOD - [2013-08-12 11:18:16 | 000,014,848 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
    MOD - [2013-08-12 11:18:16 | 000,013,312 | —- | M] () – C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
    MOD - [2013-08-12 11:18:16 | 000,007,168 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
    MOD - [2013-08-12 11:18:15 | 001,142,784 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll
    MOD - [2013-08-12 11:18:15 | 000,081,920 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll
    MOD - [2013-08-12 11:18:15 | 000,061,440 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll
    MOD - [2013-08-12 11:18:15 | 000,045,056 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll
    MOD - [2013-08-12 11:18:15 | 000,040,960 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
    MOD - [2013-08-12 11:18:15 | 000,032,768 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
    MOD - [2013-08-12 11:18:15 | 000,028,672 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll
    MOD - [2013-08-12 11:18:15 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
    MOD - [2013-08-12 11:18:15 | 000,020,480 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
    MOD - [2012-10-08 17:04:18 | 000,166,912 | —- | M] () – C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
    MOD - [2012-08-06 23:16:51 | 011,817,472 | —- | M] () – C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
    MOD - [2012-08-06 23:14:48 | 000,971,264 | —- | M] () – C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
    MOD - [2012-08-06 23:06:20 | 012,433,920 | —- | M] () – C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
    MOD - [2012-08-06 23:03:28 | 000,303,104 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
    MOD - [2012-08-06 23:02:58 | 000,025,600 | —- | M] () – C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
    MOD - [2012-08-06 23:00:45 | 005,450,752 | —- | M] () – C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
    MOD - [2012-08-06 23:00:22 | 001,592,320 | —- | M] () – C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
    MOD - [2012-08-06 22:56:50 | 007,953,408 | —- | M] () – C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
    MOD - [2012-08-06 22:56:32 | 011,492,352 | —- | M] () – C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
    MOD - [2011-11-11 14:08:18 | 007,956,504 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
    MOD - [2011-11-11 14:08:18 | 000,342,552 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
    MOD - [2011-11-11 14:08:18 | 000,128,536 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
    MOD - [2011-11-11 14:08:18 | 000,029,208 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
    MOD - [2011-11-11 14:08:06 | 002,145,304 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
    MOD - [2011-07-24 20:41:15 | 000,446,464 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_nl_b77a5c561934e089\System.Windows.Forms.resources.dll
    MOD - [2011-07-24 20:41:14 | 000,303,104 | —- | M] () – C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll
    MOD - [2009-11-24 13:36:36 | 000,016,384 | R— | M] () – C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
    MOD - [2007-06-22 00:26:24 | 000,174,592 | —- | M] () – C:\Program Files\ATITool\ATIToolHooks.dll


    ========== Services (SafeList) ==========[/color:a2a8011611]

    SRV - [2013-08-11 15:24:12 | 000,119,208 | —- | M] (Mozilla Foundation) [On_Demand | Stopped] – C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe – (MozillaMaintenance)
    SRV - [2013-06-08 20:36:24 | 000,202,576 | —- | M] (LogMeIn, Inc.) [Auto | Running] – C:\Program Files\LogMeIn\x86\ramaint.exe – (LMIMaint)
    SRV - [2013-06-08 20:36:05 | 000,375,120 | —- | M] (LogMeIn, Inc.) [Auto | Running] – C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe – (LMIGuardianSvc)
    SRV - [2012-11-09 12:21:24 | 000,160,944 | R— | M] (Skype Technologies) [Auto | Stopped] – C:\Program Files\Skype\Updater\Updater.exe – (SkypeUpdate)
    SRV - [2012-10-08 17:04:18 | 000,166,912 | —- | M] () [Auto | Running] – C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe – (PassThru Service)
    SRV - [2011-01-11 19:04:04 | 000,390,528 | —- | M] (LogMeIn, Inc.) [Auto | Running] – C:\Program Files\LogMeIn\x86\LogMeIn.exe – (LogMeIn)
    SRV - [2008-08-29 15:20:56 | 000,935,208 | —- | M] (Nero AG) [Auto | Running] – C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe – (Nero BackItUp Scheduler 4.0)
    SRV - [2002-09-20 16:50:10 | 000,045,056 | —- | M] (Analog Devices, Inc.) [Auto | Running] – C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe – (SoundMAX Agent Service (default)


    ========== Driver Services (SafeList) ==========[/color:a2a8011611]

    DRV - File not found [Kernel | On_Demand | Stopped] – – (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] – – (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] – – (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] – – (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] – – (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] – – (PCIDump)
    DRV - File not found [Kernel | System | Stopped] – – (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] – – (i2omgmt)
    DRV - File not found [Kernel | System | Stopped] – – (Changer)
    DRV - File not found [Kernel | On_Demand | Unknown] – – (arojcxw6)
    DRV - [2013-06-08 20:36:07 | 000,086,888 | —- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] – C:\WINDOWS\System32\LMIRfsClientNP.dll – (LMIRfsClientNP)
    DRV - [2013-06-02 22:50:31 | 000,013,624 | —- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] – C:\Program Files\LogMeIn\x86\rainfo.sys – (LMIInfo)
    DRV - [2012-10-08 17:04:18 | 000,021,248 | —- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\htcnprot.sys – (htcnprot)
    DRV - [2012-01-18 08:44:28 | 000,312,096 | —- | M] (Logitech Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\lvrs.sys – (LVRS)
    DRV - [2011-07-24 19:02:52 | 000,682,232 | —- | M] () [Kernel | Boot | Running] – C:\WINDOWS\system32\drivers\sptd.sys – (sptd)
    DRV - [2011-01-11 19:04:04 | 000,047,640 | —- | M] (LogMeIn, Inc.) [File_System | Auto | Running] – C:\WINDOWS\system32\drivers\LMIRfsDriver.sys – (LMIRfsDriver)
    DRV - [2010-02-11 09:38:10 | 003,565,056 | —- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ati2mtag.sys – (ati2mtag)
    DRV - [2009-06-10 09:49:32 | 000,024,576 | —- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ANDROIDUSB.sys – (HTCAND32)
    DRV - [2009-05-01 00:55:56 | 002,687,512 | —- | M] (Logitech Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\LV302V32.SYS – (PID_PEPI)
    DRV - [2009-05-01 00:55:32 | 000,013,976 | —- | M] (Logitech Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\lv302af.sys – (pepifilter)
    DRV - [2007-12-06 09:51:00 | 000,285,952 | —- | M] (Marvell) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\yk51x86.sys – (yukonwxp)
    DRV - [2006-11-10 15:08:50 | 000,024,064 | —- | M] () [Kernel | System | Running] – C:\WINDOWS\system32\drivers\ATITool.sys – (ATITool)
    DRV - [2003-10-31 12:22:38 | 000,077,312 | R— | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] – C:\WINDOWS\system32\drivers\viasraid.sys – (viasraid)
    DRV - [2003-07-02 04:42:00 | 000,027,904 | —- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] – C:\WINDOWS\system32\drivers\VIAAGP1.SYS – (viaagp1)


    ========== Standard Registry (SafeList) ==========[/color:a2a8011611]


    ========== Internet Explorer ==========[/color:a2a8011611]

    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========[/color:a2a8011611]

    FF - prefs.js..browser.search.defaultengine: "Google"
    FF - prefs.js..browser.search.defaultenginename: "Google"
    FF - prefs.js..browser.startup.homepage: "http://www.google.nl/"
    FF - prefs.js..extensions.enabledAddons: LogMeInClient%40logmein.com:1.0.0.1024
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper
    povshelper.dll (DivX, LLC.)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32
    pDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0
    pctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153
    pGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153
    pGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR
    ppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-08-15 15:41:57 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

    [2011-07-23 20:41:06 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\Rikie\Application Data\Mozilla\Extensions
    [2013-07-31 18:35:45 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\Rikie\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\extensions
    [2013-06-22 09:46:43 | 000,000,000 | —D | M] (LogMeIn, Inc. Remote Access Plugin) – C:\Documents and Settings\Rikie\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\extensions\LogMeInClient@logmein.com
    [2013-07-31 18:35:45 | 000,824,302 | —- | M] () (No name found) – C:\Documents and Settings\Rikie\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2013-08-15 15:41:57 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\extensions
    [2013-08-15 15:41:57 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\browser\extensions
    [2013-08-17 15:37:55 | 000,000,000 | —D | M] (Default) – C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013-08-15 13:12:30 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\updated\browser\extensions
    [2013-08-15 13:12:39 | 000,000,000 | —D | M] (Default) – C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ========== Chrome ==========[/color:a2a8011611]

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
    CHR - homepage: http://www.google.nl/
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser
    ppdf32.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins
    pqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins
    pqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins
    pqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins
    pqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins
    pqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins
    pqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins
    pqtplugin7.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player
    pdrmv2.dll
    CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player
    pdsplay.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player
    pwmsdrm.dll
    CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper
    povshelper.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124
    pGoogleUpdate3.dll
    CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2
    pjp2.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0
    pctrl.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll
    CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32
    pDeployJava1.dll
    CHR - Extension: Google Drive = C:\Documents and Settings\Rikie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
    CHR - Extension: YouTube = C:\Documents and Settings\Rikie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Google Zoeken = C:\Documents and Settings\Rikie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: Gmail = C:\Documents and Settings\Rikie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,776 | —- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [ATITool] C:\Program Files\ATITool\ATITool.exe (http://atitool.techpowerup.com)
    O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
    O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
    O4 - HKLM..\Run: [PtiuPbmd] C:\WINDOWS\System32\ptipbm.dll (Promise Technology,Inc.)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKU\.DEFAULT..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe ()
    O4 - HKU\S-1-5-18..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe ()
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-790525478-879983540-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1311443915156 (WUWebControl Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.35.25 212.54.40.25
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AEF861B3-C2A0-4CDB-A15F-B3B193C142F0}: DhcpNameServer = 212.54.35.25 212.54.40.25
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
    O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\Rikie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rikie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2011-07-23 18:38:30 | 000,000,000 | —- | M] () - C:\AUTOEXEC.BAT – [ NTFS ]
    O33 - MountPoints2\{5026997b-dd78-11e2-9331-00112fe32cd5}\Shell - "" = AutoRun
    O33 - MountPoints2\{5026997b-dd78-11e2-9331-00112fe32cd5}\Shell\AutoRun\command - "" = I:\HTC_Sync_Manager_PC.exe
    O33 - MountPoints2\{cc4f34d2-fe76-11e2-9392-00112fe32cd5}\Shell - "" = AutoRun
    O33 - MountPoints2\{cc4f34d2-fe76-11e2-9392-00112fe32cd5}\Shell\AutoRun\command - "" = I:\HTC_Sync_Manager_PC.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] – "%1" %*
    O35 - HKLM\..exefile [open] – "%1" %*
    O37 - HKLM\…com [@ = comfile] – "%1" %*
    O37 - HKLM\…exe [@ = exefile] – "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========[/color:a2a8011611]

    [2013-08-24 13:35:07 | 000,602,112 | —- | C] (OldTimer Tools) – C:\Documents and Settings\Rikie\Bureaublad\OTL.exe
    [2013-08-22 11:05:28 | 000,000,000 | —D | C] – C:\Program Files\ESET
    [2013-08-22 11:05:19 | 002,347,384 | —- | C] (ESET) – C:\Documents and Settings\Rikie\Bureaublad\esetsmartinstaller_enu.exe
    [2013-08-15 15:41:55 | 000,000,000 | —D | C] – C:\Program Files\Mozilla Firefox
    [2013-08-15 15:39:03 | 000,000,000 | —D | C] – C:\TDSSKiller_Quarantine
    [2013-08-15 13:10:03 | 000,000,000 | —D | C] – C:\Program Files\Common Files\Java
    [2013-08-13 17:47:39 | 000,000,000 | —D | C] – C:\WINDOWS\ERUNT
    [2013-08-12 13:09:57 | 000,000,000 | —D | C] – C:\Documents and Settings\Rikie\Application Data\Malwarebytes
    [2013-08-12 13:09:50 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware
    [2013-08-12 13:09:49 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2013-08-12 13:09:48 | 000,022,856 | —- | C] (Malwarebytes Corporation) – C:\WINDOWS\System32\drivers\mbam.sys
    [2013-08-12 13:09:48 | 000,000,000 | —D | C] – C:\Program Files\Malwarebytes' Anti-Malware
    [2013-08-12 13:02:40 | 000,692,104 | —- | C] (Adobe Systems Incorporated) – C:\WINDOWS\System32\FlashPlayerApp.exe
    [2013-08-12 13:02:40 | 000,071,048 | —- | C] (Adobe Systems Incorporated) – C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2013-08-12 12:33:57 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome
    [2013-08-12 11:57:18 | 000,000,000 | —D | C] – C:\WINDOWS\System32\Macromed
    [2013-08-12 11:19:39 | 000,000,000 | —D | C] – C:\Documents and Settings\Rikie\Local Settings\Application Data\ATI
    [2013-08-12 11:19:39 | 000,000,000 | —D | C] – C:\Documents and Settings\Rikie\Application Data\ATI
    [2013-08-12 11:19:39 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Application Data\ATI
    [2013-08-12 11:18:14 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programma's\Catalyst Control Center
    [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========[/color:a2a8011611]

    [2013-08-24 13:38:00 | 000,001,042 | —- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2013-08-24 13:35:07 | 000,602,112 | —- | M] (OldTimer Tools) – C:\Documents and Settings\Rikie\Bureaublad\OTL.exe
    [2013-08-24 13:26:59 | 000,001,038 | —- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2013-08-24 13:26:50 | 000,002,048 | –S- | M] () – C:\WINDOWS\bootstat.dat
    [2013-08-22 20:42:10 | 000,003,181 | —- | M] () – C:\Documents and Settings\Rikie\intlname.ols
    [2013-08-22 11:05:19 | 002,347,384 | —- | M] (ESET) – C:\Documents and Settings\Rikie\Bureaublad\esetsmartinstaller_enu.exe
    [2013-08-20 16:01:01 | 000,000,284 | —- | M] () – C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2013-08-17 15:38:15 | 000,000,742 | —- | M] () – C:\Documents and Settings\Rikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2013-08-17 15:38:07 | 000,000,724 | —- | M] () – C:\Documents and Settings\All Users\Bureaublad\Mozilla Firefox.lnk
    [2013-08-16 16:48:16 | 000,001,988 | -H– | M] () – D:\Documenten\Rikie\Default.rdp
    [2013-08-16 16:21:21 | 000,002,206 | —- | M] () – C:\WINDOWS\System32\wpa.dbl
    [2013-08-12 13:09:50 | 000,000,784 | —- | M] () – C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk
    [2013-08-12 13:02:40 | 000,692,104 | —- | M] (Adobe Systems Incorporated) – C:\WINDOWS\System32\FlashPlayerApp.exe
    [2013-08-12 13:02:40 | 000,071,048 | —- | M] (Adobe Systems Incorporated) – C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2013-08-12 12:53:30 | 000,001,831 | —- | M] () – C:\Documents and Settings\Rikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2013-08-05 17:08:30 | 000,002,523 | —- | M] () – C:\Documents and Settings\Rikie\Bureaublad\Microsoft Office Word 2003.lnk
    [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files Created - No Company Name ==========[/color:a2a8011611]

    [2013-08-12 13:09:50 | 000,000,784 | —- | C] () – C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk
    [2013-08-12 12:33:57 | 000,001,831 | —- | C] () – C:\Documents and Settings\Rikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2013-08-12 12:33:31 | 000,001,042 | —- | C] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2013-08-12 12:33:31 | 000,001,038 | —- | C] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2012-08-06 22:32:22 | 000,003,072 | —- | C] () – C:\WINDOWS\System32\iacenc.dll
    [2012-08-05 17:57:07 | 000,005,632 | —- | C] () – C:\Documents and Settings\Rikie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012-08-01 20:34:18 | 000,028,418 | —- | C] () – C:\WINDOWS\System32\lvcoinst.ini
    [2011-07-25 18:39:25 | 000,003,181 | —- | C] () – C:\Documents and Settings\Rikie\intlname.ols

    ========== ZeroAccess Check ==========[/color:a2a8011611]

    [2011-07-24 20:39:49 | 000,000,227 | RHS- | M] () – C:\WINDOWS\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll – [2008-04-15 14:00:00 | 001,499,136 | —- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll – [2009-02-09 12:56:06 | 000,473,600 | —- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll – [2008-04-15 14:00:00 | 000,273,920 | —- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========[/color:a2a8011611]

    [2013-06-25 11:19:25 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Application Data\HTC
    [2011-07-24 19:16:37 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Application Data\LightScribe
    [2013-08-24 09:22:07 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Application Data\LogMeIn
    [2013-06-27 14:04:02 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Application Data\Trusteer
    [2013-03-19 21:32:06 | 000,000,000 | —D | M] – C:\Documents and Settings\Rikie\Application Data\Belastingdienst
    [2012-07-09 21:26:51 | 000,000,000 | —D | M] – C:\Documents and Settings\Rikie\Application Data\ImgBurn
    [2012-08-01 20:35:22 | 000,000,000 | —D | M] – C:\Documents and Settings\Rikie\Application Data\Leadertech

    ========== Purity Check ==========[/color:a2a8011611]



    < End of report >
  • En:

    OTL Extras logfile created on: 24-8-2013 13:36:12 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Rikie\Bureaublad
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    1022,73 Mb Total Physical Memory | 668,03 Mb Available Physical Memory | 65,32% Memory free
    2,40 Gb Paging File | 2,11 Gb Available in Paging File | 87,75% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 120,00 Gb Total Space | 106,11 Gb Free Space | 88,42% Space Free | Partition Type: NTFS
    Drive D: | 76,69 Gb Total Space | 69,09 Gb Free Space | 90,09% Space Free | Partition Type: NTFS
    Drive E: | 178,09 Gb Total Space | 157,21 Gb Free Space | 88,28% Space Free | Partition Type: NTFS

    Computer Name: PCBENEDEN | User Name: Rikie | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========[/color:7dcf4db48f]


    ========== File Associations ==========[/color:7dcf4db48f]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] – rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    [HKEY_USERS\S-1-5-21-790525478-879983540-1801674531-1003\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] – C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========[/color:7dcf4db48f]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] – "%1" %*
    cmdfile [open] – "%1" %*
    comfile [open] – "%1" %*
    cplfile [cplopen] – rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] – "%1" %*
    piffile [open] – "%1" %*
    regfile [merge] – Reg Error: Key error.
    scrfile [config] – "%1"
    scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] – "%1" /S
    txtfile [edit] – Reg Error: Key error.
    Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] – "C:\Program Files\VideoLAN\VLC\vlc.exe" –started-from-file –playlist-enqueue "%1" ()
    Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] – "C:\Program Files\VideoLAN\VLC\vlc.exe" –started-from-file –no-playlist-enqueue "%1" ()
    Folder [open] – %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] – %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========[/color:7dcf4db48f]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "UpdatesDisableNotify" = 1
    "AntiVirusDisableNotify" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========[/color:7dcf4db48f]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========[/color:7dcf4db48f]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

    ========== Authorized Applications List ==========[/color:7dcf4db48f]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 – (Microsoft Corporation)
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 – (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 – (Microsoft Corporation)
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 – (Microsoft Corporation)
    "C:\Program Files\Mozilla Firefox\plugin-container.exe" = C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox – (Mozilla Corporation)
    "C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD – (Logitech Inc.)
    "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype – (Skype Technologies S.A.)
    "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit – (Apple Inc.)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:7dcf4db48f]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
    "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
    "{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
    "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
    "{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
    "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
    "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
    "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
    "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
    "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
    "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
    "{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
    "{220C5102-2566-337F-9E9B-C81C5C761BA2}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - NLD
    "{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
    "{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
    "{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.2.3456
    "{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
    "{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
    "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
    "{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
    "{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
    "{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
    "{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
    "{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
    "{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
    "{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
    "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
    "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
    "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{57573545-74EB-46D2-B362-AA05364E4ED8}" = LogMeIn
    "{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
    "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
    "{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
    "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
    "{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
    "{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
    "{6965F2F4-1CD2-4F42-A8EF-9EF433F9AA72}" = IPTInstaller
    "{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
    "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
    "{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
    "{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
    "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8C788975-88ED-3C52-A188-6C944E9BD07D}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - NLD
    "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
    "{8e71ec43-ee30-4608-9a3a-cbe3c2c7f17d}" = Nero 9
    "{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003
    "{90120000-0020-0413-0000-0000000FF1CE}" = Compatibiliteitspakket voor het 2007 Microsoft Office system
    "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
    "{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard
    "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
    "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
    "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
    "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A395750A-78D7-36D1-A59D-1A0B601D4BDC}" = Microsoft .NET Framework 3.5 Language Pack - nld
    "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
    "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
    "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1043-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Nederlands
    "{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
    "{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
    "{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite
    "{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
    "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
    "{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
    "{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
    "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
    "{D22AFEDF-6A5B-459D-A9EA-D16E422E4C18}" = Nokia Connectivity Cable Driver
    "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech-webcamsoftware
    "{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
    "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
    "{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
    "{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
    "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
    "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
    "{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
    "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
    "Aangifte inkomstenbelasting 2011" = Aangifte inkomstenbelasting 2011
    "Aangifte inkomstenbelasting 2012" = Aangifte inkomstenbelasting 2012
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "All ATI Software" = ATI - Software-verwijderprogramma
    "ATI Display Driver" = ATI Display Driver
    "ATITool" = ATITool Overclocking Utility
    "Digital Editions" = Adobe Digital Editions
    "DivX Setup.divx.com" = DivX Setup
    "ESET Online Scanner" = ESET Online Scanner v3
    "Google Chrome" = Google Chrome
    "HD Tune_is1" = HD Tune 2.55
    "ie8" = Windows Internet Explorer 8
    "ImgBurn" = ImgBurn
    "IrfanView" = IrfanView (remove only)
    "Logitech Vid" = Logitech Vid HD
    "lvdrivers_12.10" = Logitech Webcam Software-stuurprogrammapakket
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.75.0.1300
    "Microsoft .NET Framework 3.5 Language Pack - nld" = Taalpakket voor Microsoft .NET Framework 3.5 - NL
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Mozilla Firefox 23.0.1 (x86 nl)" = Mozilla Firefox 23.0.1 (x86 nl)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "VLC media player" = VLC media player 1.1.11
    "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Windows Media Player 11
    "WinRAR archiver" = WinRAR 4.01 (32-bit)
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
    "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

    ========== Last 20 Event Log Errors ==========[/color:7dcf4db48f]

    [ Application Events ]
    Error - 30-6-2013 13:49:45 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11500
    Description = Product: QuickTime – Fout 1500. Er wordt al een andere installatie
    uitgevoerd. U moet deze installatie voltooien als u door wilt gaan.

    Error - 30-6-2013 13:49:46 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11500
    Description = Product: QuickTime – Fout 1500. Er wordt al een andere installatie
    uitgevoerd. U moet deze installatie voltooien als u door wilt gaan.

    Error - 30-6-2013 13:49:46 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11500
    Description = Product: QuickTime – Fout 1500. Er wordt al een andere installatie
    uitgevoerd. U moet deze installatie voltooien als u door wilt gaan.

    Error - 12-8-2013 5:13:47 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11404
    Description = Product: ESET NOD32 Antivirus – Probleem 1404. Kon sleutel \Software\ESET\ESET
    Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder.

    Error - 12-8-2013 5:13:47 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11404
    Description = Product: ESET NOD32 Antivirus – Probleem 1404. Kon sleutel \Software\ESET\ESET
    Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder.

    Error - 12-8-2013 5:13:48 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11404
    Description = Product: ESET NOD32 Antivirus – Probleem 1404. Kon sleutel \Software\ESET\ESET
    Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder.

    Error - 12-8-2013 5:13:48 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11404
    Description = Product: ESET NOD32 Antivirus – Probleem 1404. Kon sleutel \Software\ESET\ESET
    Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder.

    Error - 14-8-2013 8:38:47 | Computer Name = PCBENEDEN | Source = crypt32 | ID = 131083
    Description = Het uitpakken van een basislijst uit de cab voor automatische updates
    is mislukt op <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    met de fout: Een vereist certificaat valt niet binnen de geldigheidsperiode als
    gekeken wordt naar de huidige systeemklok of de tijdstempel in het ondertekende
    bestand.

    Error - 14-8-2013 8:38:47 | Computer Name = PCBENEDEN | Source = crypt32 | ID = 131083
    Description = Het uitpakken van een basislijst uit de cab voor automatische updates
    is mislukt op <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    met de fout: Een vereist certificaat valt niet binnen de geldigheidsperiode als
    gekeken wordt naar de huidige systeemklok of de tijdstempel in het ondertekende
    bestand.

    Error - 16-8-2013 19:11:45 | Computer Name = PCBENEDEN | Source = Application Hang | ID = 1002
    Description = Vastgelopen toepassing: WINWORD.EXE, versie: 11.0.8345.0, vastgelopen
    module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

    [ System Events ]
    Error - 24-7-2013 13:49:30 | Computer Name = PCBENEDEN | Source = Service Control Manager | ID = 7038
    Description = De RemoteRegistry-service kan niet als NT AUTHORITY\LocalService met
    het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout: %%5

    Gebruik
    de module Services in de Microsoft Management Console (MMC) om te controleren of
    de service juist is geconfigureerd.

    Error - 24-7-2013 13:49:30 | Computer Name = PCBENEDEN | Source = Service Control Manager | ID = 7000
    Description = De Remote Registry-service kan vanwege de volgende fout niet worden
    gestart: %%1069

    Error - 2-8-2013 9:44:26 | Computer Name = PCBENEDEN | Source = Service Control Manager | ID = 7038
    Description = De RemoteRegistry-service kan niet als NT AUTHORITY\LocalService met
    het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout: %%5

    Gebruik
    de module Services in de Microsoft Management Console (MMC) om te controleren of
    de service juist is geconfigureerd.

    Error - 2-8-2013 9:44:26 | Computer Name = PCBENEDEN | Source = Service Control Manager | ID = 7000
    Description = De Remote Registry-service kan vanwege de volgende fout niet worden
    gestart: %%1069

    Error - 6-8-2013 5:54:11 | Computer Name = PCBENEDEN | Source = WPDMTPDriver | ID = 80836
    Description = MTP WPD Driver has failed to start. Error 0x8007001f.

    Error - 17-8-2013 9:28:53 | Computer Name = PCBENEDEN | Source = Service Control Manager | ID = 7032
    Description = Servicebesturingsbeheer heeft na het onverwachte afsluiten van de
    Windows Management Instrumentation-service geprobeerd een herstelactie (Service
    opnieuw starten) uit te voeren, maar deze actie is met de volgende fout mislukt:
    %%1056


    < End of report >

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.