anoniem Geplaatst: 12 augustus 2013 Delen Geplaatst: 12 augustus 2013 Beste heren en dames, Op de volgende pc (van mijn moeder): Amd Sempron 3000+ 1GB RAM ASUS K8V SE Deluxe Ati Radeon X800 Windows XP Pro SP3 Heb ik de volgende 2 problemen die ik maar niet op kan lossen: 1. Na het opstarten draait de pc ca. 5 min op 100% cpu-gebruik, veroorzaakt door svchost.exe. Ik dacht eerst aan de virusscanner (NOD32), maar na het verwijderen hiervan nog steeds. MBAM geeft geen nieuws. 2. Al geruime tijd zijn flash filmpjes op verschillende websites verschrikkelijk traag/schokkerig/blokkerig. Ik heb al geexperimenteerd met verschillende versies van Flash en met het aan en uit zetten van hardwareversnelling, zonder resultaat. Zowel in FF als in IE als in Chrome. Wie weet raad? Quote Link naar reactie
anoniem Geplaatst: 12 augustus 2013 Auteur Delen Geplaatst: 12 augustus 2013 Is jouw antivirus gekocht of geaktiveerd met Fix? Graag de drie logs in één keer posten. [color=#008000:108d0cc355][b:108d0cc355]Stap •1•[/b:108d0cc355][/color:108d0cc355] [b:108d0cc355]Welk programma[/b:108d0cc355]: [img:108d0cc355]http://www.imgdumper.nl/uploads7/51e27edfbcfc0/51e27edfbcbdc-AdwCleaner_icon_Canned_1349013334.jpg[/img:108d0cc355][color=#008000:108d0cc355][b:108d0cc355] AdwCleaner[/b:108d0cc355][/color:108d0cc355] [b:108d0cc355]Waarvoor/waarom[/b:108d0cc355]: Scanner om Windows op te schonen en te ontdoen van malafide toolbars. [b:108d0cc355]Moeilijkheidsgraad[/b:108d0cc355]: Geen. [b:108d0cc355]Downloadlokatie[/b:108d0cc355]: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen! [b:108d0cc355]Download[/b:108d0cc355]: [url=http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner][b:108d0cc355]AdwCleaner by Xplode[/b:108d0cc355][/url]. [b:108d0cc355]Opmerkingen[/b:108d0cc355]: [list:108d0cc355]Alle openstaande programma's en webpagina's dienen afgesloten te zijn. [*:108d0cc355]Dat na opstarten van [b:108d0cc355]AdwCleaner[/b:108d0cc355] de snelkoppelingen verdwijnen van bureaublad, is normaal.[/list:u:108d0cc355] [b:108d0cc355]AdwCleaner opstarten[/b:108d0cc355]: [list:108d0cc355][*:108d0cc355][b:108d0cc355][color=#0000FF:108d0cc355]Windows 2000[/color:108d0cc355][/b:108d0cc355] en [color=#0000FF:108d0cc355][b:108d0cc355]Windows XP[/b:108d0cc355][/color:108d0cc355]: dubbelklik op adwcleaner.exe. [*:108d0cc355][color=#0000FF:108d0cc355][b:108d0cc355]Windows Vista[/b:108d0cc355][/color:108d0cc355], [color=#0000FF:108d0cc355][b:108d0cc355]Windows 7[/b:108d0cc355][/color:108d0cc355] en [color=#0000FF:108d0cc355][b:108d0cc355]Windows 8[/b:108d0cc355][/color:108d0cc355]: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".[/list:u:108d0cc355] [b:108d0cc355]AdwCleaner is opgestart[/b:108d0cc355]: [list:108d0cc355][*:108d0cc355]Klik op de knop [b:108d0cc355]Verwijderen[/b:108d0cc355] [*:108d0cc355]Klik bij [b:108d0cc355]AdwCleaner – Afsluiting van de programma's[/b:108d0cc355] op [b:108d0cc355]OK[/b:108d0cc355] [*:108d0cc355]Klik bij [b:108d0cc355]AdwCleaner – Herstarten noodzakelijk[/b:108d0cc355] op [b:108d0cc355]OK[/b:108d0cc355][/list:u:108d0cc355] [b:108d0cc355]AdwCleaner logbestand[/b:108d0cc355]: [list:108d0cc355][*:108d0cc355]Nadat de PC opnieuw is opgestart, opent een logfile. [*:108d0cc355]Post vervolgens de inhoud van dit log in je volgende bericht.[/list:u:108d0cc355] [color=#008000:108d0cc355][b:108d0cc355]Stap •2•[/b:108d0cc355][/color:108d0cc355] [b:108d0cc355]Welk programma[/b:108d0cc355]: [img:108d0cc355]http://www.imgdumper.nl/uploads7/51e281a62c587/51e281a62c183-Junkware_Removal_Tool_icon_Canned_1351185104.png.jpg[/img:108d0cc355][color=#008000:108d0cc355][b:108d0cc355] Junkware Removal Tool by Thisisu[/b:108d0cc355][/color:108d0cc355] [b:108d0cc355]Waarvoor/waarom[/b:108d0cc355]: Scanner om Windows o.a. te ontdoen van malafide toolbars. [b:108d0cc355]Moeilijkheidsgraad[/b:108d0cc355]: Geen. [b:108d0cc355]Downloadlokatie[/b:108d0cc355]: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen! [b:108d0cc355]Download[/b:108d0cc355]: [url=http://thisisudax.org/downloads/JRT.exe][b:108d0cc355]JRT.exe[/b:108d0cc355][/url]. [b:108d0cc355]Opmerkingen[/b:108d0cc355]: [list:108d0cc355][*:108d0cc355]Alle openstaande programma's en webpagina's dienen afgesloten te zijn. [*:108d0cc355]Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.: [*:108d0cc355][url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608][b:108d0cc355][color=#0000FF:108d0cc355]Hier[/color:108d0cc355][/b:108d0cc355][/url] en [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607][b:108d0cc355][color=#0000FF:108d0cc355]hier[/color:108d0cc355][/b:108d0cc355][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [*:108d0cc355]Dat tijdens de scan van [b:108d0cc355]JRT.exe[/b:108d0cc355] tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.[/list:u:108d0cc355] [b:108d0cc355]Junkware Removal Tool by Thisisu opstarten[/b:108d0cc355]: [list:108d0cc355][*:108d0cc355][b:108d0cc355][color=#0000FF:108d0cc355]Windows 2000[/color:108d0cc355][/b:108d0cc355] en [color=#0000FF:108d0cc355][b:108d0cc355]Windows XP[/b:108d0cc355][/color:108d0cc355]: dubbelklik op [b:108d0cc355]JRT.exe[/b:108d0cc355]. [*:108d0cc355][color=#0000FF:108d0cc355][b:108d0cc355]Windows Vista[/b:108d0cc355][/color:108d0cc355], [color=#0000FF:108d0cc355][b:108d0cc355]Windows 7[/b:108d0cc355][/color:108d0cc355] en [color=#0000FF:108d0cc355][b:108d0cc355]Windows 8[/b:108d0cc355][/color:108d0cc355]: via rechtsklik op [b:108d0cc355]JRT.exe[/b:108d0cc355] en kies voor "Als Administrator uitvoeren". [*:108d0cc355][b:108d0cc355]JRT.exe[/b:108d0cc355] zal daarna Windows gaan scannen. [*:108d0cc355]Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig. [*:108d0cc355]Indien de scan voltooid is, zal een logje ([b:108d0cc355]JRT.txt[/b:108d0cc355]) op het bureaublad opgeslagen worden en automatisch openen. [*:108d0cc355]Post de inhoud van dit log in je volgende bericht.[/list:u:108d0cc355] [color=#008000:108d0cc355][b:108d0cc355]Stap •3•[/b:108d0cc355] [/color:108d0cc355][b:108d0cc355]Welk programma[/b:108d0cc355]: [img:108d0cc355]http://www.imgdumper.nl/uploads6/51c58e5decb73/51c58e5dea07b-Mbam_resized.png[/img:108d0cc355][color=#008000:108d0cc355][b:108d0cc355] Malwarebytes MBAM[/b:108d0cc355][/color:108d0cc355] [b:108d0cc355]Waarvoor/waarom[/b:108d0cc355]: gratis specialistische ondemandscanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:108d0cc355]Moeilijkheidsgraad[/b:108d0cc355]: geen. [b:108d0cc355]Download: [url=http://www.malwarebytes.org/mbam/program/mbam-setup.exe]Malwarebytes MBAM[/b:108d0cc355][/url] [b:108d0cc355]Allereerst[/b:108d0cc355]:[list:108d0cc355][*:108d0cc355] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:108d0cc355] Ook bij herhaald gebruik: eerst [b:108d0cc355]Malwarebytes MBAM[/b:108d0cc355] updaten via de tab 'Update'![/list:u:108d0cc355] [b:108d0cc355]Malwarebytes MBAM opstarten[/b:108d0cc355]: [list:108d0cc355][*:108d0cc355]Sluit nu eerst alle nog openstaande programmavensters! [*:108d0cc355][b:108d0cc355][color=#0000FF:108d0cc355]Windows 2000[/color:108d0cc355][/b:108d0cc355] en [color=#0000FF:108d0cc355][b:108d0cc355]Windows XP[/b:108d0cc355][/color:108d0cc355]: dubbelklik op de MBAM -snelkoppeling. [*:108d0cc355][color=#0000FF:108d0cc355][b:108d0cc355]Windows Vista[/b:108d0cc355][/color:108d0cc355], [color=#0000FF:108d0cc355][b:108d0cc355]Windows 7[/b:108d0cc355][/color:108d0cc355] en [color=#0000FF:108d0cc355][b:108d0cc355]Windows 8[/b:108d0cc355][/color:108d0cc355]: rechtsklik op de MBAM-snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:108d0cc355] [b:108d0cc355]Let op:[/b:108d0cc355] [list:108d0cc355][*:108d0cc355]Malwarebytes MBAM verstrekt nu de volledige versie van MBAM. [*:108d0cc355]Bij de eerste start kijg je de mogelijkheid de gratis probeerversie van Malwarebytes AntiMalware tijdelijk te gebruiken. [*:108d0cc355]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan voor de gratis versie te gaan en dus het vinkje bij de probeerversie te verwijderen. [*:108d0cc355]Zodoende zal Malwarebytes MBAM als gratis versie verder te gebruiken zijn[/list:u:108d0cc355] [b:108d0cc355]Doe ook nog het volgende:[/b:108d0cc355] [list:108d0cc355][*:108d0cc355]Zodra het programma gestart is, ga dan naar het tabblad "[b:108d0cc355]Instellingen[/b:108d0cc355]". [*:108d0cc355]Vink hier aan: "[b:108d0cc355]Sluit Internet Explorer tijdens verwijdering van malware[/b:108d0cc355]".[/list:u:108d0cc355] [b:108d0cc355]Scannen[/b:108d0cc355]: [list:108d0cc355][*:108d0cc355] Bij het starten [b:108d0cc355]Malwarebytes MBAM[/b:108d0cc355] kies je voor 'Snelle Scan'. [*:108d0cc355]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:108d0cc355]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:108d0cc355] [b:108d0cc355]Infecties gevonden[/b:108d0cc355]: [list:108d0cc355][*:108d0cc355]Klik nu eerst op OK om de melding weg te klikken [*:108d0cc355]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:108d0cc355]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:108d0cc355]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:108d0cc355]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:108d0cc355]Daarna zal [b:108d0cc355]Malwarebytes MBAM[/b:108d0cc355] vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:108d0cc355] [b:108d0cc355]MBAM-Log[/b:108d0cc355]: [list:108d0cc355][*:108d0cc355] Het log wordt automatisch bewaard door [b:108d0cc355]Malwarebytes MBAM[/b:108d0cc355] en dat kan je terugvinden door in het hoofdmenu van [b:108d0cc355]Malwarebytes MBAM[/b:108d0cc355] op de tab 'Logbestanden' te klikken.[/list:u:108d0cc355] Post aansluitend in je volgende bericht de inhoud van het MBAM-log. Quote Link naar reactie
anoniem Geplaatst: 13 augustus 2013 Auteur Delen Geplaatst: 13 augustus 2013 Thanks voor je reactie! Ik woon niet mijn mn moeder, dus het lukte me niet eerder... Adwcleaner: [code:1:9bf6478a61]# AdwCleaner v2.306 - Verslag gemaakt op 13/08/2013 om 17:42:33 # Geactualiseerd op 19/07/2013 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruiker : # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Documents and Settings\\Bureaublad\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijderd : C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\searchplugins\Askcom.xml Map Verwijderd : C:\Documents and Settings\All Users\Application Data\Ask ***** [Register] ***** Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar Sleutel Verwijderd : HKLM\Software\TENCENT Waarde Verwijderd : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1] ***** [Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v22.0 (nl) File : C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\prefs.js Verwijderd : user_pref("browser.search.order.1", "Ask.com"); -\\ Google Chrome v28.0.1500.95 File : C:\Documents and Settings\\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R1].txt - [2008 octets] - [13/08/2013 17:42:11] AdwCleaner[S1].txt - [1964 octets] - [13/08/2013 17:42:33] ########## EOF - C:\AdwCleaner[S1].txt - [2024 octets] ########## [/code:1:9bf6478a61] JTR: [code:1:9bf6478a61]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.4.4 (08.12.2013:1) OS: Microsoft Windows XP x86 Ran by on di 13-08-2013 at 17:47:46,76 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FA2BD296-1BE4-46E3-89A5-2F7B83324C74} ~~~ Files ~~~ Folders ~~~ Chrome Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [Blacklisted Policy] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on di 13-08-2013 at 17:52:13,40 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [/code:1:9bf6478a61] MBAM: [code:1:9bf6478a61]Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.08.12.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 [administrator] 13-8-2013 17:52:59 MBAM-log-2013-08-13 (17-59-02).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 227084 Verstreken tijd: 5 minuut/minuten, 23 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 2 HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Slecht: (1) Goed: (0) -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Slecht: (1) Goed: (0) -> Geen actie ondernomen. Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) [/code:1:9bf6478a61] Edit: na een reboot gecheckt: nog steeds 100% cpu voor een paar minuten... Quote Link naar reactie
anoniem Geplaatst: 13 augustus 2013 Auteur Delen Geplaatst: 13 augustus 2013 Doe nu dan het volgende: [b:c048badec3]Welk programma[/b:c048badec3]: [img:c048badec3]http://www.imgdumper.nl/uploads7/51f8d0367469c/51f8d03670fd5-RogueKiller_icon_Canned_def.jpg[/img:c048badec3][color=#008000:c048badec3][b:c048badec3] RogueKiller[/b:c048badec3][/color:c048badec3] [b:c048badec3]Waarvoor/waarom[/b:c048badec3]: gratis specialistische scanner om lopende processen te scannen en om malware processen te kunnen uitschakelen. [b:c048badec3]Moeilijkheidsgraad[/b:c048badec3]: geen. [b:c048badec3]Download: [url=http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe]RogueKiller 32 bit (x86)[/url] of [url=http://www.sur-la-toile.com/RogueKiller/RogueKillerX64.exe]RogueKiller 64 bit (x64)[/url][/b:c048badec3] [b:c048badec3]RogueKiller opstarten[/b:c048badec3]: [list:c048badec3][*:c048badec3]Sluit nu eerst alle nog openstaande programmavensters! [*:c048badec3][b:c048badec3][color=#0000FF:c048badec3]Windows 2000[/color:c048badec3][/b:c048badec3] en [color=#0000FF:c048badec3][b:c048badec3]Windows XP[/b:c048badec3][/color:c048badec3]: dubbelklik op RogueKiller.exe. [*:c048badec3][color=#0000FF:c048badec3][b:c048badec3]Windows Vista[/b:c048badec3][/color:c048badec3], [color=#0000FF:c048badec3][b:c048badec3]Windows 7[/b:c048badec3][/color:c048badec3] en [color=#0000FF:c048badec3][b:c048badec3]Windows 8[/b:c048badec3][/color:c048badec3]: rechtsklik op RogueKiller.exe en dan kiezen voor Als Administrator uitvoeren.[/list:u:c048badec3] [b:c048badec3]Scannen[/b:c048badec3]: [list:c048badec3][*:c048badec3][b:c048badec3]Sluit voordat RogueKiller gaat scannen, eerst alle andere openstaande vensters![/b:c048badec3] [*:c048badec3]Na opstarten begint RogueKiller meteen een pre-scan, dus wacht tot de scan klaar is. [*:c048badec3]Let op - activeer de volgende opties in RogueKiller: [list:c048badec3] [*:c048badec3] MBR Scan [*:c048badec3] Check Faked [*:c048badec3] Anti-Rootkit[/list:u:c048badec3] [*:c048badec3]Klik vervolgens op de knop [b:c048badec3]Scan[/b:c048badec3] [*:c048badec3]Wacht tot het einde van de scan. [*:c048badec3]Een log wordt aangemaakt en geplaatst op het bureaublad.[/list:u:c048badec3] [b:c048badec3]Hoe nu verder[/b:c048badec3]: [list:c048badec3][*:c048badec3][b:c048badec3][color=#008000:c048badec3]Doe verder nog niks maar plaats eerst de inhoud van dat log in jouw volgende bericht en sluit RogueKiller.[/color:c048badec3][/b:c048badec3][/list:u:c048badec3] Quote Link naar reactie
anoniem Geplaatst: 14 augustus 2013 Auteur Delen Geplaatst: 14 augustus 2013 Logje: [code:1:2583c74ec1]RogueKiller V8.6.5 [Aug 5 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ besturingssysteem : Windows XP (5.1.2600 Service Pack 3) 32 bits version Gestart vanuit : Normale modus Gebruiker : Rikie [Administrator rechten] Modus : Scan -- Datum : 08/14/2013 14:39:32 | ARK || FAK || MBR | ¤¤¤ Kwaadaardige processen : 0 ¤¤¤ ¤¤¤ Register verwijzingen : 7 ¤¤¤ [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> gevonden [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> gevonden [HJ SECU] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> gevonden [HJ SECU] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> gevonden [HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> gevonden [HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> gevonden [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden ¤¤¤ geplande taken : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ webbrowsers : 0 ¤¤¤ ¤¤¤ Speciale Files / Folders: ¤¤¤ ¤¤¤ Driver : [Geladen] ¤¤¤ ¤¤¤ Externe Hives: ¤¤¤ ¤¤¤ Infectie : ¤¤¤ ¤¤¤ HOSTS Bestand: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Controle: ¤¤¤ +++++ PhysicalDrive0: HDS728080PLAT20 +++++ --- User --- [MBR] c34d3e47d21041e057960e0f97f58f5f [BSP] 860f41f9c704aff60a781fa0af1b6f86 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 78530 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: HDS728080PLAT20 +++++ --- User --- [MBR] cb32521b5d688e4edaa2a44592b92b6a [BSP] 6d66002a8d6974c383976245bbe2ae3a : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 122879 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 251658225 | Size: 182362 Mo User = LL1 ... OK! Error reading LL2 MBR! Gereed : << RKreport[0]_S_08142013_143932.txt >> [/code:1:2583c74ec1] Quote Link naar reactie
anoniem Geplaatst: 14 augustus 2013 Auteur Delen Geplaatst: 14 augustus 2013 Is de HD - PhysicalDrive1: HDS728080PLAT20 - extern aangesloten? Quote Link naar reactie
anoniem Geplaatst: 14 augustus 2013 Auteur Delen Geplaatst: 14 augustus 2013 Nee, is een interne dataschijf, PATA geloof ik. Why? Edit: I stand corrected. Numero 1 is een SATA schijf van Samsung, 2 partities waarvan 1 Windows en 1 data. Ik raakte in de war door de naam (HDS) omdat de andere een 80Gb PATA Hitachi is (HDS dus) Quote Link naar reactie
anoniem Geplaatst: 14 augustus 2013 Auteur Delen Geplaatst: 14 augustus 2013 Oké. [img:9b525e3e43]http://www.imgdumper.nl/uploads7/51f8d0367469c/51f8d03670fd5-RogueKiller_icon_Canned_def.jpg[/img:9b525e3e43][b:9b525e3e43] RogueKiller opstarten[/b:9b525e3e43]: [list:9b525e3e43][*:9b525e3e43]Sluit nu eerst alle nog openstaande programmavensters! [*:9b525e3e43][b:9b525e3e43][color=#0000FF:9b525e3e43]Windows 2000[/color:9b525e3e43][/b:9b525e3e43] en [color=#0000FF:9b525e3e43][b:9b525e3e43]Windows XP[/b:9b525e3e43][/color:9b525e3e43]: dubbelklik op RogueKiller.exe. [*:9b525e3e43][color=#0000FF:9b525e3e43][b:9b525e3e43]Windows Vista[/b:9b525e3e43][/color:9b525e3e43], [color=#0000FF:9b525e3e43][b:9b525e3e43]Windows 7[/b:9b525e3e43][/color:9b525e3e43] en [color=#0000FF:9b525e3e43][b:9b525e3e43]Windows 8[/b:9b525e3e43][/color:9b525e3e43]: rechtsklik op RogueKiller.exe en dan kiezen voor Als Administrator uitvoeren.[/list:u:9b525e3e43] [b:9b525e3e43]Scannen[/b:9b525e3e43]: [list:9b525e3e43][*:9b525e3e43][b:9b525e3e43]Sluit voordat RogueKiller gaat scannen, eerst alle andere openstaande vensters![/b:9b525e3e43] [*:9b525e3e43]Na opstarten begint RogueKiller meteen een pre-scan, dus wacht tot de scan klaar is. [*:9b525e3e43]Let op - activeer de volgende opties in RogueKiller: [list:9b525e3e43] [*:9b525e3e43]MBR Scan [*:9b525e3e43]Check Faked [*:9b525e3e43]Anti-Rootkit[/list:u:9b525e3e43] [*:9b525e3e43]Klik vervolgens op de knop [b:9b525e3e43]Scan[/b:9b525e3e43] [*:9b525e3e43]Wacht tot het einde van de scan. [*:9b525e3e43]Zorg nu ervoor dat bij enkel bij de onderstaand vermelde regels het vinkje blijft staan. [code:1:9b525e3e43]¤¤¤ Register verwijzingen : 7 ¤¤¤ [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> gevonden [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> gevonden [HJ SECU] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> gevonden [HJ SECU] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> gevonden [HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> gevonden [HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> gevonden [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden [/code:1:9b525e3e43] [*:9b525e3e43]Klik vervolgens op de knop [b:9b525e3e43]Verwijderen[/b:9b525e3e43] teneinde RogueKiller reparaties en verwijderingen te laten uitvoeren. [*:9b525e3e43]Er zal op het bureaublad een nieuw log worden aangemaakt - RKreport (Mode: Delete) - post hiervan de inhoud in jouw volgende bericht. [*:9b525e3e43][b:9b525e3e43][color=#008000:9b525e3e43]Belangrijk[/color:9b525e3e43][/b:9b525e3e43]: omdat het Windows register bewerkt is, nu de PC eerst opnieuw opstarten.[/list:u:9b525e3e43] Quote Link naar reactie
anoniem Geplaatst: 15 augustus 2013 Auteur Delen Geplaatst: 15 augustus 2013 Done, geen verschil. Logje: [code:1:cd675ea10c]RogueKiller V8.6.5 [Aug 5 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ besturingssysteem : Windows XP (5.1.2600 Service Pack 3) 32 bits version Gestart vanuit : Normale modus Gebruiker : Rikie [Administrator rechten] Modus : Verwijder -- Datum : 08/15/2013 10:50:48 | ARK || FAK || MBR | ¤¤¤ Kwaadaardige processen : 0 ¤¤¤ ¤¤¤ Register verwijzingen : 7 ¤¤¤ [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> Verwijderd [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> Verwijderd [HJ SECU] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> VERVANGEN (0) [HJ SECU] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> VERVANGEN (0) [HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> VERVANGEN (1) [HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> VERVANGEN (1) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> VERVANGEN (0) ¤¤¤ geplande taken : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ webbrowsers : 0 ¤¤¤ ¤¤¤ Speciale Files / Folders: ¤¤¤ ¤¤¤ Driver : [Geladen] ¤¤¤ ¤¤¤ Externe Hives: ¤¤¤ ¤¤¤ Infectie : ¤¤¤ ¤¤¤ HOSTS Bestand: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Controle: ¤¤¤ +++++ PhysicalDrive0: HDS728080PLAT20 +++++ --- User --- [MBR] c34d3e47d21041e057960e0f97f58f5f [BSP] 860f41f9c704aff60a781fa0af1b6f86 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 78530 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: HDS728080PLAT20 +++++ --- User --- [MBR] cb32521b5d688e4edaa2a44592b92b6a [BSP] 6d66002a8d6974c383976245bbe2ae3a : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 122879 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 251658225 | Size: 182362 Mo User = LL1 ... OK! Error reading LL2 MBR! Gereed : << RKreport[0]_D_08152013_105048.txt >> RKreport[0]_S_08142013_143932.txt;RKreport[0]_S_08152013_104731.txt [/code:1:cd675ea10c] Quote Link naar reactie
anoniem Geplaatst: 15 augustus 2013 Auteur Delen Geplaatst: 15 augustus 2013 [b:d176eb3a76]Download[/b:d176eb3a76] [img:d176eb3a76]http://www.imgdumper.nl/uploads7/5207507ebb657/5207507eb6836-SecurityCheck_cannednieuw.jpg[/img:d176eb3a76] [url=http://screen317.spywareinfoforum.org/SecurityCheck.exe][b:d176eb3a76]Security Check[/b:d176eb3a76][/url] [b:d176eb3a76]Downloadlokatie[/b:d176eb3a76]: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen! [b:d176eb3a76]TFC opstarten[/b:d176eb3a76]: [list:d176eb3a76][*:d176eb3a76][color=#0000FF:d176eb3a76][b:d176eb3a76]Windows 2000[/b:d176eb3a76][/color:d176eb3a76] en [color=#0000FF:d176eb3a76][b:d176eb3a76]Windows XP[/b:d176eb3a76][/color:d176eb3a76]: dubbelklik op [b:d176eb3a76]TFC.exe[/b:d176eb3a76]. [*:d176eb3a76][color=#0000FF:d176eb3a76][b:d176eb3a76]Windows Vista[/b:d176eb3a76][/color:d176eb3a76], [color=#0000FF:d176eb3a76][b:d176eb3a76]Windows 7[/b:d176eb3a76][/color:d176eb3a76] en [color=#0000FF:d176eb3a76][b:d176eb3a76]Windows 8[/b:d176eb3a76][/color:d176eb3a76] rechtsklik op [b:d176eb3a76]TFC.exe[/b:d176eb3a76] en kies "Als Administrator uitvoeren". [*:d176eb3a76]Let op de instrukties in het zwarte venster. [*:d176eb3a76]Een Kladblok document genaamd [b:d176eb3a76]checkup.txt[/b:d176eb3a76] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad. [*:d176eb3a76]Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:d176eb3a76] Post de inhoud van [b:d176eb3a76]checkup.txt [/b:d176eb3a76]in jouw volgende post. Quote Link naar reactie
anoniem Geplaatst: 15 augustus 2013 Auteur Delen Geplaatst: 15 augustus 2013 Thanks so far, wederom een logje: Results of screen317's Security Check version 0.99.72 Windows XP Service Pack 3 x86 Internet Explorer 8 [b:6c204ed501][u:6c204ed501]``````````````Antivirus/Firewall Check:``````````````[/b:6c204ed501][/u:6c204ed501] [size=1:6c204ed501]WMI entry may not exist for antivirus; attempting automatic update.[/size:6c204ed501] [b:6c204ed501][u:6c204ed501]`````````Anti-malware/Other Utilities Check:`````````[/b:6c204ed501][/u:6c204ed501] Java(TM) 6 Update 26 Java 7 Update 21 [color=red:6c204ed501][b:6c204ed501]Java version out of Date![/b:6c204ed501][/color:6c204ed501] Adobe Flash Player 11.8.800.94 Adobe Reader XI Mozilla Firefox 22.0 [color=red:6c204ed501][b:6c204ed501]Firefox out of Date![/b:6c204ed501][/color:6c204ed501] Google Chrome 28.0.1500.95 [b:6c204ed501][u:6c204ed501]````````Process Check: objlist.exe by Laurent````````[/b:6c204ed501][/u:6c204ed501] [b:6c204ed501][u:6c204ed501]`````````````````System Health check`````````````````[/b:6c204ed501][/u:6c204ed501] Total Fragmentation on Drive C:: [b:6c204ed501][u:6c204ed501]````````````````````End of Log``````````````````````[/b:6c204ed501][/u:6c204ed501] Quote Link naar reactie
anoniem Geplaatst: 15 augustus 2013 Auteur Delen Geplaatst: 15 augustus 2013 Ik heb je antwoord veranderd door de code-tags te verwijderen. Niet meer logs in code-tags plaatsen dus, want dan komen ook alle opmaakcoderingen er in te staan en dat maakt lezen ervan verdraaide lastig. Doe nu eerst het volgende: verwijder [b:2b25e87679]Java 7 Update 21[/b:2b25e87679]. Om Windows veilig te houden altijd de laatste en nieuwste versie van Java gebruiken en ervoor zorgen dat er geen oudere versie aanwezig zijn. Deze bevatten veiligheidslekken waar malware gebruik van maakt! Firefox 23 is uit. Klik op de oranje knop of anders in het menu op Extra, vervolgens op Help en als laatste klik je dan op "Over Firefox". Vermoedelijk zal de "Updateknop" dan al aktief zijn. Volg de verdere instrukties op. En dan een vraag, in Windows heb jij de courante Adobe Flashplayer zitten; heb jij die ook in Firefox apart geïnstalleerd? Want ik vermoed dat Firefox ook jouw favoriet is? Quote Link naar reactie
anoniem Geplaatst: 15 augustus 2013 Auteur Delen Geplaatst: 15 augustus 2013 Zowel Java als FF zouden automagisch moeten updaten, maar nu even handmatig gedaan. Ik ben inderdaad Firefox gebruiker. In Firefox heb ik ook de flashplayer geinstalleerd, 11.8. Vreemd is dat ik die van Adobe installeer, maar er Shockwave Flash in de addon-lijst komt te staan? Zie ook: [url=http://postimg.org/image/5gt1xus45/][img:e49bf21120]http://s18.postimg.org/5gt1xus45/Clipboard01.jpg[/img:e49bf21120][/url] Na een reboot nog steeds 100% CPU voor een paar minuten overigens... Quote Link naar reactie
anoniem Geplaatst: 15 augustus 2013 Auteur Delen Geplaatst: 15 augustus 2013 Dit is het Windows forum en niet Beveiliging. Lees onderstaande goed door: Download [url=http://support.kaspersky.com/downloads/utils/tdsskiller.exe][img:a591f343f7]http://www.imgdumper.nl/uploads7/51e290303993d/51e2903039553-TDSSKiller_Resized.png[/img:a591f343f7][b:a591f343f7][color=#FF0000:a591f343f7] TDSSKiller[/color:a591f343f7][/b:a591f343f7][/url] en plaats het op je bureaublad. [list:a591f343f7] [*:a591f343f7] Voordat je TDSSKiller uitvoert is het raadzaam om de onderstaande handleiding van TDSSKiller te raadplegen. [list:a591f343f7] [*:a591f343f7] [b:a591f343f7][url=http://antimalwaresoftware.nl/handleidingen/handleiding-tdsskiller/][color=#0000FF:a591f343f7]Klik hier voor de handleiding van Kaspersky TDSSKiller[/color:a591f343f7][/url][/b:a591f343f7][/list:u:a591f343f7] [*:a591f343f7] Dubbelklik op [b:a591f343f7]TDSSKiller.exe[/b:a591f343f7] om de tool te starten. ([i:a591f343f7]Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken[/i:a591f343f7]). [*:a591f343f7] [i:a591f343f7]Als er door TDSSkiller een update wordt gevonden klikt u op de knop "[b:a591f343f7]Load update[/b:a591f343f7]"[/i:a591f343f7] [img:a591f343f7]http://www.imgdumper.nl/uploads6/506422ecca8b3/506422ecc81a0-TDSSkiller%28update%29.jpg[/img:a591f343f7] [*:a591f343f7] [i:a591f343f7]Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.[/i:a591f343f7] [*:a591f343f7] [i:a591f343f7]Start nu TDSSkiller opnieuw.[/i:a591f343f7] [*:a591f343f7] Klik op "[b:a591f343f7]Change parameters[/b:a591f343f7]" en zorg dat de onderstaande opties allemaal aangevinkt zijn. [img:a591f343f7]http://www.imgdumper.nl/uploads6/5064230056569/506423005368c-TDSSkiller%28opties%29.jpg[/img:a591f343f7] [*:a591f343f7] Klik op de knop "[b:a591f343f7]Start Scan[/b:a591f343f7]" en volg de instructies. [list:a591f343f7] [*:a591f343f7] Gebruik [color=#FF0000:a591f343f7]nooit[/color:a591f343f7] de "[b:a591f343f7]Delete[/b:a591f343f7]" optie bij een "[b:a591f343f7]Fail signature[/b:a591f343f7]" melding.[/list:u:a591f343f7] [*:a591f343f7] Wanneer de scan klaar is klik je op de knop "[b:a591f343f7]Report[/b:a591f343f7]". [*:a591f343f7] Selecteer de inhoud (log) en plaats deze in uw volgende bericht. [*:a591f343f7] Na de herstart van de computer zal u in de meeste gevallen een leeg bureaublad met een commandprompt-venster en een beveiligingswaarschuwing te zien krijgen met de vraag om een bestand uit te voeren zoals u kunt zien op de onderstaande afbeelding. Sta dit altijd toe door het bestand van Kaspersky te laten uitvoeren, [b:a591f343f7][color=#FF0000:a591f343f7]annuleer dit nooit[/color:a591f343f7][/b:a591f343f7] aangezien TDSSKiller dan niet volledig zijn werk kan doen. [img:a591f343f7]http://www.imgdumper.nl/uploads6/506423d393b7c/506423d38e588-TDSSkiller%28reboot%29.jpg[/img:a591f343f7][/list:u:a591f343f7] [list:a591f343f7] [*:a591f343f7] Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/list:u:a591f343f7] [list:a591f343f7][*:a591f343f7][b:a591f343f7][color=#008000:a591f343f7]Notabene[/color:a591f343f7]: de [color=#0000FF:a591f343f7]unsigned files[/color:a591f343f7] skip je, dat zijn bestanden die door TDSSKiller opgevoerd worden omdat deze geen digitale handtekening bevatten![/b:a591f343f7][/list:u:a591f343f7] Quote Link naar reactie
anoniem Geplaatst: 17 augustus 2013 Auteur Delen Geplaatst: 17 augustus 2013 Uitgevoerd zoals uitgelegd, logje: 15:40:55.0609 1924 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 15:40:55.0875 1924 ============================================================ 15:40:55.0875 1924 Current date / time: 2013/08/17 15:40:55.0875 15:40:55.0875 1924 SystemInfo: 15:40:55.0875 1924 15:40:55.0875 1924 OS Version: 5.1.2600 ServicePack: 3.0 15:40:55.0875 1924 Product type: Workstation 15:40:55.0875 1924 ComputerName: PCBENEDEN 15:40:56.0093 1924 UserName: Rikie 15:40:56.0093 1924 Windows directory: C:\WINDOWS 15:40:56.0093 1924 System windows directory: C:\WINDOWS 15:40:56.0093 1924 Processor architecture: Intel x86 15:40:56.0093 1924 Number of processors: 1 15:40:56.0093 1924 Page size: 0x1000 15:40:56.0093 1924 Boot type: Normal boot 15:40:56.0109 1924 ============================================================ 15:40:56.0671 1924 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058 15:40:56.0671 1924 Drive \Device\Harddisk0\DR0 - Size: 0x132C570000 (76.69 Gb), SectorSize: 0x200, Cylinders: 0x298D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054 15:40:56.0718 1924 ============================================================ 15:40:56.0718 1924 \Device\Harddisk1\DR1: 15:40:56.0718 1924 MBR partitions: 15:40:56.0718 1924 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xEFFFFB2 15:40:56.0718 1924 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xEFFFFF1, BlocksNum 0x1642D6D0 15:40:56.0718 1924 \Device\Harddisk0\DR0: 15:40:56.0718 1924 MBR partitions: 15:40:56.0718 1924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9961791 15:40:56.0718 1924 ============================================================ 15:40:56.0734 1924 C: <-> \Device\Harddisk1\DR1\Partition1 15:40:56.0765 1924 D: <-> \Device\Harddisk0\DR0\Partition1 15:40:56.0796 1924 E: <-> \Device\Harddisk1\DR1\Partition2 15:40:56.0796 1924 ============================================================ 15:40:56.0796 1924 Initialize success 15:40:56.0796 1924 ============================================================ 15:41:01.0890 2492 ============================================================ 15:41:01.0890 2492 Scan started 15:41:01.0890 2492 Mode: Manual; SigCheck; TDLFS; 15:41:01.0890 2492 ============================================================ 15:41:02.0031 2492 ================ Scan system memory ======================== 15:41:02.0031 2492 System memory - ok 15:41:02.0031 2492 ================ Scan services ============================= 15:41:02.0171 2492 Abiosdsk - ok 15:41:02.0187 2492 abp480n5 - ok 15:41:02.0234 2492 [ 02273A448BA21A7D447DAEB47810D40C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 15:41:03.0109 2492 ACPI - ok 15:41:03.0187 2492 [ 63F517B1A87DABF3F5ACB8A7952FC1D1 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 15:41:03.0328 2492 ACPIEC - ok 15:41:03.0343 2492 adpu160m - ok 15:41:03.0390 2492 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys 15:41:03.0421 2492 aeaudio - ok 15:41:03.0453 2492 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 15:41:03.0609 2492 aec - ok 15:41:03.0656 2492 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 15:41:03.0687 2492 AFD - ok 15:41:03.0687 2492 Aha154x - ok 15:41:03.0703 2492 aic78u2 - ok 15:41:03.0734 2492 aic78xx - ok 15:41:03.0765 2492 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49 ] Alerter C:\WINDOWS\system32\alrsvc.dll 15:41:03.0921 2492 Alerter - ok 15:41:03.0937 2492 [ DAB2A89FDE5CF791161200D90C1BCB12 ] ALG C:\WINDOWS\System32\alg.exe 15:41:04.0000 2492 ALG - ok 15:41:04.0015 2492 AliIde - ok 15:41:04.0046 2492 [ E33852324DA1978A10FD569B5A340E9B ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 15:41:04.0078 2492 AmdK8 - ok 15:41:04.0093 2492 amsint - ok 15:41:04.0140 2492 [ 434A70FA278EB3C42140E3755C2FA4F8 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 15:41:04.0203 2492 AppMgmt - ok 15:41:04.0218 2492 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 15:41:04.0375 2492 Arp1394 - ok 15:41:04.0375 2492 asc - ok 15:41:04.0390 2492 asc3350p - ok 15:41:04.0406 2492 asc3550 - ok 15:41:04.0546 2492 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 15:41:04.0578 2492 aspnet_state - ok 15:41:04.0578 2492 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 15:41:04.0750 2492 AsyncMac - ok 15:41:04.0796 2492 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 15:41:04.0984 2492 atapi - ok 15:41:05.0000 2492 Atdisk - ok 15:41:05.0078 2492 [ 471087B5E1E01CC82604E81EA14781D8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 15:41:05.0109 2492 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning 15:41:05.0109 2492 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1) 15:41:05.0171 2492 [ B979BA0120B6DB757196A8E2E873FE3C ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe 15:41:05.0203 2492 ATI Smart ( UnsignedFile.Multi.Generic ) - warning 15:41:05.0203 2492 ATI Smart - detected UnsignedFile.Multi.Generic (1) 15:41:05.0343 2492 [ C0B86ECB324E50F6BBD529F9D5C6B24B ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 15:41:05.0484 2492 ati2mtag ( UnsignedFile.Multi.Generic ) - warning 15:41:05.0484 2492 ati2mtag - detected UnsignedFile.Multi.Generic (1) 15:41:05.0546 2492 [ 0E4BB35C5305099AC82053AC992E3E0E ] ATITool C:\WINDOWS\system32\DRIVERS\ATITool.sys 15:41:05.0562 2492 ATITool ( UnsignedFile.Multi.Generic ) - warning 15:41:05.0562 2492 ATITool - detected UnsignedFile.Multi.Generic (1) 15:41:05.0578 2492 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 15:41:05.0750 2492 Atmarpc - ok 15:41:05.0781 2492 [ F10745ED3195360E69AA4A6E7768C0E0 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 15:41:05.0968 2492 AudioSrv - ok 15:41:06.0046 2492 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 15:41:06.0218 2492 audstub - ok 15:41:06.0296 2492 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 15:41:06.0484 2492 Beep - ok 15:41:06.0531 2492 [ 5C0073A51C4873430FA8B262E92183FF ] BITS C:\WINDOWS\system32\qmgr.dll 15:41:06.0734 2492 BITS - ok 15:41:06.0765 2492 [ D3FACB34FFF5DB91ADB70987838F8BA7 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe 15:41:06.0796 2492 Brother XP spl Service - ok 15:41:06.0828 2492 [ 69EAA7501F53A40E8C04C69F2391224F ] Browser C:\WINDOWS\System32\browser.dll 15:41:07.0015 2492 Browser - ok 15:41:07.0062 2492 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\Drivers\BrScnUsb.sys 15:41:07.0078 2492 BrScnUsb - ok 15:41:07.0093 2492 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 15:41:07.0296 2492 cbidf2k - ok 15:41:07.0312 2492 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 15:41:07.0500 2492 CCDECODE - ok 15:41:07.0515 2492 cd20xrnt - ok 15:41:07.0531 2492 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 15:41:07.0734 2492 Cdaudio - ok 15:41:07.0781 2492 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 15:41:07.0953 2492 Cdfs - ok 15:41:07.0968 2492 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 15:41:08.0156 2492 Cdrom - ok 15:41:08.0171 2492 Changer - ok 15:41:08.0203 2492 [ BD85400700B80FBE3D4A3412BCE74861 ] CiSvc C:\WINDOWS\system32\cisvc.exe 15:41:08.0406 2492 CiSvc - ok 15:41:08.0406 2492 [ 4FB6108130829666C8FE96B442FEAD94 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 15:41:08.0593 2492 ClipSrv - ok 15:41:08.0671 2492 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:41:08.0703 2492 clr_optimization_v2.0.50727_32 - ok 15:41:08.0750 2492 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:41:08.0796 2492 clr_optimization_v4.0.30319_32 - ok 15:41:08.0812 2492 CmdIde - ok 15:41:08.0828 2492 COMSysApp - ok 15:41:08.0859 2492 Cpqarray - ok 15:41:08.0890 2492 [ 0A9CF5D3CF63A8699F28C814EF821C7E ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 15:41:09.0078 2492 CryptSvc - ok 15:41:09.0093 2492 dac2w2k - ok 15:41:09.0109 2492 dac960nt - ok 15:41:09.0187 2492 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 15:41:09.0250 2492 DcomLaunch - ok 15:41:09.0281 2492 [ 146AB038F5DBB366122D28444999AB2C ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 15:41:09.0453 2492 Dhcp - ok 15:41:09.0468 2492 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 15:41:09.0656 2492 Disk - ok 15:41:09.0671 2492 dmadmin - ok 15:41:09.0703 2492 [ DEC123E0C75971D0CC7A6C6A75E28429 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 15:41:09.0906 2492 dmboot - ok 15:41:09.0921 2492 [ 7268E66259722F6228C730685B201092 ] dmio C:\WINDOWS\system32\drivers\dmio.sys 15:41:10.0109 2492 dmio - ok 15:41:10.0171 2492 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 15:41:10.0343 2492 dmload - ok 15:41:10.0359 2492 [ 127DB74184E2D3D31655DA525A5EFDE1 ] dmserver C:\WINDOWS\System32\dmserver.dll 15:41:10.0546 2492 dmserver - ok 15:41:10.0625 2492 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 15:41:10.0796 2492 DMusic - ok 15:41:10.0875 2492 [ DE6CDB6CBC5C27B9085CFA6DFE8E5025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 15:41:10.0906 2492 Dnscache - ok 15:41:10.0937 2492 [ 90EE765E1A598B578852901F74F914F1 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 15:41:11.0109 2492 Dot3svc - ok 15:41:11.0125 2492 dpti2o - ok 15:41:11.0140 2492 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 15:41:11.0328 2492 drmkaud - ok 15:41:11.0359 2492 [ E6BBDEBF7081899D161C773E8D84D015 ] EapHost C:\WINDOWS\System32\eapsvc.dll 15:41:11.0546 2492 EapHost - ok 15:41:11.0562 2492 [ 2F5C7F650B7AF178988946EE4B0D9C01 ] ERSvc C:\WINDOWS\System32\ersvc.dll 15:41:11.0734 2492 ERSvc - ok 15:41:11.0765 2492 [ 657B69389B893F440B07590C9E963F23 ] Eventlog C:\WINDOWS\system32\services.exe 15:41:11.0781 2492 Eventlog - ok 15:41:11.0828 2492 [ 97912DC0679D2DA60CCE589BBC196D72 ] EventSystem C:\WINDOWS\system32\es.dll 15:41:11.0875 2492 EventSystem - ok 15:41:11.0906 2492 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 15:41:12.0093 2492 Fastfat - ok 15:41:12.0125 2492 [ CFB406497D9CF95DFFE17594899FD367 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 15:41:12.0296 2492 FastUserSwitchingCompatibility - ok 15:41:12.0328 2492 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 15:41:12.0500 2492 Fdc - ok 15:41:12.0531 2492 [ 8BFFFB5AC954E19DFDB96D56512AA518 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 15:41:12.0703 2492 Fips - ok 15:41:12.0734 2492 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 15:41:12.0906 2492 Flpydisk - ok 15:41:12.0968 2492 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys 15:41:13.0140 2492 FltMgr - ok 15:41:13.0203 2492 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 15:41:13.0218 2492 FontCache3.0.0.0 - ok 15:41:13.0250 2492 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 15:41:13.0406 2492 Fs_Rec - ok 15:41:13.0421 2492 [ FA8CA22E70245C81FF29C36AF56292FC ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 15:41:13.0625 2492 Ftdisk - ok 15:41:13.0671 2492 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys 15:41:13.0859 2492 gagp30kx - ok 15:41:13.0906 2492 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 15:41:14.0062 2492 Gpc - ok 15:41:14.0171 2492 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 15:41:14.0187 2492 gupdate - ok 15:41:14.0203 2492 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 15:41:14.0218 2492 gupdatem - ok 15:41:14.0281 2492 [ 5327BAD9B35C33D2A64B64E4CF282ECD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 15:41:14.0453 2492 helpsvc - ok 15:41:14.0546 2492 [ 10003105AAB8D5A7DB51A9CB3D9F55A3 ] HidServ C:\WINDOWS\System32\hidserv.dll 15:41:14.0718 2492 HidServ - ok 15:41:14.0781 2492 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys 15:41:14.0968 2492 hidusb - ok 15:41:15.0000 2492 [ 1FF903FFA2DA1704E5A5443D37D8E49E ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 15:41:15.0171 2492 hkmsvc - ok 15:41:15.0203 2492 hpn - ok 15:41:15.0296 2492 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys 15:41:15.0328 2492 HTCAND32 - ok 15:41:15.0359 2492 [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys 15:41:15.0390 2492 htcnprot - ok 15:41:15.0437 2492 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 15:41:15.0625 2492 HTTP - ok 15:41:15.0656 2492 [ 2529C7BA05242BEED0027F554D0513BB ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 15:41:15.0812 2492 HTTPFilter - ok 15:41:15.0828 2492 i2omgmt - ok 15:41:15.0843 2492 i2omp - ok 15:41:15.0875 2492 [ C43372D0682F8E32E4EC21117E089EC0 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 15:41:16.0062 2492 i8042prt - ok 15:41:16.0109 2492 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 15:41:16.0171 2492 idsvc - ok 15:41:16.0203 2492 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 15:41:16.0375 2492 Imapi - ok 15:41:16.0390 2492 [ A117772F94C854DE5D1BBC1F1962B192 ] ImapiService C:\WINDOWS\system32\imapi.exe 15:41:16.0562 2492 ImapiService - ok 15:41:16.0578 2492 ini910u - ok 15:41:16.0609 2492 IntelIde - ok 15:41:16.0625 2492 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 15:41:16.0796 2492 Ip6Fw - ok 15:41:16.0843 2492 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 15:41:17.0015 2492 IpFilterDriver - ok 15:41:17.0031 2492 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 15:41:17.0218 2492 IpInIp - ok 15:41:17.0250 2492 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 15:41:17.0421 2492 IpNat - ok 15:41:17.0437 2492 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 15:41:17.0609 2492 IPSec - ok 15:41:17.0687 2492 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 15:41:17.0750 2492 IRENUM - ok 15:41:17.0796 2492 [ 0B78E1A31340E1FB1E389D5633F7C3A0 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 15:41:17.0968 2492 isapnp - ok 15:41:17.0984 2492 [ 380397621E94B32C744E7B2CC1330390 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 15:41:18.0140 2492 Kbdclass - ok 15:41:18.0156 2492 [ B833B70FE639F01FB36CEDABE57EF031 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 15:41:18.0312 2492 kbdhid - ok 15:41:18.0359 2492 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 15:41:18.0546 2492 kmixer - ok 15:41:18.0562 2492 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 15:41:18.0750 2492 KSecDD - ok 15:41:18.0812 2492 [ 0F01B503DA9BFFE16D7BC2179A6C68ED ] LanmanServer C:\WINDOWS\System32\srvsvc.dll 15:41:18.0984 2492 LanmanServer - ok 15:41:19.0062 2492 [ A936A575EAF6DCE8DC08BC0C53972ADD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 15:41:19.0109 2492 lanmanworkstation - ok 15:41:19.0109 2492 lbrtfdc - ok 15:41:19.0171 2492 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe 15:41:19.0187 2492 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 15:41:19.0187 2492 LightScribeService - detected UnsignedFile.Multi.Generic (1) 15:41:19.0218 2492 [ 91AE20C5C2776C511994AA1308C05283 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 15:41:19.0375 2492 LmHosts - ok 15:41:19.0453 2492 [ DABCB3AD9B60BFDA876CB4F6081E822F ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe 15:41:19.0484 2492 LMIGuardianSvc - ok 15:41:19.0515 2492 [ 26E3BEC8F2F0CFAF9FFE4C7AEF1BC049 ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys 15:41:19.0546 2492 LMIInfo - ok 15:41:19.0593 2492 [ AB73A7C8594ABE0A7418626F0E742F40 ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe 15:41:19.0609 2492 LMIMaint - ok 15:41:19.0625 2492 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys 15:41:19.0640 2492 lmimirr - ok 15:41:19.0656 2492 LMIRfsClientNP - ok 15:41:19.0687 2492 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys 15:41:19.0703 2492 LMIRfsDriver - ok 15:41:19.0734 2492 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe 15:41:19.0750 2492 LogMeIn - ok 15:41:19.0812 2492 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys 15:41:19.0843 2492 LVRS - ok 15:41:19.0859 2492 [ C56A45A03DCA11712DE9FDF98224230B ] Messenger C:\WINDOWS\System32\msgsvc.dll 15:41:20.0031 2492 Messenger - ok 15:41:20.0125 2492 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 15:41:20.0296 2492 mnmdd - ok 15:41:20.0375 2492 [ 5B1D994DCF1895AFA27600E46A2F0FEA ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 15:41:20.0546 2492 mnmsrvc - ok 15:41:20.0562 2492 [ 8114EEAC353F549331AB73E9AF4219ED ] Modem C:\WINDOWS\system32\drivers\Modem.sys 15:41:20.0734 2492 Modem - ok 15:41:20.0781 2492 [ 1A4E2214DD63E4A876463D3427EE8261 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 15:41:20.0953 2492 Mouclass - ok 15:41:21.0031 2492 [ 18017899254E01371E1A39754D6BF98C ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 15:41:21.0171 2492 mouhid - ok 15:41:21.0187 2492 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 15:41:21.0375 2492 MountMgr - ok 15:41:21.0421 2492 [ 7E9DB3CD9D7F7A0320B09990818D1BFD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 15:41:21.0437 2492 MozillaMaintenance - ok 15:41:21.0453 2492 mraid35x - ok 15:41:21.0468 2492 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 15:41:21.0656 2492 MRxDAV - ok 15:41:21.0750 2492 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 15:41:21.0812 2492 MRxSmb - ok 15:41:21.0843 2492 [ 21EA21984D7D1AD50DB2E627020AB14C ] MSDTC C:\WINDOWS\system32\msdtc.exe 15:41:22.0015 2492 MSDTC - ok 15:41:22.0031 2492 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 15:41:22.0187 2492 Msfs - ok 15:41:22.0203 2492 MSIServer - ok 15:41:22.0234 2492 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 15:41:22.0390 2492 MSKSSRV - ok 15:41:22.0468 2492 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 15:41:22.0640 2492 MSPCLOCK - ok 15:41:22.0656 2492 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 15:41:22.0812 2492 MSPQM - ok 15:41:22.0812 2492 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 15:41:22.0968 2492 mssmbios - ok 15:41:23.0031 2492 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 15:41:23.0171 2492 MSTEE - ok 15:41:23.0218 2492 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 15:41:23.0250 2492 Mup - ok 15:41:23.0265 2492 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 15:41:23.0406 2492 NABTSFEC - ok 15:41:23.0453 2492 [ 87E394C810794D3C70CF22E8316CB23E ] napagent C:\WINDOWS\System32\qagentrt.dll 15:41:23.0609 2492 napagent - ok 15:41:23.0625 2492 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 15:41:23.0781 2492 NDIS - ok 15:41:23.0812 2492 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 15:41:23.0953 2492 NdisIP - ok 15:41:23.0984 2492 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 15:41:24.0000 2492 NdisTapi - ok 15:41:24.0046 2492 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 15:41:24.0187 2492 Ndisuio - ok 15:41:24.0218 2492 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:41:24.0359 2492 NdisWan - ok 15:41:24.0375 2492 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 15:41:24.0421 2492 NDProxy - ok 15:41:24.0500 2492 [ 27FE4B70C12A2C67A58D799B9A4E8D81 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe 15:41:24.0562 2492 Nero BackItUp Scheduler 4.0 - ok 15:41:24.0578 2492 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 15:41:24.0734 2492 NetBIOS - ok 15:41:24.0796 2492 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 15:41:24.0937 2492 NetBT - ok 15:41:24.0968 2492 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDE C:\WINDOWS\system32\netdde.exe 15:41:25.0125 2492 NetDDE - ok 15:41:25.0125 2492 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 15:41:25.0281 2492 NetDDEdsdm - ok 15:41:25.0312 2492 [ 8754210A3399D19610CE2D71E0C3E5D9 ] Netlogon C:\WINDOWS\system32\lsass.exe 15:41:25.0437 2492 Netlogon - ok 15:41:25.0484 2492 [ 5431FB616ECAE0D587C5B97D0B86CBD8 ] Netman C:\WINDOWS\System32\netman.dll 15:41:25.0609 2492 Netman - ok 15:41:25.0671 2492 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 15:41:25.0687 2492 NetTcpPortSharing - ok 15:41:25.0718 2492 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 15:41:25.0859 2492 NIC1394 - ok 15:41:25.0906 2492 [ 4522CBE00A9E9EEE36AA82ED4B319148 ] Nla C:\WINDOWS\System32\mswsock.dll 15:41:25.0921 2492 Nla - ok 15:41:25.0937 2492 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 15:41:26.0093 2492 Npfs - ok 15:41:26.0140 2492 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 15:41:26.0296 2492 Ntfs - ok 15:41:26.0312 2492 [ 8754210A3399D19610CE2D71E0C3E5D9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 15:41:26.0453 2492 NtLmSsp - ok 15:41:26.0500 2492 [ AC1A78237B53044735693633F8235468 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 15:41:26.0656 2492 NtmsSvc - ok 15:41:26.0734 2492 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 15:41:26.0875 2492 Null - ok 15:41:26.0906 2492 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 15:41:27.0031 2492 NwlnkFlt - ok 15:41:27.0078 2492 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 15:41:27.0203 2492 NwlnkFwd - ok 15:41:27.0218 2492 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 15:41:27.0359 2492 ohci1394 - ok 15:41:27.0421 2492 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:41:27.0437 2492 ose - ok 15:41:27.0468 2492 [ E3934CCC20A4D24F1924E13D36D2A5BD ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 15:41:27.0609 2492 Parport - ok 15:41:27.0625 2492 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 15:41:27.0765 2492 PartMgr - ok 15:41:27.0781 2492 [ 1EADE28746A64C21E0A808BB12A63326 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 15:41:27.0921 2492 ParVdm - ok 15:41:27.0968 2492 [ 5F731DD45D3B176C071E4CCEEB87B06B ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe 15:41:27.0968 2492 PassThru Service ( UnsignedFile.Multi.Generic ) - warning 15:41:27.0968 2492 PassThru Service - detected UnsignedFile.Multi.Generic (1) 15:41:28.0000 2492 [ 3B166F9F753C21AEDAA9A6BD76B49655 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 15:41:28.0125 2492 PCI - ok 15:41:28.0140 2492 PCIDump - ok 15:41:28.0156 2492 PCIIde - ok 15:41:28.0187 2492 [ 2137FFD65F8E609A3A5ACD487C56CCE0 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 15:41:28.0328 2492 Pcmcia - ok 15:41:28.0343 2492 PDCOMP - ok 15:41:28.0359 2492 PDFRAME - ok 15:41:28.0375 2492 PDRELI - ok 15:41:28.0390 2492 PDRFRAME - ok 15:41:28.0484 2492 [ B20F958B207E6AAAC5F70D04DD2C30D8 ] pepifilter C:\WINDOWS\system32\DRIVERS\lv302af.sys 15:41:28.0500 2492 pepifilter - ok 15:41:28.0515 2492 perc2 - ok 15:41:28.0531 2492 perc2hib - ok 15:41:28.0671 2492 [ DD184D9ADFE2A8A21741DBDFE9E22F5C ] PID_PEPI C:\WINDOWS\system32\DRIVERS\LV302V32.SYS 15:41:28.0781 2492 PID_PEPI - ok 15:41:28.0812 2492 [ 657B69389B893F440B07590C9E963F23 ] PlugPlay C:\WINDOWS\system32\services.exe 15:41:28.0828 2492 PlugPlay - ok 15:41:28.0843 2492 [ 8754210A3399D19610CE2D71E0C3E5D9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 15:41:28.0984 2492 PolicyAgent - ok 15:41:29.0062 2492 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 15:41:29.0187 2492 PptpMiniport - ok 15:41:29.0203 2492 [ 82A17ECA34D801590A67C0A2244965ED ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 15:41:29.0343 2492 Processor - ok 15:41:29.0343 2492 [ 8754210A3399D19610CE2D71E0C3E5D9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 15:41:29.0484 2492 ProtectedStorage - ok 15:41:29.0500 2492 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 15:41:29.0625 2492 PSched - ok 15:41:29.0640 2492 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 15:41:29.0781 2492 Ptilink - ok 15:41:29.0781 2492 ql1080 - ok 15:41:29.0812 2492 Ql10wnt - ok 15:41:29.0828 2492 ql12160 - ok 15:41:29.0843 2492 ql1240 - ok 15:41:29.0859 2492 ql1280 - ok 15:41:29.0921 2492 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 15:41:30.0031 2492 RasAcd - ok 15:41:30.0062 2492 [ 0575D034B1292CA3A9BB9F67A8EE289C ] RasAuto C:\WINDOWS\System32\rasauto.dll 15:41:30.0203 2492 RasAuto - ok 15:41:30.0234 2492 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 15:41:30.0359 2492 Rasl2tp - ok 15:41:30.0390 2492 [ 9E7E2DF6971A5F00102BE3F901CC3BDC ] RasMan C:\WINDOWS\System32\rasmans.dll 15:41:30.0531 2492 RasMan - ok 15:41:30.0546 2492 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 15:41:30.0687 2492 RasPppoe - ok 15:41:30.0703 2492 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 15:41:30.0828 2492 Raspti - ok 15:41:30.0859 2492 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 15:41:30.0984 2492 Rdbss - ok 15:41:31.0000 2492 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 15:41:31.0125 2492 RDPCDD - ok 15:41:31.0171 2492 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 15:41:31.0312 2492 rdpdr - ok 15:41:31.0343 2492 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 15:41:31.0390 2492 RDPWD - ok 15:41:31.0421 2492 [ EA9FDF71D696B532BDC44C8BFF03A737 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 15:41:31.0546 2492 RDSessMgr - ok 15:41:31.0609 2492 [ 4173BC66E485FD77A03C4819F60BD0DA ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 15:41:31.0734 2492 redbook - ok 15:41:31.0765 2492 [ 4007ABF5D9BF0E55451D775443D1F985 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 15:41:31.0875 2492 RemoteAccess - ok 15:41:31.0921 2492 [ 2FD5B89BF9289C774C5C730DEA96CD91 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 15:41:32.0046 2492 RemoteRegistry - ok 15:41:32.0078 2492 [ BE078F8F7EC2491EFDD79A53353A060F ] RpcLocator C:\WINDOWS\system32\locator.exe 15:41:32.0187 2492 RpcLocator - ok 15:41:32.0234 2492 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] RpcSs C:\WINDOWS\system32\rpcss.dll 15:41:32.0265 2492 RpcSs - ok 15:41:32.0296 2492 [ AD1B5F1B99FFF08C99F443D784711A81 ] RSVP C:\WINDOWS\system32\rsvp.exe 15:41:32.0421 2492 RSVP - ok 15:41:32.0453 2492 [ 8754210A3399D19610CE2D71E0C3E5D9 ] SamSs C:\WINDOWS\system32\lsass.exe 15:41:32.0578 2492 SamSs - ok 15:41:32.0593 2492 [ 1B4CD62174E907C7EF8EC5D4D0A2A616 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 15:41:32.0718 2492 SCardSvr - ok 15:41:32.0781 2492 [ 7C288AE0F75CB18CFF1DF6179A67AD8F ] Schedule C:\WINDOWS\system32\schedsvc.dll 15:41:32.0921 2492 Schedule - ok 15:41:32.0937 2492 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 15:41:33.0000 2492 Secdrv - ok 15:41:33.0031 2492 [ 6983665BEA867125B1DA5757CD8B2F9D ] seclogon C:\WINDOWS\System32\seclogon.dll 15:41:33.0156 2492 seclogon - ok 15:41:33.0234 2492 [ F6EC8F1E50E40237BDDEE1CB7FE20B42 ] SENS C:\WINDOWS\system32\sens.dll 15:41:33.0375 2492 SENS - ok 15:41:33.0406 2492 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 15:41:33.0531 2492 serenum - ok 15:41:33.0546 2492 [ 92C21762653BB2CE51147EB8A9AA654F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 15:41:33.0671 2492 Serial - ok 15:41:33.0734 2492 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 15:41:33.0859 2492 Sfloppy - ok 15:41:33.0906 2492 [ 7579C4BE909D47F10F3D8D801CB13ED9 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 15:41:34.0031 2492 SharedAccess - ok 15:41:34.0062 2492 [ CFB406497D9CF95DFFE17594899FD367 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 15:41:34.0187 2492 ShellHWDetection - ok 15:41:34.0203 2492 Simbad - ok 15:41:34.0296 2492 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 15:41:34.0312 2492 SkypeUpdate - ok 15:41:34.0343 2492 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 15:41:34.0468 2492 SLIP - ok 15:41:34.0562 2492 [ 1D381A07361E4D6A8BE95026B3EBA47A ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys 15:41:34.0593 2492 smwdm - ok 15:41:34.0640 2492 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe 15:41:34.0640 2492 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - warning 15:41:34.0640 2492 SoundMAX Agent Service (default) - detected UnsignedFile.Multi.Generic (1) 15:41:34.0671 2492 Sparrow - ok 15:41:34.0687 2492 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 15:41:34.0812 2492 splitter - ok 15:41:34.0843 2492 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 15:41:34.0859 2492 Spooler - ok 15:41:34.0906 2492 [ 4F576E516CC76EC50A244586BCFA1C78 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys 15:41:34.0906 2492 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 4F576E516CC76EC50A244586BCFA1C78 15:41:34.0921 2492 sptd ( LockedFile.Multi.Generic ) - warning 15:41:34.0921 2492 sptd - detected LockedFile.Multi.Generic (1) 15:41:34.0953 2492 [ 64D2A7640E0767ECD3BCB38D3200E7CE ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 15:41:35.0015 2492 sr - ok 15:41:35.0046 2492 [ 81CBF363C414620CAA61BD6843D8FDB9 ] srservice C:\WINDOWS\system32\srsvc.dll 15:41:35.0125 2492 srservice - ok 15:41:35.0156 2492 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 15:41:35.0187 2492 Srv - ok 15:41:35.0234 2492 [ 5B9D0DE64BE96A806819516440FD211C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 15:41:35.0296 2492 SSDPSRV - ok 15:41:35.0343 2492 [ 5AE996186D2DC694FEF88F14A3FC9242 ] stisvc C:\WINDOWS\system32\wiaservc.dll 15:41:35.0500 2492 stisvc - ok 15:41:35.0531 2492 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 15:41:35.0640 2492 streamip - ok 15:41:35.0671 2492 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 15:41:35.0796 2492 swenum - ok 15:41:35.0812 2492 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 15:41:35.0953 2492 swmidi - ok 15:41:35.0968 2492 SwPrv - ok 15:41:35.0984 2492 symc810 - ok 15:41:36.0000 2492 symc8xx - ok 15:41:36.0015 2492 sym_hi - ok 15:41:36.0031 2492 sym_u3 - ok 15:41:36.0062 2492 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 15:41:36.0187 2492 sysaudio - ok 15:41:36.0218 2492 [ 251EAE7C56C6AB9490311A3C9757E18D ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 15:41:36.0359 2492 SysmonLog - ok 15:41:36.0390 2492 [ 2BC9FB448F0C2394FF53C83A7BB04731 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 15:41:36.0515 2492 TapiSrv - ok 15:41:36.0625 2492 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 15:41:36.0640 2492 Tcpip - ok 15:41:36.0687 2492 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 15:41:36.0812 2492 TDPIPE - ok 15:41:36.0843 2492 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 15:41:36.0953 2492 TDTCP - ok 15:41:36.0968 2492 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 15:41:37.0093 2492 TermDD - ok 15:41:37.0156 2492 [ E0AEF86A594C9990D6321C5CA239C5B7 ] TermService C:\WINDOWS\System32\termsrv.dll 15:41:37.0296 2492 TermService - ok 15:41:37.0328 2492 [ CFB406497D9CF95DFFE17594899FD367 ] Themes C:\WINDOWS\System32\shsvcs.dll 15:41:37.0453 2492 Themes - ok 15:41:37.0484 2492 [ 78A2FE13662A119875F10E9FFCB49A8F ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 15:41:37.0562 2492 TlntSvr - ok 15:41:37.0578 2492 TosIde - ok 15:41:37.0593 2492 [ 20655E8CA1C78BC7088B18E93806D21B ] TrkWks C:\WINDOWS\system32\trkwks.dll 15:41:37.0718 2492 TrkWks - ok 15:41:37.0750 2492 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 15:41:37.0890 2492 Udfs - ok 15:41:37.0921 2492 [ B37C465EC8029D732CD572B347DACC2E ] UlSata C:\WINDOWS\system32\DRIVERS\ulsata.sys 15:41:37.0937 2492 UlSata ( UnsignedFile.Multi.Generic ) - warning 15:41:37.0937 2492 UlSata - detected UnsignedFile.Multi.Generic (1) 15:41:37.0953 2492 ultra - ok 15:41:37.0984 2492 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 15:41:38.0125 2492 Update - ok 15:41:38.0156 2492 [ 01653D6C9604F1FB31A76EC94E08954F ] upnphost C:\WINDOWS\System32\upnphost.dll 15:41:38.0218 2492 upnphost - ok 15:41:38.0234 2492 [ A89796DD0DE24CF03B3A39407E1F46A3 ] UPS C:\WINDOWS\System32\ups.exe 15:41:38.0375 2492 UPS - ok 15:41:38.0406 2492 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 15:41:38.0515 2492 usbaudio - ok 15:41:38.0593 2492 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 15:41:38.0718 2492 usbccgp - ok 15:41:38.0750 2492 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 15:41:38.0875 2492 usbehci - ok 15:41:38.0890 2492 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 15:41:39.0015 2492 usbhub - ok 15:41:39.0093 2492 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 15:41:39.0203 2492 usbprint - ok 15:41:39.0234 2492 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 15:41:39.0343 2492 usbscan - ok 15:41:39.0390 2492 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 15:41:39.0500 2492 USBSTOR - ok 15:41:39.0531 2492 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 15:41:39.0656 2492 usbuhci - ok 15:41:39.0718 2492 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys 15:41:39.0843 2492 usbvideo - ok 15:41:39.0859 2492 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 15:41:39.0984 2492 VgaSave - ok 15:41:40.0000 2492 [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1 C:\WINDOWS\system32\DRIVERS\viaagp1.sys 15:41:40.0046 2492 viaagp1 - ok 15:41:40.0046 2492 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 15:41:40.0187 2492 ViaIde - ok 15:41:40.0203 2492 [ EBE101C01D80A42868F57B327BE1B564 ] viasraid C:\WINDOWS\system32\DRIVERS\viasraid.sys 15:41:40.0234 2492 viasraid - ok 15:41:40.0250 2492 [ 8AB662B3C4691E6DDF61C96BB5B7D103 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 15:41:40.0375 2492 VolSnap - ok 15:41:40.0406 2492 [ A585EDD6965B301DE8A45C6768C7C215 ] VSS C:\WINDOWS\System32\vssvc.exe 15:41:40.0484 2492 VSS - ok 15:41:40.0500 2492 [ C9A8BA443F809B70BCCCCD60CC73FA5C ] vulfnths C:\WINDOWS\System32\Drivers\vulfnth.sys 15:41:40.0500 2492 vulfnths ( UnsignedFile.Multi.Generic ) - warning 15:41:40.0500 2492 vulfnths - detected UnsignedFile.Multi.Generic (1) 15:41:40.0515 2492 [ 2D8C55889616F7767E9FB8ADEE37A02A ] vulfntrs C:\WINDOWS\System32\Drivers\vulfntr.sys 15:41:40.0531 2492 vulfntrs ( UnsignedFile.Multi.Generic ) - warning 15:41:40.0531 2492 vulfntrs - detected UnsignedFile.Multi.Generic (1) 15:41:40.0562 2492 [ 390D8E65F362327AD510B08971478301 ] W32Time C:\WINDOWS\system32\w32time.dll 15:41:40.0687 2492 W32Time - ok 15:41:40.0734 2492 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 15:41:40.0843 2492 Wanarp - ok 15:41:40.0921 2492 [ 4769596D7CC0F5FA447D2BABC239672A ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys 15:41:40.0968 2492 Wdf01000 - ok 15:41:40.0968 2492 WDICA - ok 15:41:41.0015 2492 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 15:41:41.0125 2492 wdmaud - ok 15:41:41.0156 2492 [ 33D8E2812054D97A0AEC9B8F04277927 ] WebClient C:\WINDOWS\System32\webclnt.dll 15:41:41.0281 2492 WebClient - ok 15:41:41.0406 2492 [ F9E105F369C18E4001E0C05AAF600D73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 15:41:41.0531 2492 winmgmt - ok 15:41:41.0578 2492 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 15:41:41.0640 2492 WmdmPmSN - ok 15:41:41.0687 2492 [ 93F8EB8C7CD4E325EC92EDBFC545103D ] Wmi C:\WINDOWS\System32\advapi32.dll 15:41:41.0750 2492 Wmi - ok 15:41:41.0796 2492 [ 87F11D161207C7063EDABAC0AADC33C3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 15:41:41.0921 2492 WmiApSrv - ok 15:41:41.0984 2492 [ E3F091C0F8FCF97CCD86FB6C1BEEF185 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 15:41:42.0062 2492 WMPNetworkSvc - ok 15:41:42.0078 2492 [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys 15:41:42.0109 2492 WpdUsb - ok 15:41:42.0171 2492 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 15:41:42.0203 2492 WPFFontCache_v0400 - ok 15:41:42.0250 2492 [ 843F7FA8EA38E6A4262976DCC994C81A ] wscsvc C:\WINDOWS\system32\wscsvc.dll 15:41:42.0375 2492 wscsvc - ok 15:41:42.0406 2492 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 15:41:42.0531 2492 WSTCODEC - ok 15:41:42.0609 2492 [ 1E8FDDDEF3FE260BADAB06DAE10D753A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 15:41:42.0718 2492 wuauserv - ok 15:41:42.0765 2492 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 15:41:42.0796 2492 WudfPf - ok 15:41:42.0812 2492 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 15:41:42.0828 2492 WudfRd - ok 15:41:42.0859 2492 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 15:41:42.0890 2492 WudfSvc - ok 15:41:42.0921 2492 [ E99782DBB8FFA2AEE72B31DAC8D8D887 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 15:41:43.0062 2492 WZCSVC - ok 15:41:43.0093 2492 [ FD3C38635808920F8235BF2FED642F54 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 15:41:43.0218 2492 xmlprov - ok 15:41:43.0265 2492 [ 4322C32CED8C4772E039616DCBF01D3F ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys 15:41:43.0312 2492 yukonwxp - ok 15:41:43.0328 2492 ================ Scan global =============================== 15:41:43.0375 2492 [ 953AD498333B03F7CE547151F96EF241 ] C:\WINDOWS\system32\basesrv.dll 15:41:43.0406 2492 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll 15:41:43.0437 2492 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll 15:41:43.0468 2492 [ 657B69389B893F440B07590C9E963F23 ] C:\WINDOWS\system32\services.exe 15:41:43.0468 2492 [Global] - ok 15:41:43.0484 2492 ================ Scan MBR ================================== 15:41:43.0500 2492 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk1\DR1 15:41:43.0656 2492 \Device\Harddisk1\DR1 - ok 15:41:43.0671 2492 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0 15:41:44.0171 2492 \Device\Harddisk0\DR0 - ok 15:41:44.0187 2492 ================ Scan VBR ================================== 15:41:44.0187 2492 [ 03BD67799F6930102A3A21699A9B760A ] \Device\Harddisk1\DR1\Partition1 15:41:44.0203 2492 \Device\Harddisk1\DR1\Partition1 - ok 15:41:44.0234 2492 [ C6DA24CD42B0DC84BC1B5AAEF8A5E418 ] \Device\Harddisk1\DR1\Partition2 15:41:44.0234 2492 \Device\Harddisk1\DR1\Partition2 - ok 15:41:44.0250 2492 [ DA112F7A5EFEB6B6C31202ED630A7FDA ] \Device\Harddisk0\DR0\Partition1 15:41:44.0250 2492 \Device\Harddisk0\DR0\Partition1 - ok 15:41:44.0265 2492 ============================================================ 15:41:44.0265 2492 Scan finished 15:41:44.0265 2492 ============================================================ 15:41:44.0390 3168 Detected object count: 11 15:41:44.0390 3168 Actual detected object count: 11 15:42:50.0953 3168 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user 15:42:50.0953 3168 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:42:50.0953 3168 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user 15:42:50.0953 3168 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:42:50.0953 3168 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user 15:42:50.0953 3168 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:42:50.0953 3168 ATITool ( UnsignedFile.Multi.Generic ) - skipped by user 15:42:50.0953 3168 ATITool ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:42:50.0968 3168 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 15:42:50.0968 3168 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:42:50.0968 3168 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user 15:42:50.0968 3168 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:42:50.0968 3168 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - skipped by user 15:42:50.0968 3168 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:42:51.0031 3168 C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine 15:42:51.0031 3168 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine 15:42:51.0046 3168 UlSata ( UnsignedFile.Multi.Generic ) - skipped by user 15:42:51.0046 3168 UlSata ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:42:51.0046 3168 vulfnths ( UnsignedFile.Multi.Generic ) - skipped by user 15:42:51.0046 3168 vulfnths ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:42:51.0062 3168 vulfntrs ( UnsignedFile.Multi.Generic ) - skipped by user 15:42:51.0062 3168 vulfntrs ( UnsignedFile.Multi.Generic ) - User select action: Skip Quote Link naar reactie
anoniem Geplaatst: 17 augustus 2013 Auteur Delen Geplaatst: 17 augustus 2013 Dat heb je prima gedaan en er gelukkig dus geen rootkit in de MBR van de HD. [b:67b9b68f49]Doe de [url=http://www.eset.com/home/products/online-scanner/][img:67b9b68f49]http://www.imgdumper.nl/uploads7/51e818553fadd/51e818553f6fd-EsetCanned.png[/img:67b9b68f49][color=#FF0000:67b9b68f49] ESET online scan (Klik).[/color:67b9b68f49][/url][/b:67b9b68f49] [list:67b9b68f49] [*:67b9b68f49]Klik op de blauwe knop [b:67b9b68f49]Run ESET Online Scanner[/b:67b9b68f49] [*:67b9b68f49]Zet een vinkje bij [b:67b9b68f49]YES, I accept the Terms of Use[/b:67b9b68f49] [*:67b9b68f49]Klik op [b:67b9b68f49]Start[/b:67b9b68f49] [*:67b9b68f49]Sta het [b:67b9b68f49]ActiveX control[/b:67b9b68f49] toe om te installeren. [*:67b9b68f49]Zet een vinkje bij de volgende opties: [list:67b9b68f49][*:67b9b68f49][b:67b9b68f49][i:67b9b68f49]Remove found threats[/i:67b9b68f49][/b:67b9b68f49] [*:67b9b68f49][b:67b9b68f49][i:67b9b68f49]Scan archives[/i:67b9b68f49][/b:67b9b68f49][/list:u:67b9b68f49] [*:67b9b68f49]Klik vervolgens op [b:67b9b68f49]Advanced Settings[/b:67b9b68f49] [list:67b9b68f49][*:67b9b68f49][b:67b9b68f49][i:67b9b68f49]Scan for potentially unwanted applications[/i:67b9b68f49][/b:67b9b68f49] [*:67b9b68f49][b:67b9b68f49][i:67b9b68f49]Scan for potentially unsafe applications[/i:67b9b68f49][/b:67b9b68f49] [*:67b9b68f49][b:67b9b68f49][i:67b9b68f49]Enable Anti-Stealth technology[/i:67b9b68f49][/b:67b9b68f49][/list:u:67b9b68f49] [*:67b9b68f49]Klik op [b:67b9b68f49]Start[/b:67b9b68f49][/list:u:67b9b68f49] [list:67b9b68f49][*:67b9b68f49]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:67b9b68f49]is de scan klaar, daarna mag jij het venster sluiten omdat de scan klaar is. [*:67b9b68f49]Ga vervolgens naar [b:67b9b68f49]C:\Program Files\ESET\ESET Online Scanner[/b:67b9b68f49] (Windows 64-bit: [b:67b9b68f49]C:\Program Files (x86)\ESET\ESET Online Scanner[/b:67b9b68f49]) en klik daar op [b:67b9b68f49]log.txt[/b:67b9b68f49] [*:67b9b68f49]Selekteer, kopieer en plak dan de inhoud van dit log in je volgende bericht. [*:67b9b68f49][b:67b9b68f49][color=#008000:67b9b68f49]Notabene:[/color:67b9b68f49][color=#0000FF:67b9b68f49] deaktiveer tijdelijk de eigen antivirus tijdens de scan, dan is de onlinescan sneller![/color:67b9b68f49][/b:67b9b68f49][/list:u:67b9b68f49] Gebruik je een andere browser dan IE, dan download je een kleine webinstaller, [b:67b9b68f49]esetsmartinstaller_enu.exe[/b:67b9b68f49]. De Eset Online scanner zal vervolgens in een kleiner venster opstarten, je markeert dan eerst de instelling zoals hierboven aangegeven. Klik daarna op de knop "Start" - vervolgens zal eerst de database worden gedownload en is dat gebeurd, start de scan. Quote Link naar reactie
anoniem Geplaatst: 22 augustus 2013 Auteur Delen Geplaatst: 22 augustus 2013 Een aantal dagen ziek geweest en dus niets kunnen doen... Maar nu weer (iets beter)! Logje: ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=1c66fcae4037bd44895c58c83f33470f # engine=14860 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2013-08-22 10:00:59 # local_time=2013-08-22 12:00:59 (+0100, West-Europa (zomertijd)) # country="Netherlands" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # scanned=49926 # found=0 # cleaned=0 # scan_time=3231 Quote Link naar reactie
anoniem Geplaatst: 23 augustus 2013 Auteur Delen Geplaatst: 23 augustus 2013 Mooi resultaat. Wat betreft die hondert procent CPU, dat is mogelijk dus niet malware gerelateerd maar door een programma dan wel services daarvan. [b:3bf424c6fe]Download[/b:3bf424c6fe] [img:3bf424c6fe]http://www.imgdumper.nl/uploads7/51f51523a2765/51f51523a23a0-OTL_Canned_Nieuw.png[/img:3bf424c6fe] [url=http://oldtimer.geekstogo.com/OTL.exe][b:3bf424c6fe]OTL.exe[/b:3bf424c6fe][/url] [b:3bf424c6fe]Downloadlokatie[/b:3bf424c6fe]: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen! [b:3bf424c6fe]Sluit voordat OTL.exe gaat scannen, eerst alle andere openstaande vensters![/b:3bf424c6fe] [b:3bf424c6fe]OTL.exe gebruiken[/b:3bf424c6fe]: [b:3bf424c6fe]Sluit voordat OTL.exe gaat scannen, eerst alle andere openstaande vensters![/b:3bf424c6fe] [list:3bf424c6fe][*:3bf424c6fe][b:3bf424c6fe][color=#0000FF:3bf424c6fe]Windows 2000[/color:3bf424c6fe][/b:3bf424c6fe] en [color=#0000FF:3bf424c6fe][b:3bf424c6fe]Windows XP[/b:3bf424c6fe][/color:3bf424c6fe]: dubbelklik op [b:3bf424c6fe]OTL.exe[/b:3bf424c6fe]. [*:3bf424c6fe][color=#0000FF:3bf424c6fe][b:3bf424c6fe]Windows Vista[/b:3bf424c6fe][/color:3bf424c6fe], [color=#0000FF:3bf424c6fe][b:3bf424c6fe]Windows 7[/b:3bf424c6fe][/color:3bf424c6fe] en [color=#0000FF:3bf424c6fe][b:3bf424c6fe]Windows 8[/b:3bf424c6fe][/color:3bf424c6fe]: via rechtsklik op [b:3bf424c6fe]OTL.exe[/b:3bf424c6fe] en kies voor "Als Administrator uitvoeren".[/list:u:3bf424c6fe] [list:3bf424c6fe][*:3bf424c6fe]Zet een vinkje bij [b:3bf424c6fe]Scan All Users[/b:3bf424c6fe], [b:3bf424c6fe]LOP Check[/b:3bf424c6fe] en bij [b:3bf424c6fe]PURITY Check[/b:3bf424c6fe]. [*:3bf424c6fe]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef. [*:3bf424c6fe]Klik vervolgens op de knop [img:3bf424c6fe]http://www.imgdumper.nl/uploads6/50cd93c69c626/50cd93c69be5b-OTL_-_Run_Scan_knop.jpg[/img:3bf424c6fe]. [*:3bf424c6fe]De scan zal niet heel erg lang duren. [list:3bf424c6fe][*:3bf424c6fe]Er zal nu enkel één Kladblok-venster geopend worden wanneer de scan klaar is: [b:3bf424c6fe]OTL.Txt[/b:3bf424c6fe]. [*:3bf424c6fe][b:3bf424c6fe]Extras.txt[/b:3bf424c6fe] wordt nu niet meer aangemaakt. [*:3bf424c6fe]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:3bf424c6fe][/list:u:3bf424c6fe] [b:3bf424c6fe][color=#008000:3bf424c6fe]Notabene:[/color:3bf424c6fe][color=#FF0000:3bf424c6fe] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/color:3bf424c6fe][/b:3bf424c6fe] [b:3bf424c6fe][color=#008000:3bf424c6fe]Notabene 2:[/color:3bf424c6fe][color=#FF0000:3bf424c6fe] Wanneer je een groot log post van bijv. OTL, dan heb je snel de neiging nogmaals op de knop te drukken, omdat het duurt.[/color:3bf424c6fe][/b:3bf424c6fe] Doordat de forum software even tijd nodig heeft zo'n groot log klaar te maken kan het dus even duren, voordat je resultaat krijgt en ziet. Heb je dan nogmaals op de nop geklikt, dan wordt het bericht dus nogmaals gepost! Quote Link naar reactie
anoniem Geplaatst: 24 augustus 2013 Auteur Delen Geplaatst: 24 augustus 2013 OTL logfile created on: 24-8-2013 13:36:12 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Rikie\Bureaublad Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 1022,73 Mb Total Physical Memory | 668,03 Mb Available Physical Memory | 65,32% Memory free 2,40 Gb Paging File | 2,11 Gb Available in Paging File | 87,75% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 120,00 Gb Total Space | 106,11 Gb Free Space | 88,42% Space Free | Partition Type: NTFS Drive D: | 76,69 Gb Total Space | 69,09 Gb Free Space | 90,09% Space Free | Partition Type: NTFS Drive E: | 178,09 Gb Total Space | 157,21 Gb Free Space | 88,28% Space Free | Partition Type: NTFS Computer Name: PCBENEDEN | User Name: Rikie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:a2a8011611]========== Processes (SafeList) ==========[/color:a2a8011611] PRC - [2013-08-24 13:35:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rikie\Bureaublad\OTL.exe PRC - [2013-06-08 20:36:24 | 000,202,576 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe PRC - [2013-06-08 20:36:05 | 000,375,120 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe PRC - [2012-10-08 17:04:18 | 000,166,912 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2011-11-11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011-01-11 19:04:04 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe PRC - [2011-01-11 19:04:04 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe PRC - [2008-08-29 15:20:56 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2008-04-15 14:00:00 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-12-08 17:23:26 | 003,035,136 | ---- | M] (http://atitool.techpowerup.com) -- C:\Program Files\ATITool\ATITool.exe PRC - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [color=#E56717:a2a8011611]========== Modules (No Company Name) ==========[/color:a2a8011611] MOD - [2013-08-12 11:18:22 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2013-08-12 11:18:22 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2013-08-12 11:18:22 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2013-08-12 11:18:22 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2013-08-12 11:18:22 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2013-08-12 11:18:22 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll MOD - [2013-08-12 11:18:22 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll MOD - [2013-08-12 11:18:22 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll MOD - [2013-08-12 11:18:21 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:21 | 000,286,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Dashboard\2.0.3693.42470__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:21 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:21 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:21 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2013-08-12 11:18:21 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:21 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2013-08-12 11:18:21 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll MOD - [2013-08-12 11:18:21 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Runtime\2.0.3693.42470__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Runtime.dll MOD - [2013-08-12 11:18:20 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:20 | 000,479,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Dashboard\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:20 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2013-08-12 11:18:20 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:20 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:20 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2013-08-12 11:18:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Runtime\2.0.3693.42471__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Runtime.dll MOD - [2013-08-12 11:18:19 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:19 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:19 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:19 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:19 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:19 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:19 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2013-08-12 11:18:19 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2013-08-12 11:18:19 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2013-08-12 11:18:19 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2013-08-12 11:18:19 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2013-08-12 11:18:19 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2013-08-12 11:18:19 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2013-08-12 11:18:19 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2013-08-12 11:18:19 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2013-08-12 11:18:19 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2013-08-12 11:18:19 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2013-08-12 11:18:19 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2013-08-12 11:18:19 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2013-08-12 11:18:18 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll MOD - [2013-08-12 11:18:18 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2013-08-12 11:18:18 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2013-08-12 11:18:18 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2013-08-12 11:18:18 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2013-08-12 11:18:18 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll MOD - [2013-08-12 11:18:18 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2013-08-12 11:18:18 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2013-08-12 11:18:18 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Shared.dll MOD - [2013-08-12 11:18:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2013-08-12 11:18:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2013-08-12 11:18:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2013-08-12 11:18:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2013-08-12 11:18:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2013-08-12 11:18:17 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll MOD - [2013-08-12 11:18:17 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2013-08-12 11:18:17 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll MOD - [2013-08-12 11:18:17 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2013-08-12 11:18:16 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2013-08-12 11:18:16 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2013-08-12 11:18:16 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll MOD - [2013-08-12 11:18:16 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2013-08-12 11:18:16 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2013-08-12 11:18:16 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2013-08-12 11:18:16 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2013-08-12 11:18:16 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2013-08-12 11:18:16 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2013-08-12 11:18:16 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2013-08-12 11:18:16 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2013-08-12 11:18:16 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2013-08-12 11:18:16 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2013-08-12 11:18:16 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MOD - [2013-08-12 11:18:16 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll MOD - [2013-08-12 11:18:16 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2013-08-12 11:18:15 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2013-08-12 11:18:15 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll MOD - [2013-08-12 11:18:15 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll MOD - [2013-08-12 11:18:15 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll MOD - [2013-08-12 11:18:15 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2013-08-12 11:18:15 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2013-08-12 11:18:15 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll MOD - [2013-08-12 11:18:15 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2013-08-12 11:18:15 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2012-10-08 17:04:18 | 000,166,912 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe MOD - [2012-08-06 23:16:51 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll MOD - [2012-08-06 23:14:48 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll MOD - [2012-08-06 23:06:20 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MOD - [2012-08-06 23:03:28 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2012-08-06 23:02:58 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll MOD - [2012-08-06 23:00:45 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll MOD - [2012-08-06 23:00:22 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MOD - [2012-08-06 22:56:50 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MOD - [2012-08-06 22:56:32 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MOD - [2011-11-11 14:08:18 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll MOD - [2011-11-11 14:08:18 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll MOD - [2011-11-11 14:08:18 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll MOD - [2011-11-11 14:08:18 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll MOD - [2011-11-11 14:08:06 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll MOD - [2011-07-24 20:41:15 | 000,446,464 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_nl_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2011-07-24 20:41:14 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll MOD - [2009-11-24 13:36:36 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2007-06-22 00:26:24 | 000,174,592 | ---- | M] () -- C:\Program Files\ATITool\ATIToolHooks.dll [color=#E56717:a2a8011611]========== Services (SafeList) ==========[/color:a2a8011611] SRV - [2013-08-11 15:24:12 | 000,119,208 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-06-08 20:36:24 | 000,202,576 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint) SRV - [2013-06-08 20:36:05 | 000,375,120 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2012-11-09 12:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-10-08 17:04:18 | 000,166,912 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2011-01-11 19:04:04 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn) SRV - [2008-08-29 15:20:56 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default) [color=#E56717:a2a8011611]========== Driver Services (SafeList) ==========[/color:a2a8011611] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (arojcxw6) DRV - [2013-06-08 20:36:07 | 000,086,888 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2013-06-02 22:50:31 | 000,013,624 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo) DRV - [2012-10-08 17:04:18 | 000,021,248 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot) DRV - [2012-01-18 08:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2011-07-24 19:02:52 | 000,682,232 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2011-01-11 19:04:04 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2010-02-11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-06-10 09:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32) DRV - [2009-05-01 00:55:56 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) DRV - [2009-05-01 00:55:32 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter) DRV - [2007-12-06 09:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2006-11-10 15:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool) DRV - [2003-10-31 12:22:38 | 000,077,312 | R--- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\viasraid.sys -- (viasraid) DRV - [2003-07-02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1) [color=#E56717:a2a8011611]========== Standard Registry (SafeList) ==========[/color:a2a8011611] [color=#E56717:a2a8011611]========== Internet Explorer ==========[/color:a2a8011611] IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:a2a8011611]========== FireFox ==========[/color:a2a8011611] FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.startup.homepage: "http://www.google.nl/" FF - prefs.js..extensions.enabledAddons: LogMeInClient%40logmein.com:1.0.0.1024 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-08-15 15:41:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-07-23 20:41:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rikie\Application Data\Mozilla\Extensions [2013-07-31 18:35:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rikie\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\extensions [2013-06-22 09:46:43 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Rikie\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\extensions\LogMeInClient@logmein.com [2013-07-31 18:35:45 | 000,824,302 | ---- | M] () (No name found) -- C:\Documents and Settings\Rikie\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-15 15:41:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013-08-15 15:41:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013-08-17 15:37:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013-08-15 13:12:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions [2013-08-15 13:12:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717:a2a8011611]========== Chrome ==========[/color:a2a8011611] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www.google.nl/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - Extension: Google Drive = C:\Documents and Settings\Rikie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: YouTube = C:\Documents and Settings\Rikie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Zoeken = C:\Documents and Settings\Rikie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Gmail = C:\Documents and Settings\Rikie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ATITool] C:\Program Files\ATITool\ATITool.exe (http://atitool.techpowerup.com) O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [PtiuPbmd] C:\WINDOWS\System32\ptipbm.dll (Promise Technology,Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\.DEFAULT..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe () O4 - HKU\S-1-5-18..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-790525478-879983540-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1311443915156 (WUWebControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.35.25 212.54.40.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AEF861B3-C2A0-4CDB-A15F-B3B193C142F0}: DhcpNameServer = 212.54.35.25 212.54.40.25 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Rikie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rikie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-07-23 18:38:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{5026997b-dd78-11e2-9331-00112fe32cd5}\Shell - "" = AutoRun O33 - MountPoints2\{5026997b-dd78-11e2-9331-00112fe32cd5}\Shell\AutoRun\command - "" = I:\HTC_Sync_Manager_PC.exe O33 - MountPoints2\{cc4f34d2-fe76-11e2-9392-00112fe32cd5}\Shell - "" = AutoRun O33 - MountPoints2\{cc4f34d2-fe76-11e2-9392-00112fe32cd5}\Shell\AutoRun\command - "" = I:\HTC_Sync_Manager_PC.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717:a2a8011611]========== Files/Folders - Created Within 30 Days ==========[/color:a2a8011611] [2013-08-24 13:35:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rikie\Bureaublad\OTL.exe [2013-08-22 11:05:28 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2013-08-22 11:05:19 | 002,347,384 | ---- | C] (ESET) -- C:\Documents and Settings\Rikie\Bureaublad\esetsmartinstaller_enu.exe [2013-08-15 15:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013-08-15 15:39:03 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2013-08-15 13:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013-08-13 17:47:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2013-08-12 13:09:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rikie\Application Data\Malwarebytes [2013-08-12 13:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware [2013-08-12 13:09:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2013-08-12 13:09:48 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013-08-12 13:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013-08-12 13:02:40 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-08-12 13:02:40 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-08-12 12:33:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome [2013-08-12 11:57:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2013-08-12 11:19:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rikie\Local Settings\Application Data\ATI [2013-08-12 11:19:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rikie\Application Data\ATI [2013-08-12 11:19:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI [2013-08-12 11:18:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Catalyst Control Center [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717:a2a8011611]========== Files - Modified Within 30 Days ==========[/color:a2a8011611] [2013-08-24 13:38:00 | 000,001,042 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-08-24 13:35:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rikie\Bureaublad\OTL.exe [2013-08-24 13:26:59 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-08-24 13:26:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-08-22 20:42:10 | 000,003,181 | ---- | M] () -- C:\Documents and Settings\Rikie\intlname.ols [2013-08-22 11:05:19 | 002,347,384 | ---- | M] (ESET) -- C:\Documents and Settings\Rikie\Bureaublad\esetsmartinstaller_enu.exe [2013-08-20 16:01:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013-08-17 15:38:15 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Rikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2013-08-17 15:38:07 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Mozilla Firefox.lnk [2013-08-16 16:48:16 | 000,001,988 | -H-- | M] () -- D:\Documenten\Rikie\Default.rdp [2013-08-16 16:21:21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-08-12 13:09:50 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk [2013-08-12 13:02:40 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-08-12 13:02:40 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-08-12 12:53:30 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Rikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013-08-05 17:08:30 | 000,002,523 | ---- | M] () -- C:\Documents and Settings\Rikie\Bureaublad\Microsoft Office Word 2003.lnk [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717:a2a8011611]========== Files Created - No Company Name ==========[/color:a2a8011611] [2013-08-12 13:09:50 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk [2013-08-12 12:33:57 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Rikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013-08-12 12:33:31 | 000,001,042 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-08-12 12:33:31 | 000,001,038 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-08-06 22:32:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-08-05 17:57:07 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Rikie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-08-01 20:34:18 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2011-07-25 18:39:25 | 000,003,181 | ---- | C] () -- C:\Documents and Settings\Rikie\intlname.ols [color=#E56717:a2a8011611]========== ZeroAccess Check ==========[/color:a2a8011611] [2011-07-24 20:39:49 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-15 14:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717:a2a8011611]========== LOP Check ==========[/color:a2a8011611] [2013-06-25 11:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HTC [2011-07-24 19:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe [2013-08-24 09:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn [2013-06-27 14:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer [2013-03-19 21:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rikie\Application Data\Belastingdienst [2012-07-09 21:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rikie\Application Data\ImgBurn [2012-08-01 20:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rikie\Application Data\Leadertech [color=#E56717:a2a8011611]========== Purity Check ==========[/color:a2a8011611] < End of report > Quote Link naar reactie
anoniem Geplaatst: 24 augustus 2013 Auteur Delen Geplaatst: 24 augustus 2013 En: OTL Extras logfile created on: 24-8-2013 13:36:12 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Rikie\Bureaublad Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 1022,73 Mb Total Physical Memory | 668,03 Mb Available Physical Memory | 65,32% Memory free 2,40 Gb Paging File | 2,11 Gb Available in Paging File | 87,75% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 120,00 Gb Total Space | 106,11 Gb Free Space | 88,42% Space Free | Partition Type: NTFS Drive D: | 76,69 Gb Total Space | 69,09 Gb Free Space | 90,09% Space Free | Partition Type: NTFS Drive E: | 178,09 Gb Total Space | 157,21 Gb Free Space | 88,28% Space Free | Partition Type: NTFS Computer Name: PCBENEDEN | User Name: Rikie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:7dcf4db48f]========== Extra Registry (SafeList) ==========[/color:7dcf4db48f] [color=#E56717:7dcf4db48f]========== File Associations ==========[/color:7dcf4db48f] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-790525478-879983540-1801674531-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717:7dcf4db48f]========== Shell Spawning ==========[/color:7dcf4db48f] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717:7dcf4db48f]========== Security Center Settings ==========[/color:7dcf4db48f] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "UpdatesDisableNotify" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717:7dcf4db48f]========== System Restore Settings ==========[/color:7dcf4db48f] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717:7dcf4db48f]========== Firewall Settings ==========[/color:7dcf4db48f] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717:7dcf4db48f]========== Authorized Applications List ==========[/color:7dcf4db48f] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Mozilla Firefox\plugin-container.exe" = C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox -- (Mozilla Corporation) "C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.) "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) [color=#E56717:7dcf4db48f]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:7dcf4db48f] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1 "{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish "{220C5102-2566-337F-9E9B-C81C5C761BA2}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - NLD "{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard "{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese "{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.2.3456 "{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish "{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart "{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation "{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German "{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins "{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French "{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian "{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57573545-74EB-46D2-B362-AA05364E4ED8}" = LogMeIn "{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support "{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek "{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full "{6965F2F4-1CD2-4F42-A8EF-9EF433F9AA72}" = IPTInstaller "{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New "{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C788975-88ED-3C52-A188-6C944E9BD07D}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - NLD "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding "{8e71ec43-ee30-4608-9a3a-cbe3c2c7f17d}" = Nero 9 "{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003 "{90120000-0020-0413-0000-0000000FF1CE}" = Compatibiliteitspakket voor het 2007 Microsoft Office system "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express "{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A395750A-78D7-36D1-A59D-1A0B601D4BDC}" = Microsoft .NET Framework 3.5 Language Pack - nld "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1043-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Nederlands "{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian "{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish "{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime "{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite "{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit "{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing "{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish "{D22AFEDF-6A5B-459D-A9EA-D16E422E4C18}" = Nokia Connectivity Cable Driver "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech-webcamsoftware "{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help "{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light "{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "Aangifte inkomstenbelasting 2011" = Aangifte inkomstenbelasting 2011 "Aangifte inkomstenbelasting 2012" = Aangifte inkomstenbelasting 2012 "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "All ATI Software" = ATI - Software-verwijderprogramma "ATI Display Driver" = ATI Display Driver "ATITool" = ATITool Overclocking Utility "Digital Editions" = Adobe Digital Editions "DivX Setup.divx.com" = DivX Setup "ESET Online Scanner" = ESET Online Scanner v3 "Google Chrome" = Google Chrome "HD Tune_is1" = HD Tune 2.55 "ie8" = Windows Internet Explorer 8 "ImgBurn" = ImgBurn "IrfanView" = IrfanView (remove only) "Logitech Vid" = Logitech Vid HD "lvdrivers_12.10" = Logitech Webcam Software-stuurprogrammapakket "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.75.0.1300 "Microsoft .NET Framework 3.5 Language Pack - nld" = Taalpakket voor Microsoft .NET Framework 3.5 - NL "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Mozilla Firefox 23.0.1 (x86 nl)" = Mozilla Firefox 23.0.1 (x86 nl) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "VLC media player" = VLC media player 1.1.11 "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinRAR archiver" = WinRAR 4.01 (32-bit) "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717:7dcf4db48f]========== Last 20 Event Log Errors ==========[/color:7dcf4db48f] [ Application Events ] Error - 30-6-2013 13:49:45 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11500 Description = Product: QuickTime -- Fout 1500. Er wordt al een andere installatie uitgevoerd. U moet deze installatie voltooien als u door wilt gaan. Error - 30-6-2013 13:49:46 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11500 Description = Product: QuickTime -- Fout 1500. Er wordt al een andere installatie uitgevoerd. U moet deze installatie voltooien als u door wilt gaan. Error - 30-6-2013 13:49:46 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11500 Description = Product: QuickTime -- Fout 1500. Er wordt al een andere installatie uitgevoerd. U moet deze installatie voltooien als u door wilt gaan. Error - 12-8-2013 5:13:47 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11404 Description = Product: ESET NOD32 Antivirus -- Probleem 1404. Kon sleutel \Software\ESET\ESET Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder. Error - 12-8-2013 5:13:47 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11404 Description = Product: ESET NOD32 Antivirus -- Probleem 1404. Kon sleutel \Software\ESET\ESET Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder. Error - 12-8-2013 5:13:48 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11404 Description = Product: ESET NOD32 Antivirus -- Probleem 1404. Kon sleutel \Software\ESET\ESET Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder. Error - 12-8-2013 5:13:48 | Computer Name = PCBENEDEN | Source = MsiInstaller | ID = 11404 Description = Product: ESET NOD32 Antivirus -- Probleem 1404. Kon sleutel \Software\ESET\ESET Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder. Error - 14-8-2013 8:38:47 | Computer Name = PCBENEDEN | Source = crypt32 | ID = 131083 Description = Het uitpakken van een basislijst uit de cab voor automatische updates is mislukt op <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> met de fout: Een vereist certificaat valt niet binnen de geldigheidsperiode als gekeken wordt naar de huidige systeemklok of de tijdstempel in het ondertekende bestand. Error - 14-8-2013 8:38:47 | Computer Name = PCBENEDEN | Source = crypt32 | ID = 131083 Description = Het uitpakken van een basislijst uit de cab voor automatische updates is mislukt op <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> met de fout: Een vereist certificaat valt niet binnen de geldigheidsperiode als gekeken wordt naar de huidige systeemklok of de tijdstempel in het ondertekende bestand. Error - 16-8-2013 19:11:45 | Computer Name = PCBENEDEN | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: WINWORD.EXE, versie: 11.0.8345.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. [ System Events ] Error - 24-7-2013 13:49:30 | Computer Name = PCBENEDEN | Source = Service Control Manager | ID = 7038 Description = De RemoteRegistry-service kan niet als NT AUTHORITY\LocalService met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout: %%5 Gebruik de module Services in de Microsoft Management Console (MMC) om te controleren of de service juist is geconfigureerd. Error - 24-7-2013 13:49:30 | Computer Name = PCBENEDEN | Source = Service Control Manager | ID = 7000 Description = De Remote Registry-service kan vanwege de volgende fout niet worden gestart: %%1069 Error - 2-8-2013 9:44:26 | Computer Name = PCBENEDEN | Source = Service Control Manager | ID = 7038 Description = De RemoteRegistry-service kan niet als NT AUTHORITY\LocalService met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout: %%5 Gebruik de module Services in de Microsoft Management Console (MMC) om te controleren of de service juist is geconfigureerd. Error - 2-8-2013 9:44:26 | Computer Name = PCBENEDEN | Source = Service Control Manager | ID = 7000 Description = De Remote Registry-service kan vanwege de volgende fout niet worden gestart: %%1069 Error - 6-8-2013 5:54:11 | Computer Name = PCBENEDEN | Source = WPDMTPDriver | ID = 80836 Description = MTP WPD Driver has failed to start. Error 0x8007001f. Error - 17-8-2013 9:28:53 | Computer Name = PCBENEDEN | Source = Service Control Manager | ID = 7032 Description = Servicebesturingsbeheer heeft na het onverwachte afsluiten van de Windows Management Instrumentation-service geprobeerd een herstelactie (Service opnieuw starten) uit te voeren, maar deze actie is met de volgende fout mislukt: %%1056 < End of report > Quote Link naar reactie
Aanbevolen berichten
Om een reactie te plaatsen, moet je eerst inloggen