Ga naar inhoud

Schokkerig Flash en 100%CPU na opstarten

anoniem

Door anoniem,
in Besturingssystemen

Aanbevolen berichten

anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
[b:6ebdf3effe]Sluit voordat [img:6ebdf3effe]http://www.imgdumper.nl/uploads7/51f51523a2765/51f51523a23a0-OTL_Canned_Nieuw.png[/img:6ebdf3effe][color=#008000:6ebdf3effe]OTL[/color:6ebdf3effe] de fix gaat doen, eerst alle andere openstaande vensters![/b:6ebdf3effe] [list:6ebdf3effe][*:6ebdf3effe][b:6ebdf3effe][color=#0000FF:6ebdf3effe]Windows 2000[/color:6ebdf3effe][/b:6ebdf3effe] en [color=#0000FF:6ebdf3effe][b:6ebdf3effe]Windows XP[/b:6ebdf3effe][/color:6ebdf3effe]: dubbelklik op [b:6ebdf3effe]OTL.exe[/b:6ebdf3effe]. [*:6ebdf3effe][color=#0000FF:6ebdf3effe][b:6ebdf3effe]Windows Vista[/b:6ebdf3effe][/color:6ebdf3effe], [color=#0000FF:6ebdf3effe][b:6ebdf3effe]Windows 7[/b:6ebdf3effe][/color:6ebdf3effe] en [color=#0000FF:6ebdf3effe][b:6ebdf3effe]Windows 8[/b:6ebdf3effe][/color:6ebdf3effe]: via rechtsklik op [b:6ebdf3effe]OTL.exe[/b:6ebdf3effe] en kies voor "Als Administrator uitvoeren". [b:6ebdf3effe][*:6ebdf3effe]Kopieer onderstaande in de Code-kader staande tekst en plak deze in het venster onder [img:6ebdf3effe]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:6ebdf3effe][/b:6ebdf3effe][/list:u:6ebdf3effe] [code:1:6ebdf3effe] :OTL O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found :Services :Reg :Files ipconfig /flushdns /c :Commands [purity] [emptytemp] [resethosts] [emptyjava] [emptyflash] [createrestorepoint] [reboot][/code:1:6ebdf3effe] [list:6ebdf3effe][*:6ebdf3effe]Klik daarna bovenaan op [img:6ebdf3effe]http://www.imgdumper.nl/uploads5/4f911cee9de47/4f911cee9da59-OTL-4.png[/img:6ebdf3effe] [*:6ebdf3effe]Laat het programma ongestoord zijn werk doen. [*:6ebdf3effe][color=#FF0000:6ebdf3effe][b:6ebdf3effe]OTL zal na de scan melden dat de PC opnieuw opgestart gaat worden. Sta dat dus toe.[/b:6ebdf3effe][/color:6ebdf3effe] [*:6ebdf3effe]Klik op [b:6ebdf3effe]OK[/b:6ebdf3effe] [*:6ebdf3effe]Na het opnieuw opstarten wordt enkel een nieuw log geopend. [*:6ebdf3effe]Post via kopiëren en plakken de inhoud van dat OTL-scanlog.[/list:u:6ebdf3effe]
Link naar reactie
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== [color=#A23BEC:e1dce7f1cc]< ipconfig /flushdns /c >[/color:e1dce7f1cc] Windows IP-configuratie De DNS-omzettingscache is leeggemaakt. C:\Documents and Settings\Rikie\Bureaublad\cmd.bat deleted successfully. C:\Documents and Settings\Rikie\Bureaublad\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LogMeInRemoteUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 51196890 bytes User: Rikie ->Temp folder emptied: 40312193 bytes ->Temporary Internet Files folder emptied: 68103256 bytes ->Java cache emptied: 146011 bytes ->FireFox cache emptied: 456895473 bytes ->Google Chrome cache emptied: 73533629 bytes ->Flash cache emptied: 122906 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2351678 bytes %systemroot%\System32 .tmp files removed: 4546333 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 310063027 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 15255 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 961,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYJAVA] User: All Users User: Default User User: LocalService User: LogMeInRemoteUser User: NetworkService User: Rikie ->Java cache emptied: 0 bytes Total Java Files Cleaned = 0,00 mb [EMPTYFLASH] User: All Users User: Default User User: LocalService User: LogMeInRemoteUser User: NetworkService User: Rikie ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 08262013_152929 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...
Link naar reactie
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
We kijken verder: [b:40b65d8d5e]Download [img:40b65d8d5e]http://www.imgdumper.nl/uploads6/51c590ce3cf4a/51c590ce361e7-ComboFix_resized_2.png[/img:40b65d8d5e][color=#008000:40b65d8d5e][b] ComboFix[/b:40b65d8d5e][/color:40b65d8d5e] via één van deze locaties[/B]: [list:40b65d8d5e][*:40b65d8d5e][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:40b65d8d5e]Bleepingcomputer[/b:40b65d8d5e][/url] [*:40b65d8d5e][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:40b65d8d5e]ForoSpyware[/b:40b65d8d5e][/url] [*:40b65d8d5e][url=http://subs.geekstogo.com/ComboFix.exe][b:40b65d8d5e]Geekstogo[/b:40b65d8d5e][/url][/list:u:40b65d8d5e] [b:40b65d8d5e]Downloadlokatie[/b:40b65d8d5e]: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen! [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:40b65d8d5e][color=#0000FF:40b65d8d5e]Hier[/color:40b65d8d5e][/b:40b65d8d5e][/url] vind je extra informatie over ComboFix. [color=#FF0000:40b65d8d5e][b:40b65d8d5e]Antivirusprogramma en actieve malwarescanners dienen al voor je [b]ComboFix[/b:40b65d8d5e] start gedeaktiveert zijn![/b][/color:40b65d8d5e] [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608][b:40b65d8d5e][color=#0000FF:40b65d8d5e]Hier[/color:40b65d8d5e][/b:40b65d8d5e][/url] en [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607][b:40b65d8d5e][color=#0000FF:40b65d8d5e]hier[/color:40b65d8d5e][/b:40b65d8d5e][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:40b65d8d5e]Opmerkingen[/b:40b65d8d5e]: [list:40b65d8d5e][*:40b65d8d5e] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:40b65d8d5e]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:40b65d8d5e] [b:40b65d8d5e]ComboFix opstarten[/b:40b65d8d5e]: [list:40b65d8d5e][*:40b65d8d5e][b:40b65d8d5e][color=#0000FF:40b65d8d5e]Windows 2000[/color:40b65d8d5e][/b:40b65d8d5e] en [color=#0000FF:40b65d8d5e][b:40b65d8d5e]Windows XP[/b:40b65d8d5e][/color:40b65d8d5e]: dubbelklik op ComboFix.exe.[/list:u:40b65d8d5e] [b:40b65d8d5e]ComboFix is opgestart[/b:40b65d8d5e]: [list:40b65d8d5e][*:40b65d8d5e]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:40b65d8d5e]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:40b65d8d5e]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:40b65d8d5e]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:40b65d8d5e]Post de inhoud van dit logbestand in je volgende bericht. [*:40b65d8d5e]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:40b65d8d5e] [b:40b65d8d5e]Belangrijke opmerking[/b:40b65d8d5e]: [list:40b65d8d5e][*:40b65d8d5e][b:40b65d8d5e][color=#0000FF:40b65d8d5e]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:40b65d8d5e][/b:40b65d8d5e] [*:40b65d8d5e][b:40b65d8d5e][color=#FF0000:40b65d8d5e]Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.[/color:40b65d8d5e][/b:40b65d8d5e] [*:40b65d8d5e][b:40b65d8d5e][color=#008000:40b65d8d5e]Start dan de computer opnieuw op.[/color:40b65d8d5e][/b:40b65d8d5e][/list:u:40b65d8d5e]
Link naar reactie
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Weer een log: ComboFix 13-08-27.02 - Rikie 27-08-2013 19:00:16.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1023.672 [GMT 2:00] Gestart vanuit: c:\documents and settings\Rikie\Bureaublad\ComboFix.exe . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Rikie\WINDOWS c:\windows\IsUn0413.exe c:\windows\system32\msssc.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2013-07-27 to 2013-08-27 )))))))))))))))))))))))))))))) . . 2013-08-26 13:29 . 2013-08-26 13:29 -------- d-----w- C:\_OTL 2013-08-22 09:05 . 2013-08-22 09:05 -------- d-----w- c:\program files\ESET 2013-08-15 13:42 . 2013-08-15 13:42 -------- d-----w- c:\windows\system32\wbem\Repository 2013-08-15 13:39 . 2013-08-15 13:39 -------- d-----w- C:\TDSSKiller_Quarantine 2013-08-15 11:10 . 2013-08-15 11:10 -------- d-----w- c:\program files\Common Files\Java 2013-08-13 15:47 . 2013-08-13 15:47 -------- d-----w- c:\windows\ERUNT 2013-08-12 11:09 . 2013-08-12 11:09 -------- d-----w- c:\documents and settings\Rikie\Application Data\Malwarebytes 2013-08-12 11:09 . 2013-08-12 11:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2013-08-12 11:09 . 2013-08-12 11:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-08-12 11:09 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-08-12 11:02 . 2013-08-12 11:02 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-08-12 11:02 . 2013-08-12 11:02 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-08-12 09:57 . 2013-08-12 09:57 -------- d-----w- c:\windows\system32\Macromed 2013-08-12 09:19 . 2013-08-12 09:19 -------- d-----w- c:\documents and settings\Rikie\Local Settings\Application Data\ATI 2013-08-12 09:19 . 2013-08-12 09:19 -------- d-----w- c:\documents and settings\Rikie\Application Data\ATI 2013-08-12 09:19 . 2013-08-12 09:19 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI 2013-08-12 09:17 . 2013-08-12 09:17 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll 2013-08-12 09:17 . 2003-11-10 16:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll 2013-08-12 09:17 . 2003-11-10 16:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll 2013-08-12 09:17 . 2003-11-10 16:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll 2013-08-12 09:17 . 2003-11-10 16:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll 2013-08-12 09:17 . 2003-11-10 16:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe 2013-08-12 09:17 . 2013-08-12 09:17 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-08 18:36 . 2011-07-24 17:21 86888 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2013-06-08 18:36 . 2011-07-24 17:21 53064 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll 2013-06-08 18:36 . 2011-07-24 17:21 31560 ----a-w- c:\windows\system32\LMIport.dll 2013-06-08 18:36 . 2011-07-24 17:20 92488 ----a-w- c:\windows\system32\LMIinit.dll 2013-06-02 20:50 . 2011-07-24 17:21 86888 -c--a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak 2013-06-02 20:50 . 2011-07-24 17:20 92488 -c--a-w- c:\windows\system32\LMIinit.dll.000.bak . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2011-07-23 . 497BEF5C5FAD126CA16437C1682F64EA . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATITool"="c:\program files\ATITool\ATITool.exe" [2006-12-08 3035136] "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2011-01-11 63048] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336] "PtiuPbmd"="ptipbm.dll" [2003-01-15 24576] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2012-01-18 465944] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Statusvenster.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe Brother DCP-115C /STARTUP [2011-7-24 802816] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit] 2013-06-08 18:36 92488 ----a-w- c:\windows\system32\LMIinit.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0] 2005-07-19 10:36 933888 -c----w- c:\program files\Brother\ControlCenter2\brctrcen.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] 2007-04-03 22:29 165784 ----a-w- c:\program files\DAEMON Tools\daemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-03-21 18:56 1230704 -c--a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2008-06-09 08:16 2363392 -c--a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2013-05-01 01:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt] 2005-01-26 16:02 49152 -c----w- c:\program files\Brother\Brmfl05a\BrStDvPt.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"= "c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24-7-2011 19:02 682232] R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [23-7-2011 18:11 77312] R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [6-7-2011 16:32 375120] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [11-1-2011 19:04 13624] R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [8-10-2012 17:04 166912] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [9-11-2012 12:21 160944] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [25-6-2013 11:19 24576] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [8-10-2012 17:04 21248] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-08-21 16:38 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-08-20 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2013-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 10:33] . 2013-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 10:33] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.35.25 212.54.40.25 FF - ProfilePath - c:\documents and settings\Rikie\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ . - - - - ORPHANS VERWIJDERD - - - - . MSConfigStartUp-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe AddRemove-KB923789 - c:\windows\system32\MacroMed\Flash\genuinst.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-08-27 19:04 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info] @Denied: (2) (LocalSystem) @SACL= "AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET NOD32 Antivirus\\" "DataDir"="ESET\\ESET NOD32 Antivirus\\" "EditionName"=" " "InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\" "LanguageId"=dword:00000413 "PackageTag"=dword:6090e758 "ProductBase"=dword:00000000 "ProductCode"="{C8867FA8-526F-4C5A-BCE4-1FB33B637A9B}" "ProductName"="ESET NOD32 Antivirus" "ProductType"="eav" "ProductVersion"="4.2.64.12" "UniqueId"="0002C72E4E2C6BE5" "ScannerBuild"=dword:00001dd3 "ScannerVersionId"=dword:000014f0 "ScannerVersion"="Locked/open ESET for status." . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–¤|ÿÿÿÿ¤•¤|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(764) c:\windows\system32\Ati2evxx.dll c:\windows\system32\LMIinit.dll c:\windows\system32\LMIRfsClientNP.dll . Voltooingstijd: 2013-08-27 19:05:29 ComboFix-quarantined-files.txt 2013-08-27 17:05 . Pre-Run: 114.686.894.080 bytes beschikbaar Post-Run: 114.642.673.664 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - D051C457944584306A332763C8BBF23D 3051207086651214E435112E51817DC5 Edit: nog steeds 100% cpu-gebruik....
Link naar reactie
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Download [img:b34be2848d]http://www.imgdumper.nl/uploads7/52063a410b171/52063a40e2e64-Farbar_Recovery_Scan_Tool_canned.png[/img:b34be2848d] [b:b34be2848d]Farbar Recovery Scan Tool[/b:b34be2848d] 32 of 64 bit van één van de onderstaande links [url=http://download.bleepingcomputer.com/farbar/FRST.exe][b:b34be2848d]Farbar Recovery Scan Tool 32 bit (x86)[/b:b34be2848d][/url] [url=http://download.bleepingcomputer.com/farbar/FRST64.exe][b:b34be2848d]Farbar Recovery Scan Tool 64 bit (x64)[/b:b34be2848d][/url] [b:b34be2848d]Downloadlokatie[/b:b34be2848d]: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen! [b:b34be2848d]Opmerkingen[/b:b34be2848d]: [list:b34be2848d][*:b34be2848d]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:b34be2848d] [b:b34be2848d]FRST opstarten[/b:b34be2848d]: [list:b34be2848d][*:b34be2848d][b:b34be2848d][COLOR="Blue"]Windows 2000[/COLOR][/b:b34be2848d] en [COLOR="Blue"][b:b34be2848d]Windows XP[/b:b34be2848d][/COLOR]: dubbelklik op [b:b34be2848d]FRST.exe[/b:b34be2848d]. [*:b34be2848d][COLOR="Blue"][b:b34be2848d]Windows Vista[/b:b34be2848d][/COLOR], [COLOR="Blue"][b:b34be2848d]Windows 7[/b:b34be2848d][/COLOR] en [COLOR="Blue"][b:b34be2848d]Windows 8[/b:b34be2848d][/COLOR]: via rechtsklik op [b:b34be2848d]FRST.exe of FRST64.exe[/b:b34be2848d] en kies voor "Als Administrator uitvoeren".[/list:u:b34be2848d] [b:b34be2848d]FRST is opgestart[/b:b34be2848d]: [list:b34be2848d][*:b34be2848d]Wanneer het programma is geopend klik dan op de knop [b:b34be2848d]Yes[/b:b34be2848d] bij de disclaimer. [*:b34be2848d]Druk vervolgens op de [b:b34be2848d]Scan[/b:b34be2848d] knop. [*:b34be2848d]Aansluitend zal een logbestand (FRST.txt) aangemaakt worden en op het bureaublad opgeslagen worden. [*:b34be2848d] Post de inhoud van [b:b34be2848d]FRST.txt[/b:b34be2848d] in je volgende bericht[/list:u:b34be2848d].
Link naar reactie
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-08-2013 Ran by Rikie at 2013-08-28 15:02:58 Running from C:\Documents and Settings\Rikie\Bureaublad Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Aangifte inkomstenbelasting 2011 Aangifte inkomstenbelasting 2012 Adobe Digital Editions Adobe Flash Player 11 Plugin (Version: 11.8.800.94) Adobe Reader XI (11.0.03) - Nederlands (Version: 11.0.03) Advertising Center (Version: 0.0.0.1) Apple Application Support (Version: 2.3.4) Apple Software Update (Version: 2.1.3.127) ATI - Software-verwijderprogramma (Version: 6.14.10.1022) ATI Catalyst Control Center (Version: 2.010.0210.2338) ATI Display Driver (Version: 8.593.100-100210a-095952E-ATI) ATITool Overclocking Utility (Version: 0.26) Beveiligingsupdate voor Microsoft Windows (KB2564958) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531) (Version: 1) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521) (Version: 1) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2699988) (Version: 1) Beveiligingsupdate voor Windows Media Player (KB2378111) Beveiligingsupdate voor Windows Media Player (KB954155) Beveiligingsupdate voor Windows Media Player (KB973540) Beveiligingsupdate voor Windows Media Player (KB975558) Beveiligingsupdate voor Windows Media Player (KB978695) Beveiligingsupdate voor Windows XP (KB2115168) (Version: 1) Beveiligingsupdate voor Windows XP (KB2229593) (Version: 1) Beveiligingsupdate voor Windows XP (KB2296011) (Version: 1) Beveiligingsupdate voor Windows XP (KB2347290) (Version: 1) Beveiligingsupdate voor Windows XP (KB2360937) (Version: 1) Beveiligingsupdate voor Windows XP (KB2387149) (Version: 1) Beveiligingsupdate voor Windows XP (KB2393802) (Version: 1) Beveiligingsupdate voor Windows XP (KB2419632) (Version: 1) Beveiligingsupdate voor Windows XP (KB2423089) (Version: 1) Beveiligingsupdate voor Windows XP (KB2440591) (Version: 1) Beveiligingsupdate voor Windows XP (KB2443105) (Version: 1) Beveiligingsupdate voor Windows XP (KB2476490) (Version: 1) Beveiligingsupdate voor Windows XP (KB2478960) (Version: 1) Beveiligingsupdate voor Windows XP (KB2478971) (Version: 1) Beveiligingsupdate voor Windows XP (KB2479943) (Version: 1) Beveiligingsupdate voor Windows XP (KB2483185) (Version: 1) Beveiligingsupdate voor Windows XP (KB2483614) (Version: 1) Beveiligingsupdate voor Windows XP (KB2485663) (Version: 1) Beveiligingsupdate voor Windows XP (KB2506212) (Version: 1) Beveiligingsupdate voor Windows XP (KB2507618) (Version: 1) Beveiligingsupdate voor Windows XP (KB2507938) (Version: 1) Beveiligingsupdate voor Windows XP (KB2508429) (Version: 1) Beveiligingsupdate voor Windows XP (KB2509553) (Version: 1) Beveiligingsupdate voor Windows XP (KB2535512) (Version: 1) Beveiligingsupdate voor Windows XP (KB2536276-v2) (Version: 2) Beveiligingsupdate voor Windows XP (KB2544893-v2) (Version: 2) Beveiligingsupdate voor Windows XP (KB2566454) (Version: 1) Beveiligingsupdate voor Windows XP (KB2570947) (Version: 1) Beveiligingsupdate voor Windows XP (KB2584146) (Version: 1) Beveiligingsupdate voor Windows XP (KB2585542) (Version: 1) Beveiligingsupdate voor Windows XP (KB2592799) (Version: 1) Beveiligingsupdate voor Windows XP (KB2598479) (Version: 1) Beveiligingsupdate voor Windows XP (KB2603381) (Version: 1) Beveiligingsupdate voor Windows XP (KB2618451) (Version: 1) Beveiligingsupdate voor Windows XP (KB2619339) (Version: 1) Beveiligingsupdate voor Windows XP (KB2620712) (Version: 1) Beveiligingsupdate voor Windows XP (KB2624667) (Version: 1) Beveiligingsupdate voor Windows XP (KB2631813) (Version: 1) Beveiligingsupdate voor Windows XP (KB2646524) (Version: 1) Beveiligingsupdate voor Windows XP (KB2653956) (Version: 1) Beveiligingsupdate voor Windows XP (KB2655992) (Version: 1) Beveiligingsupdate voor Windows XP (KB2659262) (Version: 1) Beveiligingsupdate voor Windows XP (KB2661637) (Version: 1) Beveiligingsupdate voor Windows XP (KB2676562) (Version: 1) Beveiligingsupdate voor Windows XP (KB2685939) (Version: 1) Beveiligingsupdate voor Windows XP (KB2691442) (Version: 1) Beveiligingsupdate voor Windows XP (KB2695962) (Version: 1) Beveiligingsupdate voor Windows XP (KB2698365) (Version: 1) Beveiligingsupdate voor Windows XP (KB2707511) (Version: 1) Beveiligingsupdate voor Windows XP (KB2718523) (Version: 1) Beveiligingsupdate voor Windows XP (KB2719985) (Version: 1) Beveiligingsupdate voor Windows XP (KB923561) (Version: 1) Beveiligingsupdate voor Windows XP (KB946648) (Version: 1) Beveiligingsupdate voor Windows XP (KB950762) (Version: 1) Beveiligingsupdate voor Windows XP (KB950974) (Version: 1) Beveiligingsupdate voor Windows XP (KB951376-v2) (Version: 2) Beveiligingsupdate voor Windows XP (KB952004) (Version: 1) Beveiligingsupdate voor Windows XP (KB952954) (Version: 1) Beveiligingsupdate voor Windows XP (KB956572) (Version: 1) Beveiligingsupdate voor Windows XP (KB956802) (Version: 1) Beveiligingsupdate voor Windows XP (KB956844) (Version: 1) Beveiligingsupdate voor Windows XP (KB958644) (Version: 1) Beveiligingsupdate voor Windows XP (KB959426) (Version: 1) Beveiligingsupdate voor Windows XP (KB960803) (Version: 1) Beveiligingsupdate voor Windows XP (KB960859) (Version: 1) Beveiligingsupdate voor Windows XP (KB961501) (Version: 1) Beveiligingsupdate voor Windows XP (KB969059) (Version: 1) Beveiligingsupdate voor Windows XP (KB971657) (Version: 1) Beveiligingsupdate voor Windows XP (KB972270) (Version: 1) Beveiligingsupdate voor Windows XP (KB973507) (Version: 1) Beveiligingsupdate voor Windows XP (KB973869) (Version: 1) Beveiligingsupdate voor Windows XP (KB973904) (Version: 1) Beveiligingsupdate voor Windows XP (KB974112) (Version: 1) Beveiligingsupdate voor Windows XP (KB974318) (Version: 1) Beveiligingsupdate voor Windows XP (KB974392) (Version: 1) Beveiligingsupdate voor Windows XP (KB974571) (Version: 1) Beveiligingsupdate voor Windows XP (KB975025) (Version: 1) Beveiligingsupdate voor Windows XP (KB975560) (Version: 1) Beveiligingsupdate voor Windows XP (KB975713) (Version: 1) Beveiligingsupdate voor Windows XP (KB977816) (Version: 1) Beveiligingsupdate voor Windows XP (KB977914) (Version: 1) Beveiligingsupdate voor Windows XP (KB978338) (Version: 1) Beveiligingsupdate voor Windows XP (KB978542) (Version: 1) Beveiligingsupdate voor Windows XP (KB978706) (Version: 1) Beveiligingsupdate voor Windows XP (KB979309) (Version: 1) Beveiligingsupdate voor Windows XP (KB979482) (Version: 1) Beveiligingsupdate voor Windows XP (KB979687) (Version: 1) Beveiligingsupdate voor Windows XP (KB981322) (Version: 1) Beveiligingsupdate voor Windows XP (KB981997) (Version: 1) Beveiligingsupdate voor Windows XP (KB982132) (Version: 1) Beveiligingsupdate voor Windows XP (KB982665) (Version: 1) Brother MFL-Pro Suite (Version: 1.00.000) CameraHelperMsi (Version: 13.31.1038.0) Catalyst Control Center - Branding (Version: 1.00.0000) Catalyst Control Center Core Implementation (Version: 2010.0210.2339.42455) Catalyst Control Center Graphics Full Existing (Version: 2010.0210.2339.42455) Catalyst Control Center Graphics Full New (Version: 2010.0210.2339.42455) Catalyst Control Center Graphics Light (Version: 2010.0210.2339.42455) Catalyst Control Center Graphics Previews Common (Version: 2010.0210.2339.42455) Catalyst Control Center HydraVision Full (Version: 2010.0210.2339.42455) Catalyst Control Center Localization All (Version: 2010.0210.2339.42455) CCC Help Chinese Standard (Version: 2010.0210.2338.42455) CCC Help Chinese Traditional (Version: 2010.0210.2338.42455) CCC Help Czech (Version: 2010.0210.2338.42455) CCC Help Danish (Version: 2010.0210.2338.42455) CCC Help Dutch (Version: 2010.0210.2338.42455) CCC Help English (Version: 2010.0210.2338.42455) CCC Help Finnish (Version: 2010.0210.2338.42455) CCC Help French (Version: 2010.0210.2338.42455) CCC Help German (Version: 2010.0210.2338.42455) CCC Help Greek (Version: 2010.0210.2338.42455) CCC Help Hungarian (Version: 2010.0210.2338.42455) CCC Help Italian (Version: 2010.0210.2338.42455) CCC Help Japanese (Version: 2010.0210.2338.42455) CCC Help Korean (Version: 2010.0210.2338.42455) CCC Help Norwegian (Version: 2010.0210.2338.42455) CCC Help Polish (Version: 2010.0210.2338.42455) CCC Help Portuguese (Version: 2010.0210.2338.42455) CCC Help Russian (Version: 2010.0210.2338.42455) CCC Help Spanish (Version: 2010.0210.2338.42455) CCC Help Swedish (Version: 2010.0210.2338.42455) CCC Help Thai (Version: 2010.0210.2338.42455) CCC Help Turkish (Version: 2010.0210.2338.42455) ccc-core-preinstall (Version: 2010.0210.2339.42455) ccc-core-static (Version: 2010.0210.2339.42455) ccc-utility (Version: 2010.0210.2339.42455) Compatibiliteitspakket voor het 2007 Microsoft Office system (Version: 12.0.6612.1000) DivX Setup (Version: 2.5.0.15) DolbyFiles (Version: 2.0) erLT (Version: 1.20.138.34) ESET Online Scanner v3 Google Chrome (Version: 29.0.1547.57) Google Update Helper (Version: 1.3.21.153) HD Tune 2.55 Hotfix voor Windows XP (KB2633952) (Version: 1) Hotfix voor Windows XP (KB942288-v3) (Version: 3) Hotfix voor Windows XP (KB969084) (Version: 3) ImagXpress (Version: 7.0.74.0) ImgBurn (Version: 2.5.7.0) IPTInstaller (Version: 4.0.4) IrfanView (remove only) (Version: 4.30) LightScribe System Software 1.14.17.1 (Version: 1.14.17.1) Logitech Vid HD (Version: 7.2 (7259)) Logitech Webcam Software-stuurprogrammapakket (Version: 12.10.1110) Logitech-webcamsoftware (Version: 2.31) LogMeIn (Version: 4.1.1868) LWS Facebook (Version: 13.31.1038.0) LWS Gallery (Version: 13.31.1038.0) LWS Help_main (Version: 13.31.1044.0) LWS Launcher (Version: 13.31.1038.0) LWS Pictures And Video (Version: 13.31.1038.0) LWS Twitter (Version: 13.30.1346.0) LWS Webcam Software (Version: 13.31.1038.0) LWS WLM Plugin (Version: 1.30.1201.0) LWS YouTube Plugin (Version: 13.31.1038.0) Malwarebytes Anti-Malware versie 1.75.0.1300 (Version: 1.75.0.1300) Marvell Miniport Driver (Version: 6.30) Media Player Classic - Home Cinema v1.5.2.3456 (Version: 1.5.2.3456) Menu Templates - Starter Kit (Version: 9.0.4.0) Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - NLD (Version: 2.1.21022) Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729) Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - NLD (Version: 3.1.21022) Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729) Microsoft .NET Framework 3.5 Language Pack - nld (Version: 3.5.21022) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1) Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Office Professional Editie 2003 (Version: 11.0.8173.0) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Movie Templates - Starter Kit (Version: 9.0.4.0) Mozilla Firefox 23.0.1 (x86 nl) (Version: 23.0.1) Mozilla Maintenance Service (Version: 23.0.1) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) Nero 9 Nero BurningROM (Version: 9.0.0.0) Nero ControlCenter (Version: 9.0.0.1) Nero CoverDesigner (Version: 4.0.3.100) Nero CoverDesigner Help (Version: 4.0.0.0) Nero Express (Version: 9.0.0.0) Nero Installer (Version: 2.0.0.1) Nero StartSmart (Version: 9.0.6.100) Nero StartSmart Help (Version: 9.0.0.0) NeroBurningROM (Version: 9.0.6.100) NeroExpress (Version: 9.0.6.100) neroxml (Version: 1.0.0) Nokia Connectivity Cable Driver (Version: 7.1.34.0) QuickTime (Version: 7.74.80.86) Skins (Version: 2010.0210.2339.42455) Skype™ 6.0 (Version: 6.0.126) SoundMAX (Version: 5.12.01.3663) Taalpakket voor Microsoft .NET Framework 3.5 - NL Update voor Windows XP (KB898461) (Version: 1) Update voor Windows XP (KB973815) (Version: 1) VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0) VIA Integrated Setup Wizard (Version: 0.99) VLC media player 1.1.11 (Version: 1.1.11) WebFldrs XP (Version: 9.50.7523) Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2) Windows Internet Explorer 8 (Version: 20090308.140743) Windows Media Format 11 runtime Windows Media Player 11 WinRAR 4.01 (32-bit) (Version: 4.01.0) XML Paper Specification Shared Components Language Pack 1.0 XML Paper Specification Shared Components Pack 1.0 ==================== Restore Points ========================= 31-05-2013 08:51:33 Controlepunt van systeem 01-06-2013 09:16:05 Controlepunt van systeem 02-06-2013 20:51:05 Printerstuurprogramma LogMeIn Printer Driver is geïnstalleerd 04-06-2013 15:59:05 Controlepunt van systeem 06-06-2013 17:30:10 Controlepunt van systeem 07-06-2013 17:46:56 Controlepunt van systeem 08-06-2013 18:38:09 Printerstuurprogramma LogMeIn Printer Driver is geïnstalleerd 11-06-2013 17:08:52 Controlepunt van systeem 14-06-2013 10:31:35 Controlepunt van systeem 18-06-2013 12:44:18 Controlepunt van systeem 20-06-2013 20:10:43 Controlepunt van systeem 22-06-2013 08:30:18 Controlepunt van systeem 24-06-2013 20:51:02 Controlepunt van systeem 25-06-2013 09:20:03 Installed Windows XP Wdf01007. 26-06-2013 09:22:26 Controlepunt van systeem 27-06-2013 10:41:36 Controlepunt van systeem 27-06-2013 12:04:47 Geïnstalleerd Rapport 28-06-2013 16:28:18 Controlepunt van systeem 30-06-2013 11:20:05 Controlepunt van systeem 30-06-2013 15:54:28 Verwijderd Rapport 30-06-2013 17:57:55 Geïnstalleerd: QuickTime 02-07-2013 12:52:13 Controlepunt van systeem 03-07-2013 15:53:33 Controlepunt van systeem 04-07-2013 18:30:55 Controlepunt van systeem 05-07-2013 19:43:29 Controlepunt van systeem 07-07-2013 11:35:00 Controlepunt van systeem 08-07-2013 19:05:38 Controlepunt van systeem 10-07-2013 18:55:00 Controlepunt van systeem 11-07-2013 18:56:08 Controlepunt van systeem 12-07-2013 19:48:43 Controlepunt van systeem 14-07-2013 07:45:41 Controlepunt van systeem 15-07-2013 07:55:19 Controlepunt van systeem 16-07-2013 15:51:55 Controlepunt van systeem 18-07-2013 16:06:08 Controlepunt van systeem 19-07-2013 17:00:43 Controlepunt van systeem 21-07-2013 11:27:53 Controlepunt van systeem 22-07-2013 16:18:36 Controlepunt van systeem 23-07-2013 16:31:09 Controlepunt van systeem 24-07-2013 18:16:18 Controlepunt van systeem 26-07-2013 19:14:29 Controlepunt van systeem 28-07-2013 09:55:17 Controlepunt van systeem 30-07-2013 15:51:56 Controlepunt van systeem 31-07-2013 17:07:07 Controlepunt van systeem 01-08-2013 17:38:53 Controlepunt van systeem 02-08-2013 18:41:49 Controlepunt van systeem 06-08-2013 09:28:34 Controlepunt van systeem 08-08-2013 14:43:17 Controlepunt van systeem 12-08-2013 08:58:03 Herstelbewerking 12-08-2013 09:08:39 Herstelbewerking 12-08-2013 09:17:39 Geïnstalleerd ATI Catalyst Control Center 14-08-2013 13:46:51 Controlepunt van systeem 15-08-2013 11:06:51 Removed Java 7 Update 21 15-08-2013 11:07:14 Removed Java(TM) 6 Update 26 15-08-2013 11:09:45 Installed Java 7 Update 25 15-08-2013 13:41:42 Herstelbewerking 16-08-2013 20:18:17 Controlepunt van systeem 17-08-2013 21:23:56 Controlepunt van systeem 19-08-2013 10:24:54 Controlepunt van systeem 20-08-2013 11:44:09 Controlepunt van systeem 21-08-2013 16:25:02 Controlepunt van systeem 22-08-2013 18:12:56 Controlepunt van systeem 24-08-2013 15:13:22 Controlepunt van systeem 26-08-2013 09:16:05 Controlepunt van systeem 26-08-2013 13:32:12 OTL Restore Point - 26-8-2013 15:32:09 27-08-2013 15:25:26 Controlepunt van systeem ==================== Hosts content: ========================== 2008-04-15 14:00 - 2013-08-27 19:04 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: D:\Documenten\Rikie\Thumbs.db:encryptable ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/17/2013 01:11:45 AM) (Source: Application Hang) (User: ) Description: Vastgelopen toepassing: WINWORD.EXE, versie: 11.0.8345.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error: (08/14/2013 02:38:47 PM) (Source: crypt32) (User: ) Description: Het uitpakken van een basislijst uit de cab voor automatische updates is mislukt op <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> met de fout: Een vereist certificaat valt niet binnen de geldigheidsperiode als gekeken wordt naar de huidige systeemklok of de tijdstempel in het ondertekende bestand. Error: (08/14/2013 02:38:47 PM) (Source: crypt32) (User: ) Description: Het uitpakken van een basislijst uit de cab voor automatische updates is mislukt op <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> met de fout: Een vereist certificaat valt niet binnen de geldigheidsperiode als gekeken wordt naar de huidige systeemklok of de tijdstempel in het ondertekende bestand. Error: (08/12/2013 11:13:48 AM) (Source: MsiInstaller) (User: PCBENEDEN) Description: Product: ESET NOD32 Antivirus -- Probleem 1404. Kon sleutel \Software\ESET\ESET Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder. Error: (08/12/2013 11:13:48 AM) (Source: MsiInstaller) (User: PCBENEDEN) Description: Product: ESET NOD32 Antivirus -- Probleem 1404. Kon sleutel \Software\ESET\ESET Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder. Error: (08/12/2013 11:13:47 AM) (Source: MsiInstaller) (User: PCBENEDEN) Description: Product: ESET NOD32 Antivirus -- Probleem 1404. Kon sleutel \Software\ESET\ESET Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder. Error: (08/12/2013 11:13:47 AM) (Source: MsiInstaller) (User: PCBENEDEN) Description: Product: ESET NOD32 Antivirus -- Probleem 1404. Kon sleutel \Software\ESET\ESET Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder. Error: (06/30/2013 07:49:46 PM) (Source: MsiInstaller) (User: PCBENEDEN) Description: Product: QuickTime -- Fout 1500. Er wordt al een andere installatie uitgevoerd. U moet deze installatie voltooien als u door wilt gaan. Error: (06/30/2013 07:49:46 PM) (Source: MsiInstaller) (User: PCBENEDEN) Description: Product: QuickTime -- Fout 1500. Er wordt al een andere installatie uitgevoerd. U moet deze installatie voltooien als u door wilt gaan. Error: (06/30/2013 07:49:45 PM) (Source: MsiInstaller) (User: PCBENEDEN) Description: Product: QuickTime -- Fout 1500. Er wordt al een andere installatie uitgevoerd. U moet deze installatie voltooien als u door wilt gaan. System errors: ============= Error: (08/27/2013 07:00:24 PM) (Source: Service Control Manager) (User: ) Description: De BrSplService-service heeft een ongeldige status 0 gerapporteerd. Error: (08/26/2013 03:29:32 PM) (Source: Service Control Manager) (User: ) Description: De SoundMAX Agent Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (08/26/2013 03:29:32 PM) (Source: Service Control Manager) (User: ) Description: De Internet Pass-Through Service-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 1000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (08/26/2013 03:29:32 PM) (Source: Service Control Manager) (User: ) Description: De Nero BackItUp Scheduler 4.0-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 500 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (08/26/2013 03:29:32 PM) (Source: Service Control Manager) (User: ) Description: De LogMeIn-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (08/26/2013 03:29:31 PM) (Source: Service Control Manager) (User: ) Description: De LogMeIn Maintenance Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (08/26/2013 03:29:31 PM) (Source: Service Control Manager) (User: ) Description: De LMIGuardianSvc-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (08/26/2013 03:29:31 PM) (Source: Service Control Manager) (User: ) Description: De LightScribeService Direct Disc Labeling Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (08/26/2013 03:29:30 PM) (Source: Service Control Manager) (User: ) Description: De BrSplService-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (08/26/2013 03:29:30 PM) (Source: Service Control Manager) (User: ) Description: De Ati HotKey Poller-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Microsoft Office Sessions: ========================= Error: (08/17/2013 01:11:45 AM) (Source: Application Hang)(User: ) Description: WINWORD.EXE11.0.8345.0hungapp0.0.0.000000000 Error: (08/14/2013 02:38:47 PM) (Source: crypt32)(User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEen vereist certificaat valt niet binnen de geldigheidsperiode als gekeken wordt naar de huidige systeemklok of de tijdstempel in het ondertekende bestand. Error: (08/14/2013 02:38:47 PM) (Source: crypt32)(User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEen vereist certificaat valt niet binnen de geldigheidsperiode als gekeken wordt naar de huidige systeemklok of de tijdstempel in het ondertekende bestand. Error: (08/12/2013 11:13:48 AM) (Source: MsiInstaller)(User: PCBENEDEN) Description: Product: ESET NOD32 Antivirus -- Probleem 1404. Kon sleutel \Software\ESET\ESET Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder.(NULL)(NULL)(NULL)(NULL) Error: (08/12/2013 11:13:48 AM) (Source: MsiInstaller)(User: PCBENEDEN) Description: Product: ESET NOD32 Antivirus -- Probleem 1404. Kon sleutel \Software\ESET\ESET Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder.(NULL)(NULL)(NULL)(NULL) Error: (08/12/2013 11:13:47 AM) (Source: MsiInstaller)(User: PCBENEDEN) Description: Product: ESET NOD32 Antivirus -- Probleem 1404. Kon sleutel \Software\ESET\ESET Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder.(NULL)(NULL)(NULL)(NULL) Error: (08/12/2013 11:13:47 AM) (Source: MsiInstaller)(User: PCBENEDEN) Description: Product: ESET NOD32 Antivirus -- Probleem 1404. Kon sleutel \Software\ESET\ESET Security niet verwijderen. Systeemfout . Neem contact op met uw systeembeheerder.(NULL)(NULL)(NULL)(NULL) Error: (06/30/2013 07:49:46 PM) (Source: MsiInstaller)(User: PCBENEDEN) Description: Product: QuickTime -- Fout 1500. Er wordt al een andere installatie uitgevoerd. U moet deze installatie voltooien als u door wilt gaan.(NULL)(NULL)(NULL)(NULL) Error: (06/30/2013 07:49:46 PM) (Source: MsiInstaller)(User: PCBENEDEN) Description: Product: QuickTime -- Fout 1500. Er wordt al een andere installatie uitgevoerd. U moet deze installatie voltooien als u door wilt gaan.(NULL)(NULL)(NULL)(NULL) Error: (06/30/2013 07:49:45 PM) (Source: MsiInstaller)(User: PCBENEDEN) Description: Product: QuickTime -- Fout 1500. Er wordt al een andere installatie uitgevoerd. U moet deze installatie voltooien als u door wilt gaan.(NULL)(NULL)(NULL)(NULL) ==================== Memory info =========================== Percentage of memory in use: 35% Total physical RAM: 1022.73 MB Available physical RAM: 661.01 MB Total Pagefile: 2459.2 MB Available Pagefile: 2159.61 MB Total Virtual: 2047.88 MB Available Virtual: 1953.7 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:120 GB) (Free:106.73 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive d: (Documenten) (Fixed) (Total:76.69 GB) (Free:69.16 GB) NTFS Drive e: (Backup) (Fixed) (Total:178.09 GB) (Free:157.21 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 77 GB) (Disk ID: B3605E91) Partition 1: (Active) - (Size=77 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 298 GB) (Disk ID: 43598D24) Partition 1: (Active) - (Size=120 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=178 GB) - (Type=07 NTFS) ==================== End Of Log ============================
Link naar reactie
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Installeer dan nu eerst Avast 8 - de beste gratis antivirussoftware die er is en met zelfs een iets betere virusherkenning dan Eset! http://www.chip.de/downloads/avast-Free-Antivirus_13010163.html [b:fe3d4adf3d]Download[/b:fe3d4adf3d] [img:fe3d4adf3d]http://www.imgdumper.nl/uploads7/51f51523a2765/51f51523a23a0-OTL_Canned_Nieuw.png[/img:fe3d4adf3d] [url=http://oldtimer.geekstogo.com/OTL.exe][b:fe3d4adf3d]OTL.exe[/b:fe3d4adf3d][/url] [b:fe3d4adf3d]Downloadlokatie[/b:fe3d4adf3d]: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen! [b:fe3d4adf3d]Sluit voordat OTL.exe gaat scannen, eerst alle andere openstaande vensters![/b:fe3d4adf3d] [b:fe3d4adf3d]OTL.exe gebruiken[/b:fe3d4adf3d]: [b:fe3d4adf3d]Sluit voordat OTL.exe gaat scannen, eerst alle andere openstaande vensters![/b:fe3d4adf3d] [list:fe3d4adf3d][*:fe3d4adf3d][b:fe3d4adf3d][color=#0000FF:fe3d4adf3d]Windows 2000[/color:fe3d4adf3d][/b:fe3d4adf3d] en [color=#0000FF:fe3d4adf3d][b:fe3d4adf3d]Windows XP[/b:fe3d4adf3d][/color:fe3d4adf3d]: dubbelklik op [b:fe3d4adf3d]OTL.exe[/b:fe3d4adf3d]. [*:fe3d4adf3d][color=#0000FF:fe3d4adf3d][b:fe3d4adf3d]Windows Vista[/b:fe3d4adf3d][/color:fe3d4adf3d], [color=#0000FF:fe3d4adf3d][b:fe3d4adf3d]Windows 7[/b:fe3d4adf3d][/color:fe3d4adf3d] en [color=#0000FF:fe3d4adf3d][b:fe3d4adf3d]Windows 8[/b:fe3d4adf3d][/color:fe3d4adf3d]: via rechtsklik op [b:fe3d4adf3d]OTL.exe[/b:fe3d4adf3d] en kies voor "Als Administrator uitvoeren".[/list:u:fe3d4adf3d] [list:fe3d4adf3d][*:fe3d4adf3d]Zet een vinkje bij [b:fe3d4adf3d]Scan All Users[/b:fe3d4adf3d], [b:fe3d4adf3d]LOP Check[/b:fe3d4adf3d] en bij [b:fe3d4adf3d]PURITY Check[/b:fe3d4adf3d]. [*:fe3d4adf3d]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef. [*:fe3d4adf3d]Klik vervolgens op de knop [img:fe3d4adf3d]http://www.imgdumper.nl/uploads6/50cd93c69c626/50cd93c69be5b-OTL_-_Run_Scan_knop.jpg[/img:fe3d4adf3d]. [*:fe3d4adf3d]De scan zal niet heel erg lang duren. [list:fe3d4adf3d][*:fe3d4adf3d]Er zal nu enkel één Kladblok-venster geopend worden wanneer de scan klaar is: [b:fe3d4adf3d]OTL.Txt[/b:fe3d4adf3d]. [*:fe3d4adf3d][b:fe3d4adf3d]Extras.txt[/b:fe3d4adf3d] wordt nu niet meer aangemaakt. [*:fe3d4adf3d]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:fe3d4adf3d][/list:u:fe3d4adf3d] [b:fe3d4adf3d][color=#008000:fe3d4adf3d]Notabene:[/color:fe3d4adf3d][color=#FF0000:fe3d4adf3d] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/color:fe3d4adf3d][/b:fe3d4adf3d] [b:fe3d4adf3d][color=#008000:fe3d4adf3d]Notabene 2:[/color:fe3d4adf3d][color=#FF0000:fe3d4adf3d] Wanneer je een groot log post van bijv. OTL, dan heb je snel de neiging nogmaals op de knop te drukken, omdat het duurt.[/color:fe3d4adf3d][/b:fe3d4adf3d] Doordat de forum software even tijd nodig heeft zo'n groot log klaar te maken kan het dus even duren, voordat je resultaat krijgt en ziet. Heb je dan nogmaals op de nop geklikt, dan wordt het bericht dus nogmaals gepost!
Link naar reactie
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Done. Pc wordt wel fors trager van Avast... OTL logfile created on: 29-8-2013 17:11:16 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Rikie\Bureaublad Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 1022,73 Mb Total Physical Memory | 569,99 Mb Available Physical Memory | 55,73% Memory free 2,40 Gb Paging File | 2,03 Gb Available in Paging File | 84,69% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 120,00 Gb Total Space | 105,90 Gb Free Space | 88,25% Space Free | Partition Type: NTFS Drive D: | 76,69 Gb Total Space | 69,16 Gb Free Space | 90,17% Space Free | Partition Type: NTFS Drive E: | 178,09 Gb Total Space | 157,21 Gb Free Space | 88,28% Space Free | Partition Type: NTFS Computer Name: PCBENEDEN | User Name: Rikie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:09f1ac9b69]========== Processes (SafeList) ==========[/color:09f1ac9b69] PRC - [2013-08-29 17:10:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rikie\Bureaublad\OTL.exe PRC - [2013-06-08 20:36:24 | 000,202,576 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe PRC - [2013-06-08 20:36:05 | 000,375,120 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe PRC - [2013-05-09 10:58:35 | 006,583,664 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Setup\avast.setup PRC - [2013-05-09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-10-08 17:04:18 | 000,166,912 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2011-11-11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011-01-11 19:04:04 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe PRC - [2011-01-11 19:04:04 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe PRC - [2008-08-29 15:20:56 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2008-04-15 14:00:00 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-12-08 17:23:26 | 003,035,136 | ---- | M] (http://atitool.techpowerup.com) -- C:\Program Files\ATITool\ATITool.exe PRC - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [color=#E56717:09f1ac9b69]========== Modules (No Company Name) ==========[/color:09f1ac9b69] MOD - [2013-08-12 11:18:22 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2013-08-12 11:18:22 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2013-08-12 11:18:22 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2013-08-12 11:18:22 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2013-08-12 11:18:22 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2013-08-12 11:18:22 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll MOD - [2013-08-12 11:18:22 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll MOD - [2013-08-12 11:18:22 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll MOD - [2013-08-12 11:18:22 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll MOD - [2013-08-12 11:18:21 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:21 | 000,286,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Dashboard\2.0.3693.42470__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:21 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:21 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:21 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2013-08-12 11:18:21 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:21 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2013-08-12 11:18:21 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll MOD - [2013-08-12 11:18:21 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Runtime\2.0.3693.42470__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Runtime.dll MOD - [2013-08-12 11:18:20 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:20 | 000,479,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Dashboard\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:20 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2013-08-12 11:18:20 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:20 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:20 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2013-08-12 11:18:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Runtime\2.0.3693.42471__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Runtime.dll MOD - [2013-08-12 11:18:19 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:19 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:19 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:19 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:19 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:19 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2013-08-12 11:18:19 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2013-08-12 11:18:19 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2013-08-12 11:18:19 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2013-08-12 11:18:19 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2013-08-12 11:18:19 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2013-08-12 11:18:19 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2013-08-12 11:18:19 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2013-08-12 11:18:19 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2013-08-12 11:18:19 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2013-08-12 11:18:19 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2013-08-12 11:18:19 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2013-08-12 11:18:19 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2013-08-12 11:18:19 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2013-08-12 11:18:18 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll MOD - [2013-08-12 11:18:18 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2013-08-12 11:18:18 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2013-08-12 11:18:18 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2013-08-12 11:18:18 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2013-08-12 11:18:18 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll MOD - [2013-08-12 11:18:18 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2013-08-12 11:18:18 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2013-08-12 11:18:18 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Shared.dll MOD - [2013-08-12 11:18:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2013-08-12 11:18:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2013-08-12 11:18:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2013-08-12 11:18:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2013-08-12 11:18:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2013-08-12 11:18:18 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2013-08-12 11:18:17 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll MOD - [2013-08-12 11:18:17 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2013-08-12 11:18:17 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2013-08-12 11:18:17 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll MOD - [2013-08-12 11:18:17 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2013-08-12 11:18:16 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2013-08-12 11:18:16 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2013-08-12 11:18:16 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll MOD - [2013-08-12 11:18:16 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2013-08-12 11:18:16 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2013-08-12 11:18:16 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2013-08-12 11:18:16 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2013-08-12 11:18:16 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2013-08-12 11:18:16 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2013-08-12 11:18:16 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2013-08-12 11:18:16 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2013-08-12 11:18:16 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2013-08-12 11:18:16 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2013-08-12 11:18:16 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MOD - [2013-08-12 11:18:16 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll MOD - [2013-08-12 11:18:16 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2013-08-12 11:18:15 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2013-08-12 11:18:15 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll MOD - [2013-08-12 11:18:15 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll MOD - [2013-08-12 11:18:15 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll MOD - [2013-08-12 11:18:15 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2013-08-12 11:18:15 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2013-08-12 11:18:15 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll MOD - [2013-08-12 11:18:15 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2013-08-12 11:18:15 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2013-05-09 10:58:25 | 000,240,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\Setup\setiface.dll MOD - [2013-05-09 10:49:30 | 002,085,376 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13050900\algo.dll MOD - [2012-10-08 17:04:18 | 000,166,912 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe MOD - [2012-08-06 23:16:51 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll MOD - [2012-08-06 23:14:48 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll MOD - [2012-08-06 23:06:20 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MOD - [2012-08-06 23:03:28 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2012-08-06 23:02:58 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll MOD - [2012-08-06 23:00:45 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll MOD - [2012-08-06 23:00:22 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MOD - [2012-08-06 22:56:50 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MOD - [2012-08-06 22:56:32 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MOD - [2011-11-11 14:08:18 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll MOD - [2011-11-11 14:08:18 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll MOD - [2011-11-11 14:08:18 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll MOD - [2011-11-11 14:08:18 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll MOD - [2011-11-11 14:08:06 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll MOD - [2011-07-24 20:41:15 | 000,446,464 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_nl_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2011-07-24 20:41:14 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll MOD - [2009-11-24 13:36:36 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2007-06-22 00:26:24 | 000,174,592 | ---- | M] () -- C:\Program Files\ATITool\ATIToolHooks.dll [color=#E56717:09f1ac9b69]========== Services (SafeList) ==========[/color:09f1ac9b69] SRV - [2013-08-11 15:24:12 | 000,119,208 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-06-08 20:36:24 | 000,202,576 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint) SRV - [2013-06-08 20:36:05 | 000,375,120 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012-11-09 12:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-10-08 17:04:18 | 000,166,912 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2011-01-11 19:04:04 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn) SRV - [2008-08-29 15:20:56 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default) [color=#E56717:09f1ac9b69]========== Driver Services (SafeList) ==========[/color:09f1ac9b69] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Rikie\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a0ketgo8) DRV - [2013-08-29 16:58:06 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013-08-29 16:58:06 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013-08-29 16:58:06 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013-06-08 20:36:07 | 000,086,888 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2013-06-02 22:50:31 | 000,013,624 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo) DRV - [2013-05-09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013-05-09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013-05-09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013-05-09 10:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2013-05-09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012-10-08 17:04:18 | 000,021,248 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot) DRV - [2012-01-18 08:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2011-07-24 19:02:52 | 000,682,232 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2011-01-11 19:04:04 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2010-02-11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-06-10 09:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32) DRV - [2009-05-01 00:55:56 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) DRV - [2009-05-01 00:55:32 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter) DRV - [2007-12-06 09:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2006-11-10 15:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool) DRV - [2003-10-31 12:22:38 | 000,077,312 | R--- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\viasraid.sys -- (viasraid) DRV - [2003-07-02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1) [color=#E56717:09f1ac9b69]========== Standard Registry (SafeList) ==========[/color:09f1ac9b69] [color=#E56717:09f1ac9b69]========== Internet Explorer ==========[/color:09f1ac9b69] IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-790525478-879983540-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:09f1ac9b69]========== FireFox ==========[/color:09f1ac9b69] FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.startup.homepage: "http://www.google.nl/" FF - prefs.js..extensions.enabledAddons: LogMeInClient%40logmein.com:1.0.0.1024 FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-29 16:57:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-08-15 15:41:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-07-23 20:41:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rikie\Application Data\Mozilla\Extensions [2013-07-31 18:35:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rikie\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\extensions [2013-06-22 09:46:43 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Rikie\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\extensions\LogMeInClient@logmein.com [2013-07-31 18:35:45 | 000,824,302 | ---- | M] () (No name found) -- C:\Documents and Settings\Rikie\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-15 15:41:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013-08-15 15:41:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013-08-17 15:37:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013-08-15 13:12:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions [2013-08-15 13:12:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013-08-29 16:57:51 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [color=#E56717:09f1ac9b69]========== Chrome ==========[/color:09f1ac9b69] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www.google.nl/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.57\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - Extension: Google Drive = C:\Documents and Settings\Rikie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: YouTube = C:\Documents and Settings\Rikie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Zoeken = C:\Documents and Settings\Rikie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Gmail = C:\Documents and Settings\Rikie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013-08-27 19:04:06 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ATITool] C:\Program Files\ATITool\ATITool.exe (http://atitool.techpowerup.com) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [PtiuPbmd] C:\WINDOWS\System32\ptipbm.dll (Promise Technology,Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\.DEFAULT..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe () O4 - HKU\S-1-5-18..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-790525478-879983540-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-790525478-879983540-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-790525478-879983540-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-790525478-879983540-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1311443915156 (WUWebControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.35.25 212.54.40.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AEF861B3-C2A0-4CDB-A15F-B3B193C142F0}: DhcpNameServer = 212.54.35.25 212.54.40.25 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Rikie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rikie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-07-23 18:38:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717:09f1ac9b69]========== Files/Folders - Created Within 30 Days ==========[/color:09f1ac9b69] [2013-08-29 17:10:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rikie\Bureaublad\OTL.exe [2013-08-29 16:58:03 | 000,770,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2013-08-29 16:58:03 | 000,369,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2013-08-29 16:58:03 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys [2013-08-29 16:58:03 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2013-08-29 16:58:03 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2013-08-29 16:58:03 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2013-08-29 16:58:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\avast! Free Antivirus [2013-08-29 16:58:02 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2013-08-29 16:57:22 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2013-08-29 16:56:55 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013-08-29 16:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2013-08-28 15:02:16 | 000,000,000 | ---D | C] -- C:\FRST [2013-08-27 19:05:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2013-08-27 18:59:17 | 000,000,000 | RHSD | C] -- C:\cmdcons [2013-08-27 18:58:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2013-08-27 18:58:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2013-08-27 18:58:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2013-08-27 18:58:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2013-08-27 18:58:17 | 000,000,000 | ---D | C] -- C:\Qoobox [2013-08-27 18:56:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt [2013-08-26 15:29:30 | 000,000,000 | ---D | C] -- C:\_OTL [2013-08-22 11:05:28 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2013-08-22 11:05:19 | 002,347,384 | ---- | C] (ESET) -- C:\Documents and Settings\Rikie\Bureaublad\esetsmartinstaller_enu.exe [2013-08-15 15:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013-08-15 15:39:03 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2013-08-15 13:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013-08-13 17:47:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2013-08-12 13:09:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rikie\Application Data\Malwarebytes [2013-08-12 13:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware [2013-08-12 13:09:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2013-08-12 13:09:48 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013-08-12 13:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013-08-12 13:02:40 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-08-12 13:02:40 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-08-12 12:33:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome [2013-08-12 11:57:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2013-08-12 11:19:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rikie\Local Settings\Application Data\ATI [2013-08-12 11:19:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rikie\Application Data\ATI [2013-08-12 11:19:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI [2013-08-12 11:18:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Catalyst Control Center [color=#E56717:09f1ac9b69]========== Files - Modified Within 30 Days ==========[/color:09f1ac9b69] [2013-08-29 17:10:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rikie\Bureaublad\OTL.exe [2013-08-29 17:03:13 | 000,000,314 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013-08-29 17:02:53 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-08-29 17:02:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-08-29 16:58:06 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2013-08-29 16:58:06 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2013-08-29 16:58:06 | 000,175,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys [2013-08-29 16:58:06 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum [2013-08-29 16:58:06 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum [2013-08-29 16:58:06 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum [2013-08-29 16:58:03 | 000,002,845 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2013-08-29 16:58:03 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\avast! Free Antivirus.lnk [2013-08-28 18:38:00 | 000,001,042 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-08-28 17:05:12 | 000,003,181 | ---- | M] () -- C:\Documents and Settings\Rikie\intlname.ols [2013-08-27 19:04:06 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2013-08-27 18:59:20 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2013-08-26 17:00:28 | 000,001,988 | -H-- | M] () -- D:\Documenten\Rikie\Default.rdp [2013-08-22 11:05:19 | 002,347,384 | ---- | M] (ESET) -- C:\Documents and Settings\Rikie\Bureaublad\esetsmartinstaller_enu.exe [2013-08-20 16:01:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013-08-17 15:38:15 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Rikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2013-08-17 15:38:07 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Mozilla Firefox.lnk [2013-08-16 16:21:21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-08-12 13:09:50 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk [2013-08-12 13:02:40 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-08-12 13:02:40 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-08-12 12:53:30 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Rikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013-08-05 17:08:30 | 000,002,523 | ---- | M] () -- C:\Documents and Settings\Rikie\Bureaublad\Microsoft Office Word 2003.lnk [color=#E56717:09f1ac9b69]========== Files Created - No Company Name ==========[/color:09f1ac9b69] [2013-08-29 16:58:06 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum [2013-08-29 16:58:06 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum [2013-08-29 16:58:06 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum [2013-08-29 16:58:03 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys [2013-08-29 16:58:03 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys [2013-08-29 16:58:03 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\avast! Free Antivirus.lnk [2013-08-29 16:58:03 | 000,000,314 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013-08-27 18:59:20 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2013-08-27 18:59:18 | 000,261,936 | RHS- | C] () -- C:\cmldr [2013-08-27 18:58:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2013-08-27 18:58:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2013-08-27 18:58:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2013-08-27 18:58:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2013-08-27 18:58:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2013-08-12 13:09:50 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk [2013-08-12 12:33:57 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Rikie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013-08-12 12:33:31 | 000,001,042 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-08-12 12:33:31 | 000,001,038 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-08-06 22:32:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-08-05 17:57:07 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Rikie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-08-01 20:34:18 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2011-07-25 18:39:25 | 000,003,181 | ---- | C] () -- C:\Documents and Settings\Rikie\intlname.ols [color=#E56717:09f1ac9b69]========== ZeroAccess Check ==========[/color:09f1ac9b69] [2011-07-24 20:39:49 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-15 14:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-02-09 12:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-15 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717:09f1ac9b69]========== LOP Check ==========[/color:09f1ac9b69] [2013-08-29 16:56:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2013-06-25 11:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HTC [2011-07-24 19:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe [2013-08-29 16:44:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn [2013-06-27 14:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer [2013-03-19 21:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rikie\Application Data\Belastingdienst [2012-07-09 21:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rikie\Application Data\ImgBurn [2012-08-01 20:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rikie\Application Data\Leadertech [color=#E56717:09f1ac9b69]========== Purity Check ==========[/color:09f1ac9b69] < End of report >
Link naar reactie
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
ComboFix 13-08-31.01 - Rikie 01-09-2013 20:03:00.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1023.585 [GMT 2:00] Gestart vanuit: c:\documents and settings\Rikie\Bureaublad\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((( Bestanden Gemaakt van 2013-08-01 to 2013-09-01 )))))))))))))))))))))))))))))) . . 2013-08-29 14:58 . 2013-08-29 14:58 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-08-29 14:58 . 2013-08-29 14:58 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-08-29 14:58 . 2013-08-29 14:58 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-08-29 14:58 . 2013-05-09 08:59 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-08-29 14:58 . 2013-05-09 08:59 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-08-29 14:58 . 2013-05-09 08:59 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-08-29 14:58 . 2013-05-09 08:59 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2013-08-29 14:58 . 2013-05-09 08:59 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-08-29 14:58 . 2013-05-09 08:58 229648 ----a-w- c:\windows\system32\aswBoot.exe 2013-08-29 14:57 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr 2013-08-29 14:56 . 2013-08-29 14:56 -------- d-----w- c:\program files\AVAST Software 2013-08-29 14:55 . 2013-08-29 14:56 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software 2013-08-28 13:02 . 2013-08-28 13:02 -------- d-----w- C:\FRST 2013-08-26 13:29 . 2013-08-26 13:29 -------- d-----w- C:\_OTL 2013-08-22 09:05 . 2013-08-22 09:05 -------- d-----w- c:\program files\ESET 2013-08-15 13:42 . 2013-08-15 13:42 -------- d-----w- c:\windows\system32\wbem\Repository 2013-08-15 13:39 . 2013-08-15 13:39 -------- d-----w- C:\TDSSKiller_Quarantine 2013-08-15 11:10 . 2013-08-15 11:10 -------- d-----w- c:\program files\Common Files\Java 2013-08-13 15:47 . 2013-08-13 15:47 -------- d-----w- c:\windows\ERUNT 2013-08-12 11:09 . 2013-08-12 11:09 -------- d-----w- c:\documents and settings\Rikie\Application Data\Malwarebytes 2013-08-12 11:09 . 2013-08-12 11:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2013-08-12 11:09 . 2013-08-12 11:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-08-12 11:09 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-08-12 11:02 . 2013-08-12 11:02 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-08-12 11:02 . 2013-08-12 11:02 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-08-12 09:57 . 2013-08-12 09:57 -------- d-----w- c:\windows\system32\Macromed 2013-08-12 09:19 . 2013-08-12 09:19 -------- d-----w- c:\documents and settings\Rikie\Local Settings\Application Data\ATI 2013-08-12 09:19 . 2013-08-12 09:19 -------- d-----w- c:\documents and settings\Rikie\Application Data\ATI 2013-08-12 09:19 . 2013-08-12 09:19 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI 2013-08-12 09:17 . 2013-08-12 09:17 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll 2013-08-12 09:17 . 2003-11-10 16:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll 2013-08-12 09:17 . 2003-11-10 16:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll 2013-08-12 09:17 . 2003-11-10 16:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll 2013-08-12 09:17 . 2003-11-10 16:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll 2013-08-12 09:17 . 2003-11-10 16:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe 2013-08-12 09:17 . 2013-08-12 09:17 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-08 18:36 . 2011-07-24 17:21 86888 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2013-06-08 18:36 . 2011-07-24 17:21 53064 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll 2013-06-08 18:36 . 2011-07-24 17:21 31560 ----a-w- c:\windows\system32\LMIport.dll 2013-06-08 18:36 . 2011-07-24 17:20 92488 ----a-w- c:\windows\system32\LMIinit.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2011-07-23 . 497BEF5C5FAD126CA16437C1682F64EA . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATITool"="c:\program files\ATITool\ATITool.exe" [2006-12-08 3035136] "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2011-01-11 63048] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336] "PtiuPbmd"="ptipbm.dll" [2003-01-15 24576] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2012-01-18 465944] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Statusvenster.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe Brother DCP-115C /STARTUP [2011-7-24 802816] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit] 2013-06-08 18:36 92488 ----a-w- c:\windows\system32\LMIinit.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0] 2005-07-19 10:36 933888 -c----w- c:\program files\Brother\ControlCenter2\brctrcen.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] 2007-04-03 22:29 165784 ----a-w- c:\program files\DAEMON Tools\daemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-03-21 18:56 1230704 -c--a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2008-06-09 08:16 2363392 -c--a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2013-05-01 01:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt] 2005-01-26 16:02 49152 -c----w- c:\program files\Brother\Brmfl05a\BrStDvPt.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"= "c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [29-8-2013 16:58 49376] R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [29-8-2013 16:58 175176] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24-7-2011 19:02 682232] R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [23-7-2011 18:11 77312] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [29-8-2013 16:58 770344] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [29-8-2013 16:58 369584] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29-8-2013 16:58 29816] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [29-8-2013 16:58 66336] R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [6-7-2011 16:32 375120] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [11-1-2011 19:04 13624] R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [8-10-2012 17:04 166912] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [9-11-2012 12:21 160944] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [25-6-2013 11:19 24576] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [8-10-2012 17:04 21248] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-08-31 08:38 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-08-20 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2013-09-01 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-29 08:58] . 2013-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 10:33] . 2013-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 10:33] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.35.25 212.54.40.25 FF - ProfilePath - c:\documents and settings\Rikie\Application Data\Mozilla\Firefox\Profiles\s7l43y5d.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - ExtSQL: 2013-08-29 16:57; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-09-01 20:09 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info] @Denied: (2) (LocalSystem) @SACL= "AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET NOD32 Antivirus\\" "DataDir"="ESET\\ESET NOD32 Antivirus\\" "EditionName"=" " "InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\" "LanguageId"=dword:00000413 "PackageTag"=dword:6090e758 "ProductBase"=dword:00000000 "ProductCode"="{C8867FA8-526F-4C5A-BCE4-1FB33B637A9B}" "ProductName"="ESET NOD32 Antivirus" "ProductType"="eav" "ProductVersion"="4.2.64.12" "UniqueId"="0002C72E4E2C6BE5" "ScannerBuild"=dword:00001dd3 "ScannerVersionId"=dword:000014f0 "ScannerVersion"="Locked/open ESET for status." . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–¤|ÿÿÿÿ¤•¤|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(812) c:\windows\system32\Ati2evxx.dll c:\windows\system32\LMIinit.dll c:\windows\system32\LMIRfsClientNP.dll . - - - - - - - > 'explorer.exe'(3232) c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2013-09-01 20:10:59 ComboFix-quarantined-files.txt 2013-09-01 18:10 ComboFix2.txt 2013-08-27 17:05 . Pre-Run: 112.946.573.312 bytes beschikbaar Post-Run: 112.951.980.032 bytes beschikbaar . - - End Of File - - 8FFA1BD956824DC3BE5D733F27E2A408 3051207086651214E435112E51817DC5 [b:b4e029e245]Ter info: ik vertrek morgenmiddag voor 3 maanden naar het buitenland. Het kan dus zijn dat ik een tijd niet reageer, maar ik zal na terugkomst dit topic weer oppakken. Het moet tenslotte opgelost worden... Voor zover bedankt voor de hulp![/b:b4e029e245]
Link naar reactie

Om een reactie te plaatsen, moet je eerst inloggen

Gast
Reageer op dit topic

×   Geplakt als verrijkte tekst.   Herstel opmaak

  Er zijn maximaal 75 emoji toegestaan.

×   Je link werd automatisch ingevoegd.   Tonen als normale link

×   Je vorige inhoud werd hersteld.   Leeg de tekstverwerker

×   Je kunt afbeeldingen niet direct plakken. Upload of voeg afbeeldingen vanaf een URL in

×
Ga naar topic overzicht
×
×
  • Nieuwe aanmaken...