youssie070

Lid

Bekijk profiel Bekijk hun activiteit

Items
46
Registratiedatum
21 januari 2012
Laatst bezocht
26 maart 2012

Inhoudstype

Alle activiteit

Profielen

Forums

Store

Product Reviews

Alles dat geplaatst werd door youssie070

Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

harstikke bedankt de probleem is verholpen maar ik vind dat de pc nu een beetje traag opstart kan dat aan de programma's liggen die ik heb gedownload??
- 24 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

Logfile of random's system information tool 1.09 (written by random/random) Run by Manuela at 2012-01-24 14:29:00 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 416 GB (90%) free of 463 GB Total RAM: 3956 MB (64% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:29:03, on 24-1-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\Downloads\RSIT.exe C:\Program Files (x86)\trend micro\Manuela.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9802 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job C:\Windows\tasks\HP Photo Creations Communicator.job C:\Windows\tasks\hpwebreg_xxxxxxxxxx.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608] "SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-02-01 337264] "EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512] "EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2009-12-25 401192] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-05 283160] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584] "AutoStartNPSAgent"=C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2011-07-08 102400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2010-11-20 229376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "msacm.siren"=sirenacm.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2012-01-24 14:24:27 ----SHD---- C:\$RECYCLE.BIN 2012-01-24 14:23:19 ----A---- C:\ComboFix.txt 2012-01-24 12:52:25 ----A---- C:\Windows\NIRCMD.exe 2012-01-23 12:09:38 ----A---- C:\TDSSKiller.2.7.6.0_23.01.2012_12.09.38_log.txt 2012-01-23 12:08:36 ----A---- C:\TDSSKiller.2.7.6.0_23.01.2012_12.08.36_log.txt 2012-01-23 12:06:28 ----D---- C:\Users\Manuela\AppData\Roaming\WinRAR 2012-01-23 12:06:19 ----D---- C:\Program Files (x86)\WinRAR 2012-01-22 12:57:11 ----A---- C:\Windows\zip.exe 2012-01-22 12:57:11 ----A---- C:\Windows\SWSC.exe 2012-01-22 12:57:11 ----A---- C:\Windows\SWREG.exe 2012-01-22 12:57:11 ----A---- C:\Windows\sed.exe 2012-01-22 12:57:11 ----A---- C:\Windows\PEV.exe 2012-01-22 12:57:11 ----A---- C:\Windows\MBR.exe 2012-01-22 12:57:11 ----A---- C:\Windows\grep.exe 2012-01-22 12:57:02 ----D---- C:\Windows\ERDNT 2012-01-22 12:56:56 ----D---- C:\Qoobox 2012-01-21 21:41:39 ----D---- C:\rsit 2012-01-21 21:14:01 ----D---- C:\Program Files (x86)\Trend Micro 2012-01-21 15:34:54 ----D---- C:\Users\Manuela\AppData\Roaming\Malwarebytes 2012-01-21 15:34:49 ----D---- C:\ProgramData\Malwarebytes 2012-01-21 15:07:22 ----D---- C:\ProgramData\HP Photo Creations 2012-01-21 15:07:22 ----D---- C:\Program Files (x86)\HP Photo Creations 2012-01-21 15:07:10 ----D---- C:\Users\Manuela\AppData\Roaming\HpUpdate 2012-01-21 15:06:55 ----D---- C:\ProgramData\HP 2012-01-21 15:06:32 ----D---- C:\Program Files (x86)\HP 2012-01-13 17:42:40 ----D---- C:\Users\Manuela\AppData\Roaming\Need for Speed World 2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll 2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll 2012-01-13 16:55:43 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll 2012-01-13 16:55:42 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll 2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll 2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll 2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll 2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll 2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll 2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll 2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll 2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll 2012-01-13 16:55:37 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll 2012-01-13 16:55:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll 2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll 2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll 2012-01-13 16:55:30 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll 2012-01-13 16:55:28 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll 2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll 2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll 2012-01-13 16:55:25 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll 2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll 2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll 2012-01-13 16:55:22 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll 2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll 2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll 2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll 2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll 2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll 2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll 2012-01-13 16:55:19 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll 2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll 2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll 2012-01-13 16:55:17 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll 2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll 2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll 2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll 2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll 2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll 2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll 2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll 2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll 2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll 2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll 2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll 2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll 2012-01-13 16:55:10 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll 2012-01-13 16:55:09 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll 2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll 2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll 2012-01-13 16:55:07 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll 2012-01-13 16:55:06 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll 2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll 2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll 2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll 2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll 2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll 2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll 2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll 2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\xinput1_3.dll 2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll 2012-01-13 16:55:00 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll 2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll 2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll 2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll 2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll 2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll 2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\d3dx10.dll 2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll 2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll 2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll 2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xinput1_2.dll 2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll 2012-01-13 16:54:53 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll 2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xinput1_1.dll 2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll 2012-01-13 16:54:42 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll 2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll 2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll 2012-01-13 16:54:37 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll 2012-01-13 16:54:36 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll 2012-01-13 16:54:34 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll 2012-01-13 16:54:33 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll 2012-01-13 16:54:32 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll 2012-01-13 16:54:31 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll 2012-01-13 16:49:04 ----HD---- C:\Windows\msdownld.tmp 2012-01-13 16:49:04 ----D---- C:\Windows\SysWOW64\directx 2012-01-13 15:39:00 ----D---- C:\ProgramData\Premium 2012-01-13 15:38:58 ----D---- C:\ProgramData\InstallMate 2012-01-12 21:25:51 ----D---- C:\ProgramData\tmp 2012-01-12 21:25:50 ----D---- C:\ProgramData\hps 2012-01-12 21:20:55 ----D---- C:\Program Files (x86)\Fotoservice 2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\quartz.dll 2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\qdvd.dll 2012-01-12 20:18:52 ----A---- C:\Windows\SysWOW64\jscript.dll 2012-01-12 20:18:50 ----A---- C:\Windows\SysWOW64\ntdll.dll 2012-01-12 20:18:48 ----A---- C:\Windows\SysWOW64\packager.dll ======List of files/folders modified in the last 1 month====== 2012-01-24 14:29:02 ----D---- C:\Windows\Temp 2012-01-24 14:15:39 ----D---- C:\Windows 2012-01-24 14:15:39 ----A---- C:\Windows\system.ini 2012-01-24 14:13:48 ----A---- C:\Windows\SysWOW64\log.txt 2012-01-24 14:11:53 ----RD---- C:\Program Files (x86) 2012-01-24 14:11:53 ----D---- C:\ProgramData 2012-01-24 14:08:00 ----D---- C:\Windows\SysWOW64\drivers 2012-01-24 14:08:00 ----D---- C:\Windows\SysWOW64 2012-01-24 14:08:00 ----D---- C:\Windows\System32 2012-01-24 14:08:00 ----D---- C:\Windows\AppPatch 2012-01-24 14:07:56 ----D---- C:\Program Files (x86)\Common Files 2012-01-24 12:51:27 ----SHD---- C:\System Volume Information 2012-01-23 20:45:56 ----D---- C:\Windows\inf 2012-01-23 00:21:25 ----SD---- C:\ProgramData\Microsoft 2012-01-22 21:43:39 ----SHD---- C:\Windows\Installer 2012-01-22 21:43:38 ----SD---- C:\Users\Manuela\AppData\Roaming\Microsoft 2012-01-22 20:18:34 ----D---- C:\Users\Manuela\AppData\Roaming\Liteon 2012-01-21 15:29:55 ----D---- C:\Windows\Tasks 2012-01-21 15:06:32 ----D---- C:\Windows\twain_32 2012-01-21 15:06:07 ----RD---- C:\Program Files 2012-01-21 12:01:16 ----D---- C:\Windows\Microsoft.NET 2012-01-21 12:01:14 ----RSD---- C:\Windows\assembly 2012-01-21 10:36:44 ----D---- C:\Windows\winsxs 2012-01-21 02:47:11 ----D---- C:\ProgramData\DivX 2012-01-21 02:47:05 ----D---- C:\Program Files (x86)\DivX 2012-01-21 02:47:00 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine 2012-01-21 02:44:58 ----D---- C:\Users\Manuela\AppData\Roaming\DivX 2012-01-13 15:47:12 ----D---- C:\Program Files (x86)\Google 2012-01-13 15:46:44 ----D---- C:\Program Files (x86)\Microsoft 2012-01-12 22:02:18 ----D---- C:\Windows\ehome 2012-01-12 21:54:15 ----D---- C:\ProgramData\Microsoft Help 2011-12-29 21:47:19 ----D---- C:\Windows\SysWOW64\migration 2011-12-29 21:47:19 ----D---- C:\Program Files (x86)\Internet Explorer 2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\nl-NL 2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\fr-FR 2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\en-US ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [] R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [] R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2011-07-08 16392] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360] R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-03 268824] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] -----------------EOF-----------------
- 24 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

ComboFix 12-01-23.02 - Manuela 24-01-2012 14:04:43.4.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3956.2532 [GMT 1:00] Gestart vanuit: c:\users\Manuela\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Manuela\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "C:\user.js" "c:\windows\msdownld.tmp" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\BrowserCompanion c:\program files (x86)\BrowserCompanion\BCHelper.exe c:\program files (x86)\BrowserCompanion\blabbers-ch.crx c:\program files (x86)\BrowserCompanion\logo.ico c:\program files (x86)\Conduit c:\program files (x86)\Conduit\Community Alerts\Alert.dll c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}.native.bitness.log c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}.native.data.log c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}.native.elements.log c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}.native.weight.log c:\programdata\Babylon C:\user.js c:\users\Manuela\AppData\Local\Babylon c:\users\Manuela\AppData\Local\Babylon\Setup\bab033.tbinst.dat c:\users\Manuela\AppData\Local\Babylon\Setup\bab091.norecovericon.dat c:\users\Manuela\AppData\Local\Babylon\Setup\Babylon.dat c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\common.js c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\eula.html c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\page2.css c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\page2.html c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\page2.js c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\page2Lrg.css c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\page9.html c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\pBar.gif c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\title2.png c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\toolBar.jpg c:\users\Manuela\AppData\Local\Babylon\Setup\Setup-tbmntr903-9.0.3.19.zpb c:\users\Manuela\AppData\Local\Babylon\Setup\Setup.exe c:\users\Manuela\AppData\Local\Babylon\Setup\SetupStrings.dat c:\users\Manuela\AppData\Local\Babylon\Setup\sqlite3.dll c:\users\Manuela\AppData\Local\Conduit c:\users\Manuela\AppData\Roaming\Babylon c:\users\Manuela\AppData\Roaming\Babylon\log_file.txt . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-24 to 2012-01-24 )))))))))))))))))))))))))))))) . . 2012-01-24 13:12 . 2012-01-24 13:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-24 11:51 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ACC7CB0D-8D75-419D-930E-21CBF06D9683}\mpengine.dll 2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\users\Manuela\AppData\Roaming\Malwarebytes 2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\programdata\Malwarebytes 2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\programdata\HP Photo Creations 2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\program files (x86)\HP Photo Creations 2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\users\Manuela\AppData\Roaming\HpUpdate 2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\programdata\HP 2012-01-21 14:06 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\HP 2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\program files\HP 2012-01-21 14:05 . 2012-01-22 23:17 -------- d-----w- c:\users\Manuela\AppData\Local\HP 2012-01-14 13:13 . 2012-01-14 13:13 -------- d-----w- c:\users\Manuela\AppData\Local\ElevatedDiagnostics 2012-01-14 13:07 . 2012-01-14 13:07 -------- d-----w- c:\users\Manuela\AppData\Local\PackageAware 2012-01-13 16:42 . 2012-01-13 16:42 -------- d-----w- c:\users\Manuela\AppData\Roaming\Need for Speed World 2012-01-13 15:56 . 2012-01-13 15:56 -------- d-----w- c:\users\Manuela\AppData\Local\Electronic_Arts_Inc 2012-01-13 15:54 . 2007-03-15 15:57 506728 ----a-w- c:\windows\system32\d3dx10_33.dll 2012-01-13 15:49 . 2012-01-13 15:53 -------- d--h--w- c:\windows\msdownld.tmp 2012-01-13 14:39 . 2012-01-13 14:39 -------- d-----w- c:\programdata\Premium 2012-01-13 14:38 . 2012-01-13 14:39 -------- d-----w- c:\programdata\InstallMate 2012-01-12 20:25 . 2012-01-14 12:10 -------- d-----w- c:\programdata\tmp 2012-01-12 20:25 . 2012-01-12 20:25 -------- d-----w- c:\programdata\hps 2012-01-12 20:20 . 2012-01-20 22:20 -------- d-----w- c:\program files (x86)\Fotoservice 2012-01-12 19:18 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll 2012-01-12 19:18 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-01-12 19:18 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll 2012-01-12 19:18 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-01-12 19:18 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll 2012-01-12 19:18 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll 2012-01-12 19:18 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll 2012-01-12 19:18 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-28 18:01 . 2011-03-30 20:09 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2011-03-30 20:09 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-11-28 18:01 . 2011-03-30 19:51 256960 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:54 . 2011-07-09 11:48 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2011-03-30 20:09 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2011-03-30 20:09 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2011-03-30 20:09 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2011-03-30 20:09 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-11-28 17:51 . 2011-03-30 20:09 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-24 04:52 . 2011-12-23 19:39 3145216 ----a-w- c:\windows\system32\win32k.sys 2011-11-15 13:29 . 2011-02-24 20:18 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-11-05 05:41 . 2011-12-23 19:40 1188864 ----a-w- c:\windows\system32\wininet.dll 2011-11-05 05:32 . 2011-12-23 19:39 2048 ----a-w- c:\windows\system32\tzres.dll 2011-11-05 04:35 . 2011-12-23 19:40 981504 ----a-w- c:\windows\SysWow64\wininet.dll 2011-11-05 04:26 . 2011-12-23 19:39 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2011-11-05 03:32 . 2011-12-23 19:40 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-11-05 02:48 . 2011-12-23 19:40 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb . . ((((((((((((((((((((((((((((( SnapShot@2012-01-22_12.11.55 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-01-22 12:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-01-24 13:13 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-01-24 13:13 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-01-22 12:09 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-01-22 12:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-01-24 13:13 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-05-06 23:22 . 2012-01-24 13:16 60510 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-01-24 13:16 49596 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-02-12 16:07 . 2012-01-24 13:16 14790 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1300219434-4275829345-324095623-1000_UserData.bin + 2010-11-16 23:48 . 2010-11-16 23:48 42344 c:\windows\system32\spool\drivers\x64\3\hpvplui04.dll + 2009-07-14 05:30 . 2012-01-23 19:46 86016 c:\windows\system32\DriverStore\infpub.dat - 2009-07-14 05:30 . 2012-01-21 14:06 86016 c:\windows\system32\DriverStore\infpub.dat + 2009-07-14 00:35 . 2009-07-14 00:35 41984 c:\windows\system32\drivers\usbscan.sys + 2011-02-13 06:58 . 2012-01-22 23:22 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-02-13 06:58 . 2012-01-21 09:33 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-02-13 06:58 . 2012-01-21 09:33 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-02-13 06:58 . 2012-01-22 23:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-01-22 23:22 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-01-21 09:33 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-01-22 23:21 . 2012-01-24 12:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2012-01-22 23:21 . 2012-01-24 12:05 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2012-01-22 23:21 . 2012-01-24 12:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-02-12 16:09 . 2012-01-24 12:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-02-12 16:09 . 2012-01-22 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-02-12 16:09 . 2012-01-24 12:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-02-12 16:09 . 2012-01-22 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-01-22 23:20 . 2012-01-22 23:20 9560 c:\windows\system32\NetworkList\Icons\{5C720705-9974-4E99-9DC4-181213C7B520}_48.bin + 2012-01-22 23:20 . 2012-01-22 23:20 4280 c:\windows\system32\NetworkList\Icons\{5C720705-9974-4E99-9DC4-181213C7B520}_32.bin + 2012-01-22 23:20 . 2012-01-22 23:20 2456 c:\windows\system32\NetworkList\Icons\{5C720705-9974-4E99-9DC4-181213C7B520}_24.bin - 2012-01-22 12:09 . 2012-01-22 12:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-01-24 13:13 . 2012-01-24 13:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-01-24 13:13 . 2012-01-24 13:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-01-22 12:09 . 2012-01-22 12:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-02-12 16:44 . 2012-01-23 19:06 234418 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2010-11-16 23:48 . 2010-11-16 23:48 220520 c:\windows\system32\spool\drivers\x64\3\hpvplres04.dll + 2010-11-16 23:48 . 2010-11-16 23:48 538472 c:\windows\system32\spool\drivers\x64\3\hpvpldrv04.dll + 2010-11-16 23:48 . 2010-11-16 23:48 349032 c:\windows\system32\spool\drivers\x64\3\hpinksts8711LM.dll + 2010-11-16 23:48 . 2010-11-16 23:48 306024 c:\windows\system32\spool\drivers\x64\3\hpinksts8711.dll + 2010-11-16 23:48 . 2010-11-16 23:48 518504 c:\windows\system32\spool\drivers\x64\3\hpfime51.dll + 2010-11-16 23:48 . 2010-11-16 23:48 349032 c:\windows\system32\hpinksts8711LM.dll + 2010-11-16 23:48 . 2010-11-16 23:48 274792 c:\windows\system32\hpinkcoi8711.dll + 2009-07-14 05:30 . 2012-01-23 19:46 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:30 . 2012-01-21 14:06 143360 c:\windows\system32\DriverStore\infstrng.dat + 2012-01-22 23:21 . 2012-01-22 23:21 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat - 2009-07-14 05:01 . 2012-01-22 12:08 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-01-24 13:12 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2010-11-16 23:48 . 2010-11-16 23:48 2591080 c:\windows\system32\HPScanMiniDrv_DJ2050_510g.dll + 2012-01-22 20:42 . 2012-01-22 20:42 1402880 c:\windows\Installer\512acb.msi . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2011-07-08 102400] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696] "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264] "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512] "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x] R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520] R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2012-01-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job - c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12] . 2012-01-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job - c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12] . 2012-01-24 c:\windows\Tasks\HP Photo Creations Communicator.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2012-01-21 14:29] . 2012-01-21 c:\windows\Tasks\hpwebreg_xxxxxxxxxx.job - c:\program files\HP\HP Deskjet 2050 J510 series\Bin\hpwebreg.exe [2010-11-16 20:29] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584] "mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-11 9643552] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-04-23 861216] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_7741&r=27360211j306l04e8z1k5t4711p893 mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2012-01-24 14:23:17 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-24 13:23 ComboFix2.txt 2012-01-24 12:15 ComboFix3.txt 2012-01-22 14:27 ComboFix4.txt 2012-01-22 12:23 . Pre-Run: 435.864.850.432 bytes beschikbaar Post-Run: 435.805.491.200 bytes beschikbaar . - - End Of File - - 5FFFD59B929A1FB6ABEB479A35AD2C73 ---------- Post toegevoegd om 14:30 ---------- Vorige post was om 14:28 ---------- Logfile of random's system information tool 1.09 (written by random/random) Run by Manuela at 2012-01-24 14:29:00 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 416 GB (90%) free of 463 GB Total RAM: 3956 MB (64% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:29:03, on 24-1-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\Downloads\RSIT.exe C:\Program Files (x86)\trend micro\Manuela.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9802 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job C:\Windows\tasks\HP Photo Creations Communicator.job C:\Windows\tasks\hpwebreg_xxxxxxxxxx.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608] "SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-02-01 337264] "EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512] "EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2009-12-25 401192] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-05 283160] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584] "AutoStartNPSAgent"=C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2011-07-08 102400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2010-11-20 229376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "msacm.siren"=sirenacm.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2012-01-24 14:24:27 ----SHD---- C:\$RECYCLE.BIN 2012-01-24 14:23:19 ----A---- C:\ComboFix.txt 2012-01-24 12:52:25 ----A---- C:\Windows\NIRCMD.exe 2012-01-23 12:09:38 ----A---- C:\TDSSKiller.2.7.6.0_23.01.2012_12.09.38_log.txt 2012-01-23 12:08:36 ----A---- C:\TDSSKiller.2.7.6.0_23.01.2012_12.08.36_log.txt 2012-01-23 12:06:28 ----D---- C:\Users\Manuela\AppData\Roaming\WinRAR 2012-01-23 12:06:19 ----D---- C:\Program Files (x86)\WinRAR 2012-01-22 12:57:11 ----A---- C:\Windows\zip.exe 2012-01-22 12:57:11 ----A---- C:\Windows\SWSC.exe 2012-01-22 12:57:11 ----A---- C:\Windows\SWREG.exe 2012-01-22 12:57:11 ----A---- C:\Windows\sed.exe 2012-01-22 12:57:11 ----A---- C:\Windows\PEV.exe 2012-01-22 12:57:11 ----A---- C:\Windows\MBR.exe 2012-01-22 12:57:11 ----A---- C:\Windows\grep.exe 2012-01-22 12:57:02 ----D---- C:\Windows\ERDNT 2012-01-22 12:56:56 ----D---- C:\Qoobox 2012-01-21 21:41:39 ----D---- C:\rsit 2012-01-21 21:14:01 ----D---- C:\Program Files (x86)\Trend Micro 2012-01-21 15:34:54 ----D---- C:\Users\Manuela\AppData\Roaming\Malwarebytes 2012-01-21 15:34:49 ----D---- C:\ProgramData\Malwarebytes 2012-01-21 15:07:22 ----D---- C:\ProgramData\HP Photo Creations 2012-01-21 15:07:22 ----D---- C:\Program Files (x86)\HP Photo Creations 2012-01-21 15:07:10 ----D---- C:\Users\Manuela\AppData\Roaming\HpUpdate 2012-01-21 15:06:55 ----D---- C:\ProgramData\HP 2012-01-21 15:06:32 ----D---- C:\Program Files (x86)\HP 2012-01-13 17:42:40 ----D---- C:\Users\Manuela\AppData\Roaming\Need for Speed World 2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll 2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll 2012-01-13 16:55:43 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll 2012-01-13 16:55:42 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll 2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll 2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll 2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll 2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll 2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll 2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll 2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll 2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll 2012-01-13 16:55:37 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll 2012-01-13 16:55:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll 2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll 2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll 2012-01-13 16:55:30 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll 2012-01-13 16:55:28 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll 2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll 2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll 2012-01-13 16:55:25 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll 2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll 2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll 2012-01-13 16:55:22 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll 2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll 2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll 2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll 2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll 2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll 2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll 2012-01-13 16:55:19 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll 2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll 2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll 2012-01-13 16:55:17 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll 2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll 2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll 2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll 2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll 2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll 2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll 2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll 2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll 2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll 2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll 2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll 2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll 2012-01-13 16:55:10 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll 2012-01-13 16:55:09 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll 2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll 2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll 2012-01-13 16:55:07 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll 2012-01-13 16:55:06 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll 2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll 2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll 2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll 2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll 2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll 2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll 2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll 2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\xinput1_3.dll 2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll 2012-01-13 16:55:00 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll 2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll 2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll 2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll 2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll 2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll 2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\d3dx10.dll 2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll 2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll 2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll 2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xinput1_2.dll 2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll 2012-01-13 16:54:53 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll 2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xinput1_1.dll 2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll 2012-01-13 16:54:42 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll 2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll 2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll 2012-01-13 16:54:37 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll 2012-01-13 16:54:36 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll 2012-01-13 16:54:34 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll 2012-01-13 16:54:33 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll 2012-01-13 16:54:32 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll 2012-01-13 16:54:31 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll 2012-01-13 16:49:04 ----HD---- C:\Windows\msdownld.tmp 2012-01-13 16:49:04 ----D---- C:\Windows\SysWOW64\directx 2012-01-13 15:39:00 ----D---- C:\ProgramData\Premium 2012-01-13 15:38:58 ----D---- C:\ProgramData\InstallMate 2012-01-12 21:25:51 ----D---- C:\ProgramData\tmp 2012-01-12 21:25:50 ----D---- C:\ProgramData\hps 2012-01-12 21:20:55 ----D---- C:\Program Files (x86)\Fotoservice 2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\quartz.dll 2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\qdvd.dll 2012-01-12 20:18:52 ----A---- C:\Windows\SysWOW64\jscript.dll 2012-01-12 20:18:50 ----A---- C:\Windows\SysWOW64\ntdll.dll 2012-01-12 20:18:48 ----A---- C:\Windows\SysWOW64\packager.dll ======List of files/folders modified in the last 1 month====== 2012-01-24 14:29:02 ----D---- C:\Windows\Temp 2012-01-24 14:15:39 ----D---- C:\Windows 2012-01-24 14:15:39 ----A---- C:\Windows\system.ini 2012-01-24 14:13:48 ----A---- C:\Windows\SysWOW64\log.txt 2012-01-24 14:11:53 ----RD---- C:\Program Files (x86) 2012-01-24 14:11:53 ----D---- C:\ProgramData 2012-01-24 14:08:00 ----D---- C:\Windows\SysWOW64\drivers 2012-01-24 14:08:00 ----D---- C:\Windows\SysWOW64 2012-01-24 14:08:00 ----D---- C:\Windows\System32 2012-01-24 14:08:00 ----D---- C:\Windows\AppPatch 2012-01-24 14:07:56 ----D---- C:\Program Files (x86)\Common Files 2012-01-24 12:51:27 ----SHD---- C:\System Volume Information 2012-01-23 20:45:56 ----D---- C:\Windows\inf 2012-01-23 00:21:25 ----SD---- C:\ProgramData\Microsoft 2012-01-22 21:43:39 ----SHD---- C:\Windows\Installer 2012-01-22 21:43:38 ----SD---- C:\Users\Manuela\AppData\Roaming\Microsoft 2012-01-22 20:18:34 ----D---- C:\Users\Manuela\AppData\Roaming\Liteon 2012-01-21 15:29:55 ----D---- C:\Windows\Tasks 2012-01-21 15:06:32 ----D---- C:\Windows\twain_32 2012-01-21 15:06:07 ----RD---- C:\Program Files 2012-01-21 12:01:16 ----D---- C:\Windows\Microsoft.NET 2012-01-21 12:01:14 ----RSD---- C:\Windows\assembly 2012-01-21 10:36:44 ----D---- C:\Windows\winsxs 2012-01-21 02:47:11 ----D---- C:\ProgramData\DivX 2012-01-21 02:47:05 ----D---- C:\Program Files (x86)\DivX 2012-01-21 02:47:00 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine 2012-01-21 02:44:58 ----D---- C:\Users\Manuela\AppData\Roaming\DivX 2012-01-13 15:47:12 ----D---- C:\Program Files (x86)\Google 2012-01-13 15:46:44 ----D---- C:\Program Files (x86)\Microsoft 2012-01-12 22:02:18 ----D---- C:\Windows\ehome 2012-01-12 21:54:15 ----D---- C:\ProgramData\Microsoft Help 2011-12-29 21:47:19 ----D---- C:\Windows\SysWOW64\migration 2011-12-29 21:47:19 ----D---- C:\Program Files (x86)\Internet Explorer 2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\nl-NL 2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\fr-FR 2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\en-US ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [] R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [] R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2011-07-08 16392] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360] R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-03 268824] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] -----------------EOF-----------------
- 24 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

ComboFix 12-01-23.02 - Manuela 24-01-2012 12:53:31.3.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3956.2447 [GMT 1:00] Gestart vanuit: c:\users\Manuela\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-24 to 2012-01-24 )))))))))))))))))))))))))))))) . . 2012-01-24 12:01 . 2012-01-24 12:01 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-24 11:51 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ACC7CB0D-8D75-419D-930E-21CBF06D9683}\mpengine.dll 2012-01-22 20:43 . 2012-01-22 20:43 388096 ----a-r- c:\users\Manuela\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-22 15:28 . 2012-01-22 15:28 -------- d-----w- c:\program files (x86)\Conduit 2012-01-22 15:28 . 2012-01-22 15:31 -------- d-----w- c:\users\Manuela\AppData\Local\Conduit 2012-01-21 20:41 . 2012-01-21 20:41 -------- d-----w- C:\rsit 2012-01-21 20:14 . 2012-01-22 20:43 -------- d-----w- c:\program files (x86)\Trend Micro 2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\users\Manuela\AppData\Roaming\Malwarebytes 2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\programdata\Malwarebytes 2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\programdata\HP Photo Creations 2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\program files (x86)\HP Photo Creations 2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\users\Manuela\AppData\Roaming\HpUpdate 2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\programdata\HP 2012-01-21 14:06 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\HP 2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\program files\HP 2012-01-21 14:05 . 2012-01-22 23:17 -------- d-----w- c:\users\Manuela\AppData\Local\HP 2012-01-14 13:13 . 2012-01-14 13:13 -------- d-----w- c:\users\Manuela\AppData\Local\ElevatedDiagnostics 2012-01-14 13:10 . 2012-01-14 13:10 -------- d-----w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} 2012-01-14 13:07 . 2012-01-14 13:07 -------- d-----w- c:\users\Manuela\AppData\Local\PackageAware 2012-01-13 16:42 . 2012-01-13 16:42 -------- d-----w- c:\users\Manuela\AppData\Roaming\Need for Speed World 2012-01-13 15:56 . 2012-01-13 15:56 -------- d-----w- c:\users\Manuela\AppData\Local\Electronic_Arts_Inc 2012-01-13 15:54 . 2007-03-15 15:57 506728 ----a-w- c:\windows\system32\d3dx10_33.dll 2012-01-13 15:49 . 2012-01-13 15:53 -------- d--h--w- c:\windows\msdownld.tmp 2012-01-13 14:42 . 2012-01-13 14:42 237 ----a-w- C:\user.js 2012-01-13 14:42 . 2012-01-13 14:48 -------- d-----w- c:\program files (x86)\BrowserCompanion 2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\users\Manuela\AppData\Local\Babylon 2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\users\Manuela\AppData\Roaming\Babylon 2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\programdata\Babylon 2012-01-13 14:39 . 2012-01-13 14:39 -------- d-----w- c:\programdata\Premium 2012-01-13 14:38 . 2012-01-13 14:39 -------- d-----w- c:\programdata\InstallMate 2012-01-12 20:25 . 2012-01-14 12:10 -------- d-----w- c:\programdata\tmp 2012-01-12 20:25 . 2012-01-12 20:25 -------- d-----w- c:\programdata\hps 2012-01-12 20:20 . 2012-01-20 22:20 -------- d-----w- c:\program files (x86)\Fotoservice 2012-01-12 19:18 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll 2012-01-12 19:18 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-01-12 19:18 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll 2012-01-12 19:18 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-01-12 19:18 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll 2012-01-12 19:18 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll 2012-01-12 19:18 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll 2012-01-12 19:18 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-28 18:01 . 2011-03-30 20:09 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2011-03-30 20:09 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-11-28 18:01 . 2011-03-30 19:51 256960 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:54 . 2011-07-09 11:48 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2011-03-30 20:09 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2011-03-30 20:09 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2011-03-30 20:09 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2011-03-30 20:09 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-11-28 17:51 . 2011-03-30 20:09 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-24 04:52 . 2011-12-23 19:39 3145216 ----a-w- c:\windows\system32\win32k.sys 2011-11-15 13:29 . 2011-02-24 20:18 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-11-05 05:41 . 2011-12-23 19:40 1188864 ----a-w- c:\windows\system32\wininet.dll 2011-11-05 05:32 . 2011-12-23 19:39 2048 ----a-w- c:\windows\system32\tzres.dll 2011-11-05 04:35 . 2011-12-23 19:40 981504 ----a-w- c:\windows\SysWow64\wininet.dll 2011-11-05 04:26 . 2011-12-23 19:39 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2011-11-05 03:32 . 2011-12-23 19:40 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-11-05 02:48 . 2011-12-23 19:40 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb . . ((((((((((((((((((((((((((((( SnapShot@2012-01-22_12.11.55 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-01-22 12:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-01-24 12:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-01-24 12:02 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-01-22 12:09 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-01-22 12:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-01-24 12:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-05-06 23:22 . 2012-01-24 12:04 60240 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-01-24 12:04 49596 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-02-12 16:07 . 2012-01-24 12:04 14766 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1300219434-4275829345-324095623-1000_UserData.bin + 2010-11-16 23:48 . 2010-11-16 23:48 42344 c:\windows\system32\spool\drivers\x64\3\hpvplui04.dll + 2009-07-14 05:30 . 2012-01-23 19:46 86016 c:\windows\system32\DriverStore\infpub.dat - 2009-07-14 05:30 . 2012-01-21 14:06 86016 c:\windows\system32\DriverStore\infpub.dat + 2009-07-14 00:35 . 2009-07-14 00:35 41984 c:\windows\system32\drivers\usbscan.sys + 2011-02-13 06:58 . 2012-01-22 23:22 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-02-13 06:58 . 2012-01-21 09:33 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-02-13 06:58 . 2012-01-21 09:33 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-02-13 06:58 . 2012-01-22 23:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-01-22 23:22 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-01-21 09:33 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-01-22 23:21 . 2012-01-24 11:47 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2012-01-22 23:21 . 2012-01-24 11:47 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2012-01-22 23:21 . 2012-01-24 11:47 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-02-12 16:09 . 2012-01-24 11:47 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-02-12 16:09 . 2012-01-22 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-02-12 16:09 . 2012-01-24 11:47 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-02-12 16:09 . 2012-01-22 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-01-22 23:20 . 2012-01-22 23:20 9560 c:\windows\system32\NetworkList\Icons\{5C720705-9974-4E99-9DC4-181213C7B520}_48.bin + 2012-01-22 23:20 . 2012-01-22 23:20 4280 c:\windows\system32\NetworkList\Icons\{5C720705-9974-4E99-9DC4-181213C7B520}_32.bin + 2012-01-22 23:20 . 2012-01-22 23:20 2456 c:\windows\system32\NetworkList\Icons\{5C720705-9974-4E99-9DC4-181213C7B520}_24.bin - 2012-01-22 12:09 . 2012-01-22 12:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-01-24 12:02 . 2012-01-24 12:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-01-24 12:02 . 2012-01-24 12:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-01-22 12:09 . 2012-01-22 12:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-02-12 16:44 . 2012-01-23 19:06 234418 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2010-11-16 23:48 . 2010-11-16 23:48 220520 c:\windows\system32\spool\drivers\x64\3\hpvplres04.dll + 2010-11-16 23:48 . 2010-11-16 23:48 538472 c:\windows\system32\spool\drivers\x64\3\hpvpldrv04.dll + 2010-11-16 23:48 . 2010-11-16 23:48 349032 c:\windows\system32\spool\drivers\x64\3\hpinksts8711LM.dll + 2010-11-16 23:48 . 2010-11-16 23:48 306024 c:\windows\system32\spool\drivers\x64\3\hpinksts8711.dll + 2010-11-16 23:48 . 2010-11-16 23:48 518504 c:\windows\system32\spool\drivers\x64\3\hpfime51.dll + 2010-11-16 23:48 . 2010-11-16 23:48 349032 c:\windows\system32\hpinksts8711LM.dll + 2010-11-16 23:48 . 2010-11-16 23:48 274792 c:\windows\system32\hpinkcoi8711.dll + 2009-07-14 05:30 . 2012-01-23 19:46 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:30 . 2012-01-21 14:06 143360 c:\windows\system32\DriverStore\infstrng.dat + 2012-01-22 23:21 . 2012-01-22 23:21 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat - 2009-07-14 05:01 . 2012-01-22 12:08 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-01-24 12:01 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2010-11-16 23:48 . 2010-11-16 23:48 2591080 c:\windows\system32\HPScanMiniDrv_DJ2050_510g.dll + 2012-01-22 20:42 . 2012-01-22 20:42 1402880 c:\windows\Installer\512acb.msi . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2011-07-08 102400] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696] "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264] "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512] "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Browser companion helper"="c:\program files (x86)\BrowserCompanion\BCHelper.exe" [2011-12-16 187696] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x] R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520] R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2012-01-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job - c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12] . 2012-01-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job - c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12] . 2012-01-24 c:\windows\Tasks\HP Photo Creations Communicator.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2012-01-21 14:29] . 2012-01-21 c:\windows\Tasks\hpwebreg_xxxxxxxxxx.job - c:\program files\HP\HP Deskjet 2050 J510 series\Bin\hpwebreg.exe [2010-11-16 20:29] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584] "mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-11 9643552] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-04-23 861216] . ------- Bijkomende Scan ------- . uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&affID=101241&mntrId=a43664880000000000005cac4c691c22 uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_7741&r=27360211j306l04e8z1k5t4711p893 mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58 . - - - - ORPHANS VERWIJDERD - - - - . URLSearchHooks-{87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) AddRemove-WinRAR archiver - c:\program files (x86)\WinRAR\uninstall.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2012-01-24 13:15:00 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-24 12:14 ComboFix2.txt 2012-01-22 14:27 ComboFix3.txt 2012-01-22 12:23 . Pre-Run: 436.154.814.464 bytes beschikbaar Post-Run: 435.983.556.608 bytes beschikbaar . - - End Of File - - E7F9A8D95E3184525A1CFC1B5E1DA97B
- 24 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

Emsisoft Emergency Kit - Versie 1.0 Laatste Update: 1/23/2012 10:10:51 PM Scaninstellingen: Scantype: Diepe Scan Objecten: Geheugen, Sporen, Cookies, C:\ Scan archieven: Aan Heuristieken: Uit ADS Scan: Aan Scan gestart: 1/23/2012 10:11:22 PM C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@bs.serving-sys[1].txt Ontdekt: Trace.TrackingCookie.bs.serving-sys!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@doubleclick[1].txt Ontdekt: Trace.TrackingCookie.doubleclick!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@serving-sys[2].txt Ontdekt: Trace.TrackingCookie.serving-sys!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@weborama[1].txt Ontdekt: Trace.TrackingCookie.weborama!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@2o7[1].txt Ontdekt: Trace.TrackingCookie.2o7!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@adviva[1].txt Ontdekt: Trace.TrackingCookie.adviva!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@bs.serving-sys[1].txt Ontdekt: Trace.TrackingCookie.bs.serving-sys!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@doubleclick[2].txt Ontdekt: Trace.TrackingCookie.doubleclick!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@fastclick[1].txt Ontdekt: Trace.TrackingCookie.fastclick!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@mediaplex[1].txt Ontdekt: Trace.TrackingCookie.mediaplex!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@serving-sys[2].txt Ontdekt: Trace.TrackingCookie.serving-sys!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@specificclick[1].txt Ontdekt: Trace.TrackingCookie.specificclick!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@statcounter[1].txt Ontdekt: Trace.TrackingCookie.statcounter!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@tradedoubler[2].txt Ontdekt: Trace.TrackingCookie.tradedoubler!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@weborama[1].txt Ontdekt: Trace.TrackingCookie.weborama!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1299881584581000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1299961569368001 Ontdekt: Trace.TrackingCookie.adserv!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016303250000 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016303250001 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016434602000 Ontdekt: Trace.TrackingCookie.tribalfusion.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016435721000 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300017562373000 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300019123020000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300019152948000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300022402861000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300022402861001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300028186269002 Ontdekt: Trace.TrackingCookie.www.kdukvh.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300028215785001 Ontdekt: Trace.TrackingCookie.adfarm1.adition.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300031553721000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300050353545000 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300102989989000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300102989990000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300102996978000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300103046463000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300204481412000 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300211131782000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300211131782001 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300272021322000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300273303938000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300273692850000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300287861344000 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300311314935001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300493499312000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300493544275000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300561110645000 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300561110646000 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571056187000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571927257000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571927257001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571931396000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571974321000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300822371364000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300822378899000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300822734226000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300823100729000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300823161632000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300828380930000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300833872569000 Ontdekt: Trace.TrackingCookie.ad.adition.net!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300833872569001 Ontdekt: Trace.TrackingCookie.ad.adition.net!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301133310188000 Ontdekt: Trace.TrackingCookie.d2.advertserve.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301265202604000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301303166394000 Ontdekt: Trace.TrackingCookie.stat.active24stats.nl!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301303166395000 Ontdekt: Trace.TrackingCookie.stat.active24stats.nl!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301351051577000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301409335141000 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301502395570000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301751310363000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301751310363001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301751310385000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301755089320000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301858178662000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301858178662001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302200656403000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302283919595001 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302283919595002 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302285301498000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302361956146000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302365386899000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302444091440000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302444091440001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302444188270000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302447734628000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302450433442005 Ontdekt: Trace.TrackingCookie.d1.openx.org!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302450433442006 Ontdekt: Trace.TrackingCookie.d1.openx.org!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302457846945000 Ontdekt: Trace.TrackingCookie.ilead.itrack.it!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302519672421000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302519769081000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302522841906000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302522866245000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543420107001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543420107002 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543538424000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543538424001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302556574283000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302556621652000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302556644363000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303678972735000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303678972735001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303727816637000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303727816637001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303854674600000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1304078376983000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1304366225997000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1304750435275001 Ontdekt: Trace.TrackingCookie.www.belstat.be!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305484512814000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605575212 Ontdekt: Trace.TrackingCookie.myspace.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605580118 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605580149 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605580150 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605584837 Ontdekt: Trace.TrackingCookie.ndparking.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605585726 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605585728 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605592659 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605596093 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605596382 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605600630 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605601680 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605602033 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605604136 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605604289 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605604535 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605606072 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605606313 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605611157 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605611882 Ontdekt: Trace.TrackingCookie.m.webtrends.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605615261 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617580 Ontdekt: Trace.TrackingCookie.ad.zanox.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617593 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617594 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617595 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617833 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617834 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605618652 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605618653 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605621497 Ontdekt: Trace.TrackingCookie.www.ndparking.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623364 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623421 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623433 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623508 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605624202 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605629116 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630152 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630162 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630163 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630550 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630595 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630596 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630597 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630600 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605632611 Ontdekt: Trace.TrackingCookie.ilead.itrack.it!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605633499 Ontdekt: Trace.TrackingCookie.adserv!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605635306 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605635312 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605640607 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641780 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641787 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641814 Ontdekt: Trace.TrackingCookie.d1.openx.org!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641815 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641839 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641881 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641946 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641976 Ontdekt: Trace.TrackingCookie.www.ndparking.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641977 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605642003 Ontdekt: Trace.TrackingCookie.cms!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605643738 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644750 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644785 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644798 Ontdekt: Trace.TrackingCookie.statse.webtrendslive!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644855 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644873 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605645593 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605647738 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605647739 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605647978 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656051 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656078 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656079 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656215 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2 C:\Program Files (x86)\WinRAR\Uninstall.exe Ontdekt: Backdoor.Win32.Hupigon!IK C:\Users\Manuela\Downloads\wrar410nl.exe/Uninstall.exe Ontdekt: Backdoor.Win32.Hupigon!IK Gescand Bestanden: 287672 Sporen: 404020 Cookies: 3195 Processen: 79 Gevonden Bestanden: 2 Sporen: 0 Cookies: 198 Processen: 0 Registersleutels: 0 Scan Geëindigd: 1/24/2012 12:31:31 AM Scantijd: 2:20:09 C:\Program Files (x86)\WinRAR\Uninstall.exe Verwijderd Backdoor.Win32.Hupigon!IK C:\Users\Manuela\Downloads\wrar410nl.exe/Uninstall.exe Verwijderd Backdoor.Win32.Hupigon!IK C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644798 Verwijderd Trace.TrackingCookie.statse.webtrendslive!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605642003 Verwijderd Trace.TrackingCookie.cms!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630595 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630596 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630597 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630600 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605621497 Verwijderd Trace.TrackingCookie.www.ndparking.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641976 Verwijderd Trace.TrackingCookie.www.ndparking.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617580 Verwijderd Trace.TrackingCookie.ad.zanox.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605611882 Verwijderd Trace.TrackingCookie.m.webtrends.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605601680 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605602033 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605604136 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605604289 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605604535 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605606072 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605606313 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605615261 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623364 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623421 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623433 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623508 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605629116 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630152 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605635306 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605635312 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605640607 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641780 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641787 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641815 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641839 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641881 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641946 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641977 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605643738 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644750 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644785 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644855 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644873 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605645593 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605647978 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656215 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605596093 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605600630 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605624202 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605647738 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605647739 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656078 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656079 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605592659 Verwijderd Trace.TrackingCookie.doubleclick.net!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630550 Verwijderd Trace.TrackingCookie.doubleclick.net!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605584837 Verwijderd Trace.TrackingCookie.ndparking.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605575212 Verwijderd Trace.TrackingCookie.myspace.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1304750435275001 Verwijderd Trace.TrackingCookie.www.belstat.be!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302457846945000 Verwijderd Trace.TrackingCookie.ilead.itrack.it!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605632611 Verwijderd Trace.TrackingCookie.ilead.itrack.it!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302450433442005 Verwijderd Trace.TrackingCookie.d1.openx.org!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302450433442006 Verwijderd Trace.TrackingCookie.d1.openx.org!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641814 Verwijderd Trace.TrackingCookie.d1.openx.org!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301303166394000 Verwijderd Trace.TrackingCookie.stat.active24stats.nl!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301303166395000 Verwijderd Trace.TrackingCookie.stat.active24stats.nl!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301133310188000 Verwijderd Trace.TrackingCookie.d2.advertserve.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300833872569000 Verwijderd Trace.TrackingCookie.ad.adition.net!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300833872569001 Verwijderd Trace.TrackingCookie.ad.adition.net!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300211131782000 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300211131782001 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300272021322000 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300493499312000 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300493544275000 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301265202604000 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302365386899000 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302447734628000 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605580118 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300204481412000 Verwijderd Trace.TrackingCookie.eas.apm.emediate.eu!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300287861344000 Verwijderd Trace.TrackingCookie.eas.apm.emediate.eu!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301409335141000 Verwijderd Trace.TrackingCookie.eas.apm.emediate.eu!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656051 Verwijderd Trace.TrackingCookie.eas.apm.emediate.eu!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300028215785001 Verwijderd Trace.TrackingCookie.adfarm1.adition.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300028186269002 Verwijderd Trace.TrackingCookie.www.kdukvh.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300017562373000 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302283919595001 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302283919595002 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605611157 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617593 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617594 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617595 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016435721000 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300050353545000 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300561110645000 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300561110646000 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605585726 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605585728 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016434602000 Verwijderd Trace.TrackingCookie.tribalfusion.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016303250000 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016303250001 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1299961569368001 Verwijderd Trace.TrackingCookie.adserv!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605633499 Verwijderd Trace.TrackingCookie.adserv!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1299881584581000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300019123020000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300019152948000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300022402861000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300022402861001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300031553721000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300102989989000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300102989990000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300102996978000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300103046463000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300273303938000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300273692850000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300311314935001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571056187000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571927257000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571927257001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571931396000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571974321000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300822371364000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300822378899000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300822734226000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300823100729000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300823161632000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300828380930000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301351051577000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301502395570000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301751310363000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301751310363001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301751310385000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301755089320000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301858178662000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301858178662001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302200656403000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302285301498000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302361956146000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302444091440000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302444091440001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302444188270000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302519672421000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302519769081000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302522841906000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302522866245000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543420107001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543420107002 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543538424000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543538424001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302556574283000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302556621652000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302556644363000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303678972735000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303678972735001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303727816637000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303727816637001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303854674600000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1304078376983000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1304366225997000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305484512814000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605580149 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605580150 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605596382 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617833 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617834 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605618652 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605618653 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630162 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630163 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@tradedoubler[2].txt Verwijderd Trace.TrackingCookie.tradedoubler!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@statcounter[1].txt Verwijderd Trace.TrackingCookie.statcounter!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@specificclick[1].txt Verwijderd Trace.TrackingCookie.specificclick!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@mediaplex[1].txt Verwijderd Trace.TrackingCookie.mediaplex!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@fastclick[1].txt Verwijderd Trace.TrackingCookie.fastclick!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@adviva[1].txt Verwijderd Trace.TrackingCookie.adviva!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@2o7[1].txt Verwijderd Trace.TrackingCookie.2o7!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@weborama[1].txt Verwijderd Trace.TrackingCookie.weborama!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@weborama[1].txt Verwijderd Trace.TrackingCookie.weborama!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@serving-sys[2].txt Verwijderd Trace.TrackingCookie.serving-sys!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@serving-sys[2].txt Verwijderd Trace.TrackingCookie.serving-sys!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@doubleclick[1].txt Verwijderd Trace.TrackingCookie.doubleclick!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@doubleclick[2].txt Verwijderd Trace.TrackingCookie.doubleclick!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@bs.serving-sys[1].txt Verwijderd Trace.TrackingCookie.bs.serving-sys!A2 C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@bs.serving-sys[1].txt Verwijderd Trace.TrackingCookie.bs.serving-sys!A2 Verwijderd Bestanden: 2 Sporen: 0 Cookies: 178
- 23 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

12:09:38.0938 4152 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04 12:09:39.0110 4152 ============================================================ 12:09:39.0110 4152 Current date / time: 2012/01/23 12:09:39.0110 12:09:39.0110 4152 SystemInfo: 12:09:39.0110 4152 12:09:39.0110 4152 OS Version: 6.1.7601 ServicePack: 1.0 12:09:39.0110 4152 Product type: Workstation 12:09:39.0110 4152 ComputerName: MANUELA-PC 12:09:39.0110 4152 UserName: Manuela 12:09:39.0110 4152 Windows directory: C:\Windows 12:09:39.0110 4152 System windows directory: C:\Windows 12:09:39.0110 4152 Running under WOW64 12:09:39.0110 4152 Processor architecture: Intel x64 12:09:39.0110 4152 Number of processors: 2 12:09:39.0110 4152 Page size: 0x1000 12:09:39.0110 4152 Boot type: Normal boot 12:09:39.0110 4152 ============================================================ 12:09:39.0796 4152 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 12:09:39.0827 4152 Initialize success 12:09:41.0809 3792 ============================================================ 12:09:41.0809 3792 Scan started 12:09:41.0809 3792 Mode: Manual; 12:09:41.0809 3792 ============================================================ 12:09:42.0214 3792 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 12:09:42.0230 3792 1394ohci - ok 12:09:42.0339 3792 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 12:09:42.0339 3792 ACPI - ok 12:09:42.0448 3792 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 12:09:42.0448 3792 AcpiPmi - ok 12:09:42.0573 3792 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 12:09:42.0573 3792 adp94xx - ok 12:09:42.0682 3792 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 12:09:42.0698 3792 adpahci - ok 12:09:42.0807 3792 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 12:09:42.0807 3792 adpu320 - ok 12:09:43.0166 3792 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 12:09:43.0166 3792 AFD - ok 12:09:43.0275 3792 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 12:09:43.0291 3792 agp440 - ok 12:09:43.0431 3792 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 12:09:43.0431 3792 aliide - ok 12:09:43.0494 3792 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 12:09:43.0494 3792 amdide - ok 12:09:43.0572 3792 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 12:09:43.0572 3792 AmdK8 - ok 12:09:43.0837 3792 amdkmdag (52679612d742bf74ca1ba6ab86ddf431) C:\Windows\system32\DRIVERS\atipmdag.sys 12:09:43.0899 3792 amdkmdag - ok 12:09:44.0024 3792 amdkmdap (414e0788920a8c856032be2cbf29f984) C:\Windows\system32\DRIVERS\atikmpag.sys 12:09:44.0024 3792 amdkmdap - ok 12:09:44.0040 3792 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 12:09:44.0040 3792 AmdPPM - ok 12:09:44.0164 3792 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 12:09:44.0164 3792 amdsata - ok 12:09:44.0258 3792 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 12:09:44.0258 3792 amdsbs - ok 12:09:44.0305 3792 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 12:09:44.0305 3792 amdxata - ok 12:09:44.0414 3792 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS 12:09:44.0414 3792 AmUStor - ok 12:09:44.0476 3792 ApfiltrService (fab590e0fc28cb474b965f8267458e14) C:\Windows\system32\DRIVERS\Apfiltr.sys 12:09:44.0476 3792 ApfiltrService - ok 12:09:44.0523 3792 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 12:09:44.0523 3792 AppID - ok 12:09:44.0601 3792 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 12:09:44.0601 3792 arc - ok 12:09:44.0617 3792 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 12:09:44.0617 3792 arcsas - ok 12:09:44.0679 3792 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys 12:09:44.0679 3792 aswFsBlk - ok 12:09:44.0882 3792 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys 12:09:44.0882 3792 aswMonFlt - ok 12:09:45.0007 3792 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys 12:09:45.0007 3792 aswRdr - ok 12:09:45.0085 3792 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys 12:09:45.0100 3792 aswSnx - ok 12:09:45.0147 3792 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys 12:09:45.0163 3792 aswSP - ok 12:09:45.0210 3792 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys 12:09:45.0210 3792 aswTdi - ok 12:09:45.0303 3792 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 12:09:45.0303 3792 AsyncMac - ok 12:09:45.0381 3792 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 12:09:45.0381 3792 atapi - ok 12:09:45.0444 3792 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys 12:09:45.0444 3792 AtiHdmiService - ok 12:09:45.0600 3792 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 12:09:45.0600 3792 b06bdrv - ok 12:09:45.0724 3792 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 12:09:45.0724 3792 b57nd60a - ok 12:09:45.0834 3792 BCM43XX (fde8c8dc07e75347e4c6b455a0964217) C:\Windows\system32\DRIVERS\bcmwl664.sys 12:09:45.0865 3792 BCM43XX - ok 12:09:45.0896 3792 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 12:09:45.0896 3792 Beep - ok 12:09:45.0943 3792 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 12:09:45.0943 3792 blbdrive - ok 12:09:45.0974 3792 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 12:09:45.0974 3792 bowser - ok 12:09:45.0990 3792 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 12:09:45.0990 3792 BrFiltLo - ok 12:09:46.0005 3792 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 12:09:46.0005 3792 BrFiltUp - ok 12:09:46.0052 3792 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 12:09:46.0052 3792 BridgeMP - ok 12:09:46.0068 3792 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 12:09:46.0068 3792 Brserid - ok 12:09:46.0099 3792 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 12:09:46.0099 3792 BrSerWdm - ok 12:09:46.0114 3792 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 12:09:46.0114 3792 BrUsbMdm - ok 12:09:46.0130 3792 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 12:09:46.0130 3792 BrUsbSer - ok 12:09:46.0146 3792 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 12:09:46.0146 3792 BTHMODEM - ok 12:09:46.0192 3792 catchme - ok 12:09:46.0286 3792 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 12:09:46.0286 3792 cdfs - ok 12:09:46.0348 3792 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 12:09:46.0348 3792 cdrom - ok 12:09:46.0458 3792 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 12:09:46.0458 3792 circlass - ok 12:09:46.0504 3792 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 12:09:46.0504 3792 CLFS - ok 12:09:46.0692 3792 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 12:09:46.0692 3792 CmBatt - ok 12:09:46.0738 3792 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 12:09:46.0738 3792 cmdide - ok 12:09:46.0801 3792 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 12:09:46.0816 3792 CNG - ok 12:09:46.0863 3792 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 12:09:46.0863 3792 Compbatt - ok 12:09:46.0894 3792 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 12:09:46.0910 3792 CompositeBus - ok 12:09:46.0926 3792 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 12:09:46.0926 3792 crcdisk - ok 12:09:46.0988 3792 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 12:09:46.0988 3792 DfsC - ok 12:09:47.0035 3792 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 12:09:47.0035 3792 discache - ok 12:09:47.0066 3792 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 12:09:47.0066 3792 Disk - ok 12:09:47.0144 3792 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 12:09:47.0144 3792 drmkaud - ok 12:09:47.0222 3792 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 12:09:47.0238 3792 DXGKrnl - ok 12:09:47.0378 3792 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 12:09:47.0409 3792 ebdrv - ok 12:09:47.0518 3792 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 12:09:47.0534 3792 elxstor - ok 12:09:47.0596 3792 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 12:09:47.0596 3792 ErrDev - ok 12:09:47.0643 3792 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 12:09:47.0643 3792 exfat - ok 12:09:47.0659 3792 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 12:09:47.0674 3792 fastfat - ok 12:09:47.0690 3792 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 12:09:47.0690 3792 fdc - ok 12:09:47.0721 3792 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 12:09:47.0721 3792 FileInfo - ok 12:09:47.0737 3792 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 12:09:47.0737 3792 Filetrace - ok 12:09:47.0768 3792 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 12:09:47.0768 3792 flpydisk - ok 12:09:47.0830 3792 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 12:09:47.0830 3792 FltMgr - ok 12:09:47.0908 3792 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 12:09:47.0908 3792 FsDepends - ok 12:09:47.0924 3792 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 12:09:47.0924 3792 Fs_Rec - ok 12:09:48.0002 3792 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 12:09:48.0002 3792 fvevol - ok 12:09:48.0049 3792 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 12:09:48.0049 3792 gagp30kx - ok 12:09:48.0096 3792 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 12:09:48.0096 3792 hcw85cir - ok 12:09:48.0174 3792 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 12:09:48.0174 3792 HdAudAddService - ok 12:09:48.0220 3792 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 12:09:48.0220 3792 HDAudBus - ok 12:09:48.0283 3792 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 12:09:48.0283 3792 HECIx64 - ok 12:09:48.0314 3792 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 12:09:48.0314 3792 HidBatt - ok 12:09:48.0330 3792 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 12:09:48.0330 3792 HidBth - ok 12:09:48.0361 3792 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 12:09:48.0361 3792 HidIr - ok 12:09:48.0454 3792 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 12:09:48.0454 3792 HidUsb - ok 12:09:48.0486 3792 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 12:09:48.0501 3792 HpSAMD - ok 12:09:48.0548 3792 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 12:09:48.0564 3792 HTTP - ok 12:09:48.0610 3792 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 12:09:48.0610 3792 hwpolicy - ok 12:09:48.0673 3792 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 12:09:48.0673 3792 i8042prt - ok 12:09:48.0720 3792 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys 12:09:48.0735 3792 iaStor - ok 12:09:48.0876 3792 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 12:09:48.0876 3792 iaStorV - ok 12:09:49.0094 3792 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys 12:09:49.0156 3792 igfx - ok 12:09:49.0250 3792 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 12:09:49.0250 3792 iirsp - ok 12:09:49.0422 3792 IntcAzAudAddService (53019327813ff5ab2964b33b2c61307c) C:\Windows\system32\drivers\RTKVHD64.sys 12:09:49.0453 3792 IntcAzAudAddService - ok 12:09:49.0500 3792 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 12:09:49.0500 3792 intelide - ok 12:09:49.0546 3792 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 12:09:49.0546 3792 intelppm - ok 12:09:49.0593 3792 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 12:09:49.0593 3792 IpFilterDriver - ok 12:09:49.0656 3792 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 12:09:49.0656 3792 IPMIDRV - ok 12:09:49.0687 3792 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 12:09:49.0687 3792 IPNAT - ok 12:09:49.0718 3792 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 12:09:49.0718 3792 IRENUM - ok 12:09:49.0765 3792 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 12:09:49.0765 3792 isapnp - ok 12:09:49.0812 3792 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 12:09:49.0812 3792 iScsiPrt - ok 12:09:49.0874 3792 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys 12:09:49.0890 3792 k57nd60a - ok 12:09:49.0921 3792 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 12:09:49.0936 3792 kbdclass - ok 12:09:49.0983 3792 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 12:09:49.0983 3792 kbdhid - ok 12:09:50.0030 3792 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 12:09:50.0030 3792 KSecDD - ok 12:09:50.0077 3792 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 12:09:50.0077 3792 KSecPkg - ok 12:09:50.0108 3792 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 12:09:50.0108 3792 ksthunk - ok 12:09:50.0217 3792 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys 12:09:50.0217 3792 L1E - ok 12:09:50.0264 3792 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 12:09:50.0264 3792 lltdio - ok 12:09:50.0420 3792 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 12:09:50.0420 3792 LSI_FC - ok 12:09:50.0436 3792 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 12:09:50.0436 3792 LSI_SAS - ok 12:09:50.0451 3792 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 12:09:50.0451 3792 LSI_SAS2 - ok 12:09:50.0467 3792 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 12:09:50.0467 3792 LSI_SCSI - ok 12:09:50.0498 3792 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 12:09:50.0498 3792 luafv - ok 12:09:50.0514 3792 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 12:09:50.0514 3792 megasas - ok 12:09:50.0545 3792 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 12:09:50.0560 3792 MegaSR - ok 12:09:50.0592 3792 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 12:09:50.0592 3792 Modem - ok 12:09:50.0623 3792 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 12:09:50.0623 3792 monitor - ok 12:09:50.0670 3792 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 12:09:50.0670 3792 mouclass - ok 12:09:50.0732 3792 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 12:09:50.0732 3792 mouhid - ok 12:09:50.0763 3792 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 12:09:50.0763 3792 mountmgr - ok 12:09:50.0810 3792 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 12:09:50.0810 3792 mpio - ok 12:09:50.0857 3792 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 12:09:50.0857 3792 mpsdrv - ok 12:09:50.0888 3792 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 12:09:50.0904 3792 MRxDAV - ok 12:09:50.0950 3792 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 12:09:50.0950 3792 mrxsmb - ok 12:09:51.0013 3792 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 12:09:51.0013 3792 mrxsmb10 - ok 12:09:51.0060 3792 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 12:09:51.0060 3792 mrxsmb20 - ok 12:09:51.0091 3792 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\DRIVERS\msahci.sys 12:09:51.0091 3792 msahci - ok 12:09:51.0138 3792 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 12:09:51.0138 3792 msdsm - ok 12:09:51.0184 3792 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 12:09:51.0184 3792 Msfs - ok 12:09:51.0200 3792 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 12:09:51.0200 3792 mshidkmdf - ok 12:09:51.0231 3792 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 12:09:51.0231 3792 msisadrv - ok 12:09:51.0278 3792 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 12:09:51.0278 3792 MSKSSRV - ok 12:09:51.0294 3792 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 12:09:51.0294 3792 MSPCLOCK - ok 12:09:51.0309 3792 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 12:09:51.0309 3792 MSPQM - ok 12:09:51.0356 3792 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 12:09:51.0356 3792 MsRPC - ok 12:09:51.0403 3792 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 12:09:51.0403 3792 mssmbios - ok 12:09:51.0450 3792 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 12:09:51.0450 3792 MSTEE - ok 12:09:51.0465 3792 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 12:09:51.0465 3792 MTConfig - ok 12:09:51.0481 3792 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 12:09:51.0481 3792 Mup - ok 12:09:51.0528 3792 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 12:09:51.0528 3792 mwlPSDFilter - ok 12:09:51.0559 3792 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 12:09:51.0559 3792 mwlPSDNServ - ok 12:09:51.0574 3792 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 12:09:51.0574 3792 mwlPSDVDisk - ok 12:09:51.0715 3792 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 12:09:51.0715 3792 NativeWifiP - ok 12:09:51.0793 3792 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 12:09:51.0793 3792 NDIS - ok 12:09:51.0855 3792 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 12:09:51.0855 3792 NdisCap - ok 12:09:51.0902 3792 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 12:09:51.0902 3792 NdisTapi - ok 12:09:51.0996 3792 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 12:09:51.0996 3792 Ndisuio - ok 12:09:52.0074 3792 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 12:09:52.0074 3792 NdisWan - ok 12:09:52.0120 3792 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 12:09:52.0136 3792 NDProxy - ok 12:09:52.0167 3792 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 12:09:52.0167 3792 NetBIOS - ok 12:09:52.0214 3792 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 12:09:52.0214 3792 NetBT - ok 12:09:52.0339 3792 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 12:09:52.0354 3792 nfrd960 - ok 12:09:52.0370 3792 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 12:09:52.0370 3792 Npfs - ok 12:09:52.0401 3792 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 12:09:52.0401 3792 nsiproxy - ok 12:09:52.0479 3792 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 12:09:52.0510 3792 Ntfs - ok 12:09:52.0604 3792 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys 12:09:52.0604 3792 NTIDrvr - ok 12:09:52.0635 3792 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 12:09:52.0651 3792 Null - ok 12:09:52.0713 3792 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 12:09:52.0713 3792 nvraid - ok 12:09:52.0744 3792 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 12:09:52.0744 3792 nvstor - ok 12:09:52.0807 3792 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 12:09:52.0807 3792 nv_agp - ok 12:09:52.0885 3792 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 12:09:52.0885 3792 ohci1394 - ok 12:09:53.0041 3792 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 12:09:53.0041 3792 Parport - ok 12:09:53.0088 3792 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 12:09:53.0088 3792 partmgr - ok 12:09:53.0212 3792 pccsmcfd (81b5e63131090879ad6ef9f32109b88d) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 12:09:53.0212 3792 pccsmcfd - ok 12:09:53.0259 3792 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 12:09:53.0259 3792 pci - ok 12:09:53.0322 3792 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 12:09:53.0322 3792 pciide - ok 12:09:53.0368 3792 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 12:09:53.0368 3792 pcmcia - ok 12:09:53.0384 3792 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 12:09:53.0384 3792 pcw - ok 12:09:53.0415 3792 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 12:09:53.0415 3792 PEAUTH - ok 12:09:53.0602 3792 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 12:09:53.0602 3792 PptpMiniport - ok 12:09:53.0634 3792 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 12:09:53.0634 3792 Processor - ok 12:09:53.0774 3792 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 12:09:53.0790 3792 Psched - ok 12:09:53.0868 3792 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 12:09:53.0883 3792 ql2300 - ok 12:09:53.0899 3792 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 12:09:53.0914 3792 ql40xx - ok 12:09:53.0930 3792 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 12:09:53.0930 3792 QWAVEdrv - ok 12:09:53.0930 3792 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 12:09:53.0946 3792 RasAcd - ok 12:09:53.0992 3792 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 12:09:53.0992 3792 RasAgileVpn - ok 12:09:54.0039 3792 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 12:09:54.0039 3792 Rasl2tp - ok 12:09:54.0070 3792 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 12:09:54.0086 3792 RasPppoe - ok 12:09:54.0102 3792 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 12:09:54.0102 3792 RasSstp - ok 12:09:54.0133 3792 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 12:09:54.0133 3792 rdbss - ok 12:09:54.0180 3792 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 12:09:54.0180 3792 rdpbus - ok 12:09:54.0242 3792 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 12:09:54.0242 3792 RDPCDD - ok 12:09:54.0273 3792 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 12:09:54.0273 3792 RDPENCDD - ok 12:09:54.0289 3792 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 12:09:54.0289 3792 RDPREFMP - ok 12:09:54.0336 3792 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 12:09:54.0336 3792 RDPWD - ok 12:09:54.0382 3792 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 12:09:54.0382 3792 rdyboost - ok 12:09:54.0523 3792 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 12:09:54.0523 3792 rspndr - ok 12:09:54.0570 3792 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 12:09:54.0570 3792 sbp2port - ok 12:09:54.0616 3792 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 12:09:54.0616 3792 scfilter - ok 12:09:54.0694 3792 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 12:09:54.0694 3792 secdrv - ok 12:09:54.0726 3792 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 12:09:54.0726 3792 Serenum - ok 12:09:54.0757 3792 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 12:09:54.0757 3792 Serial - ok 12:09:54.0835 3792 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 12:09:54.0850 3792 sermouse - ok 12:09:54.0928 3792 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 12:09:54.0928 3792 sffdisk - ok 12:09:54.0960 3792 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 12:09:54.0960 3792 sffp_mmc - ok 12:09:54.0975 3792 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 12:09:54.0991 3792 sffp_sd - ok 12:09:55.0022 3792 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 12:09:55.0022 3792 sfloppy - ok 12:09:55.0053 3792 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 12:09:55.0053 3792 SiSRaid2 - ok 12:09:55.0069 3792 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 12:09:55.0069 3792 SiSRaid4 - ok 12:09:55.0084 3792 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 12:09:55.0084 3792 Smb - ok 12:09:55.0116 3792 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 12:09:55.0116 3792 spldr - ok 12:09:55.0194 3792 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 12:09:55.0209 3792 srv - ok 12:09:55.0256 3792 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 12:09:55.0272 3792 srv2 - ok 12:09:55.0318 3792 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 12:09:55.0318 3792 srvnet - ok 12:09:55.0381 3792 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 12:09:55.0396 3792 stexstor - ok 12:09:55.0443 3792 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 12:09:55.0443 3792 swenum - ok 12:09:55.0568 3792 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 12:09:55.0584 3792 Tcpip - ok 12:09:55.0693 3792 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 12:09:55.0708 3792 TCPIP6 - ok 12:09:55.0755 3792 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 12:09:55.0755 3792 tcpipreg - ok 12:09:55.0802 3792 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 12:09:55.0802 3792 TDPIPE - ok 12:09:55.0818 3792 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 12:09:55.0818 3792 TDTCP - ok 12:09:55.0880 3792 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 12:09:55.0880 3792 tdx - ok 12:09:55.0911 3792 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 12:09:55.0927 3792 TermDD - ok 12:09:56.0036 3792 TFsExDisk - ok 12:09:56.0114 3792 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 12:09:56.0114 3792 tssecsrv - ok 12:09:56.0176 3792 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 12:09:56.0176 3792 TsUsbFlt - ok 12:09:56.0239 3792 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 12:09:56.0239 3792 tunnel - ok 12:09:56.0270 3792 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 12:09:56.0270 3792 uagp35 - ok 12:09:56.0348 3792 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys 12:09:56.0348 3792 UBHelper - ok 12:09:56.0395 3792 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 12:09:56.0395 3792 udfs - ok 12:09:56.0488 3792 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 12:09:56.0488 3792 uliagpkx - ok 12:09:56.0535 3792 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 12:09:56.0535 3792 umbus - ok 12:09:56.0566 3792 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 12:09:56.0566 3792 UmPass - ok 12:09:56.0722 3792 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 12:09:56.0722 3792 usbccgp - ok 12:09:56.0785 3792 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 12:09:56.0785 3792 usbcir - ok 12:09:56.0800 3792 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 12:09:56.0816 3792 usbehci - ok 12:09:56.0878 3792 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 12:09:56.0878 3792 usbhub - ok 12:09:56.0910 3792 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 12:09:56.0910 3792 usbohci - ok 12:09:56.0941 3792 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 12:09:56.0941 3792 usbprint - ok 12:09:56.0972 3792 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 12:09:56.0988 3792 USBSTOR - ok 12:09:57.0019 3792 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 12:09:57.0019 3792 usbuhci - ok 12:09:57.0128 3792 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 12:09:57.0128 3792 usbvideo - ok 12:09:57.0222 3792 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 12:09:57.0222 3792 vdrvroot - ok 12:09:57.0268 3792 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 12:09:57.0268 3792 vga - ok 12:09:57.0284 3792 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 12:09:57.0284 3792 VgaSave - ok 12:09:57.0315 3792 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 12:09:57.0315 3792 vhdmp - ok 12:09:57.0346 3792 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 12:09:57.0362 3792 viaide - ok 12:09:57.0393 3792 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 12:09:57.0393 3792 volmgr - ok 12:09:57.0440 3792 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 12:09:57.0440 3792 volmgrx - ok 12:09:57.0534 3792 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 12:09:57.0534 3792 volsnap - ok 12:09:57.0580 3792 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 12:09:57.0580 3792 vsmraid - ok 12:09:57.0596 3792 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 12:09:57.0596 3792 vwifibus - ok 12:09:57.0612 3792 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 12:09:57.0612 3792 vwififlt - ok 12:09:57.0627 3792 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 12:09:57.0627 3792 vwifimp - ok 12:09:57.0658 3792 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 12:09:57.0658 3792 WacomPen - ok 12:09:57.0705 3792 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 12:09:57.0705 3792 WANARP - ok 12:09:57.0705 3792 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 12:09:57.0705 3792 Wanarpv6 - ok 12:09:57.0799 3792 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 12:09:57.0799 3792 Wd - ok 12:09:57.0830 3792 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 12:09:57.0830 3792 Wdf01000 - ok 12:09:57.0939 3792 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 12:09:57.0939 3792 WfpLwf - ok 12:09:57.0955 3792 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 12:09:57.0955 3792 WIMMount - ok 12:09:58.0126 3792 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 12:09:58.0126 3792 WinUsb - ok 12:09:58.0189 3792 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 12:09:58.0189 3792 WmiAcpi - ok 12:09:58.0251 3792 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 12:09:58.0251 3792 ws2ifsl - ok 12:09:58.0329 3792 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 12:09:58.0329 3792 WudfPf - ok 12:09:58.0360 3792 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 12:09:58.0360 3792 WUDFRd - ok 12:09:58.0438 3792 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 12:09:58.0501 3792 \Device\Harddisk0\DR0 - ok 12:09:58.0501 3792 Boot (0x1200) (d6112fdf5cea1ab7be6c032e4a377fd4) \Device\Harddisk0\DR0\Partition0 12:09:58.0501 3792 \Device\Harddisk0\DR0\Partition0 - ok 12:09:58.0516 3792 Boot (0x1200) (ba513c544e4cc98b5b1b026da215884d) \Device\Harddisk0\DR0\Partition1 12:09:58.0516 3792 \Device\Harddisk0\DR0\Partition1 - ok 12:09:58.0516 3792 ============================================================ 12:09:58.0516 3792 Scan finished 12:09:58.0516 3792 ============================================================ 12:09:58.0532 2560 Detected object count: 0 12:09:58.0532 2560 Actual detected object count: 0 12:09:59.0359 3796 ============================================================ 12:09:59.0359 3796 Scan started 12:09:59.0359 3796 Mode: Manual; 12:09:59.0359 3796 ============================================================ 12:09:59.0608 3796 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 12:09:59.0608 3796 1394ohci - ok 12:09:59.0655 3796 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 12:09:59.0655 3796 ACPI - ok 12:09:59.0655 3796 Scan interrupted by user! 12:09:59.0655 3796 Scan interrupted by user! 12:09:59.0655 3796 Scan interrupted by user! 12:09:59.0655 3796 ============================================================ 12:09:59.0655 3796 Scan finished 12:09:59.0655 3796 ============================================================ 12:09:59.0671 4760 Detected object count: 0 12:09:59.0671 4760 Actual detected object count: 0 12:10:02.0962 2396 ============================================================ 12:10:02.0962 2396 Scan started 12:10:02.0962 2396 Mode: Manual; 12:10:02.0962 2396 ============================================================ 12:10:03.0118 2396 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 12:10:03.0118 2396 1394ohci - ok 12:10:03.0165 2396 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 12:10:03.0165 2396 ACPI - ok 12:10:03.0212 2396 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 12:10:03.0212 2396 AcpiPmi - ok 12:10:03.0243 2396 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 12:10:03.0259 2396 adp94xx - ok 12:10:03.0274 2396 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 12:10:03.0274 2396 adpahci - ok 12:10:03.0290 2396 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 12:10:03.0290 2396 adpu320 - ok 12:10:03.0352 2396 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 12:10:03.0352 2396 AFD - ok 12:10:03.0399 2396 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 12:10:03.0399 2396 agp440 - ok 12:10:03.0415 2396 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 12:10:03.0415 2396 aliide - ok 12:10:03.0446 2396 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 12:10:03.0446 2396 amdide - ok 12:10:03.0493 2396 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 12:10:03.0493 2396 AmdK8 - ok 12:10:03.0680 2396 amdkmdag (52679612d742bf74ca1ba6ab86ddf431) C:\Windows\system32\DRIVERS\atipmdag.sys 12:10:03.0742 2396 amdkmdag - ok 12:10:03.0774 2396 amdkmdap (414e0788920a8c856032be2cbf29f984) C:\Windows\system32\DRIVERS\atikmpag.sys 12:10:03.0774 2396 amdkmdap - ok 12:10:03.0820 2396 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 12:10:03.0820 2396 AmdPPM - ok 12:10:03.0867 2396 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 12:10:03.0867 2396 amdsata - ok 12:10:03.0883 2396 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 12:10:03.0883 2396 amdsbs - ok 12:10:03.0914 2396 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 12:10:03.0914 2396 amdxata - ok 12:10:03.0945 2396 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS 12:10:03.0945 2396 AmUStor - ok 12:10:03.0976 2396 ApfiltrService (fab590e0fc28cb474b965f8267458e14) C:\Windows\system32\DRIVERS\Apfiltr.sys 12:10:03.0992 2396 ApfiltrService - ok 12:10:04.0008 2396 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 12:10:04.0023 2396 AppID - ok 12:10:04.0086 2396 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 12:10:04.0086 2396 arc - ok 12:10:04.0101 2396 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 12:10:04.0101 2396 arcsas - ok 12:10:04.0148 2396 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys 12:10:04.0148 2396 aswFsBlk - ok 12:10:04.0195 2396 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys 12:10:04.0195 2396 aswMonFlt - ok 12:10:04.0242 2396 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys 12:10:04.0242 2396 aswRdr - ok 12:10:04.0273 2396 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys 12:10:04.0288 2396 aswSnx - ok 12:10:04.0335 2396 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys 12:10:04.0351 2396 aswSP - ok 12:10:04.0382 2396 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys 12:10:04.0382 2396 aswTdi - ok 12:10:04.0413 2396 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 12:10:04.0413 2396 AsyncMac - ok 12:10:04.0460 2396 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 12:10:04.0460 2396 atapi - ok 12:10:04.0507 2396 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys 12:10:04.0507 2396 AtiHdmiService - ok 12:10:04.0600 2396 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 12:10:04.0600 2396 b06bdrv - ok 12:10:04.0632 2396 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 12:10:04.0647 2396 b57nd60a - ok 12:10:04.0756 2396 BCM43XX (fde8c8dc07e75347e4c6b455a0964217) C:\Windows\system32\DRIVERS\bcmwl664.sys 12:10:04.0788 2396 BCM43XX - ok 12:10:04.0819 2396 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 12:10:04.0819 2396 Beep - ok 12:10:04.0850 2396 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 12:10:04.0850 2396 blbdrive - ok 12:10:04.0881 2396 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 12:10:04.0881 2396 bowser - ok 12:10:04.0897 2396 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 12:10:04.0897 2396 BrFiltLo - ok 12:10:04.0912 2396 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 12:10:04.0912 2396 BrFiltUp - ok 12:10:04.0928 2396 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 12:10:04.0928 2396 BridgeMP - ok 12:10:04.0944 2396 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 12:10:04.0959 2396 Brserid - ok 12:10:04.0975 2396 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 12:10:04.0975 2396 BrSerWdm - ok 12:10:04.0975 2396 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 12:10:04.0990 2396 BrUsbMdm - ok 12:10:04.0990 2396 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 12:10:04.0990 2396 BrUsbSer - ok 12:10:05.0022 2396 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 12:10:05.0022 2396 BTHMODEM - ok 12:10:05.0037 2396 catchme - ok 12:10:05.0053 2396 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 12:10:05.0053 2396 cdfs - ok 12:10:05.0084 2396 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 12:10:05.0084 2396 cdrom - ok 12:10:05.0115 2396 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 12:10:05.0115 2396 circlass - ok 12:10:05.0178 2396 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 12:10:05.0178 2396 CLFS - ok 12:10:05.0224 2396 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 12:10:05.0224 2396 CmBatt - ok 12:10:05.0271 2396 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 12:10:05.0271 2396 cmdide - ok 12:10:05.0334 2396 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 12:10:05.0349 2396 CNG - ok 12:10:05.0380 2396 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 12:10:05.0380 2396 Compbatt - ok 12:10:05.0412 2396 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 12:10:05.0412 2396 CompositeBus - ok 12:10:05.0443 2396 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 12:10:05.0443 2396 crcdisk - ok 12:10:05.0490 2396 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 12:10:05.0505 2396 DfsC - ok 12:10:05.0521 2396 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 12:10:05.0521 2396 discache - ok 12:10:05.0536 2396 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 12:10:05.0536 2396 Disk - ok 12:10:05.0568 2396 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 12:10:05.0568 2396 drmkaud - ok 12:10:05.0630 2396 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 12:10:05.0646 2396 DXGKrnl - ok 12:10:05.0755 2396 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 12:10:05.0802 2396 ebdrv - ok 12:10:05.0848 2396 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 12:10:05.0864 2396 elxstor - ok 12:10:05.0895 2396 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 12:10:05.0895 2396 ErrDev - ok 12:10:05.0942 2396 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 12:10:05.0942 2396 exfat - ok 12:10:05.0958 2396 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 12:10:05.0973 2396 fastfat - ok 12:10:05.0973 2396 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 12:10:05.0989 2396 fdc - ok 12:10:06.0004 2396 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 12:10:06.0004 2396 FileInfo - ok 12:10:06.0020 2396 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 12:10:06.0020 2396 Filetrace - ok 12:10:06.0036 2396 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 12:10:06.0036 2396 flpydisk - ok 12:10:06.0082 2396 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 12:10:06.0082 2396 FltMgr - ok 12:10:06.0129 2396 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 12:10:06.0129 2396 FsDepends - ok 12:10:06.0145 2396 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 12:10:06.0145 2396 Fs_Rec - ok 12:10:06.0192 2396 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 12:10:06.0192 2396 fvevol - ok 12:10:06.0238 2396 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 12:10:06.0238 2396 gagp30kx - ok 12:10:06.0254 2396 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 12:10:06.0254 2396 hcw85cir - ok 12:10:06.0316 2396 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 12:10:06.0316 2396 HdAudAddService - ok 12:10:06.0363 2396 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 12:10:06.0363 2396 HDAudBus - ok 12:10:06.0379 2396 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 12:10:06.0379 2396 HECIx64 - ok 12:10:06.0410 2396 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 12:10:06.0410 2396 HidBatt - ok 12:10:06.0426 2396 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 12:10:06.0426 2396 HidBth - ok 12:10:06.0441 2396 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 12:10:06.0441 2396 HidIr - ok 12:10:06.0488 2396 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 12:10:06.0488 2396 HidUsb - ok 12:10:06.0519 2396 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 12:10:06.0535 2396 HpSAMD - ok 12:10:06.0582 2396 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 12:10:06.0582 2396 HTTP - ok 12:10:06.0628 2396 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 12:10:06.0628 2396 hwpolicy - ok 12:10:06.0675 2396 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 12:10:06.0675 2396 i8042prt - ok 12:10:06.0738 2396 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys 12:10:06.0738 2396 iaStor - ok 12:10:06.0784 2396 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 12:10:06.0784 2396 iaStorV - ok 12:10:06.0972 2396 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys 12:10:07.0034 2396 igfx - ok 12:10:07.0050 2396 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 12:10:07.0050 2396 iirsp - ok 12:10:07.0159 2396 IntcAzAudAddService (53019327813ff5ab2964b33b2c61307c) C:\Windows\system32\drivers\RTKVHD64.sys 12:10:07.0174 2396 IntcAzAudAddService - ok 12:10:07.0237 2396 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 12:10:07.0237 2396 intelide - ok 12:10:07.0268 2396 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 12:10:07.0268 2396 intelppm - ok 12:10:07.0315 2396 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 12:10:07.0315 2396 IpFilterDriver - ok 12:10:07.0362 2396 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 12:10:07.0362 2396 IPMIDRV - ok 12:10:07.0393 2396 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 12:10:07.0393 2396 IPNAT - ok 12:10:07.0408 2396 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 12:10:07.0408 2396 IRENUM - ok 12:10:07.0440 2396 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 12:10:07.0440 2396 isapnp - ok 12:10:07.0502 2396 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 12:10:07.0502 2396 iScsiPrt - ok 12:10:07.0533 2396 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys 12:10:07.0533 2396 k57nd60a - ok 12:10:07.0580 2396 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 12:10:07.0580 2396 kbdclass - ok 12:10:07.0627 2396 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 12:10:07.0627 2396 kbdhid - ok 12:10:07.0674 2396 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 12:10:07.0674 2396 KSecDD - ok 12:10:07.0720 2396 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 12:10:07.0720 2396 KSecPkg - ok 12:10:07.0752 2396 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 12:10:07.0752 2396 ksthunk - ok 12:10:07.0767 2396 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys 12:10:07.0767 2396 L1E - ok 12:10:07.0798 2396 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 12:10:07.0798 2396 lltdio - ok 12:10:07.0830 2396 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 12:10:07.0830 2396 LSI_FC - ok 12:10:07.0845 2396 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 12:10:07.0845 2396 LSI_SAS - ok 12:10:07.0861 2396 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 12:10:07.0861 2396 LSI_SAS2 - ok 12:10:07.0876 2396 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 12:10:07.0876 2396 LSI_SCSI - ok 12:10:07.0908 2396 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 12:10:07.0908 2396 luafv - ok 12:10:07.0923 2396 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 12:10:07.0923 2396 megasas - ok 12:10:07.0939 2396 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 12:10:07.0954 2396 MegaSR - ok 12:10:07.0970 2396 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 12:10:07.0986 2396 Modem - ok 12:10:08.0001 2396 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 12:10:08.0001 2396 monitor - ok 12:10:08.0048 2396 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 12:10:08.0048 2396 mouclass - ok 12:10:08.0064 2396 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 12:10:08.0064 2396 mouhid - ok 12:10:08.0110 2396 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 12:10:08.0110 2396 mountmgr - ok 12:10:08.0157 2396 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 12:10:08.0157 2396 mpio - ok 12:10:08.0188 2396 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 12:10:08.0204 2396 mpsdrv - ok 12:10:08.0235 2396 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 12:10:08.0235 2396 MRxDAV - ok 12:10:08.0298 2396 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 12:10:08.0298 2396 mrxsmb - ok 12:10:08.0360 2396 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 12:10:08.0360 2396 mrxsmb10 - ok 12:10:08.0391 2396 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 12:10:08.0407 2396 mrxsmb20 - ok 12:10:08.0422 2396 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\DRIVERS\msahci.sys 12:10:08.0438 2396 msahci - ok 12:10:08.0469 2396 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 12:10:08.0485 2396 msdsm - ok 12:10:08.0532 2396 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 12:10:08.0532 2396 Msfs - ok 12:10:08.0547 2396 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 12:10:08.0547 2396 mshidkmdf - ok 12:10:08.0578 2396 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 12:10:08.0578 2396 msisadrv - ok 12:10:08.0594 2396 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 12:10:08.0594 2396 MSKSSRV - ok 12:10:08.0610 2396 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 12:10:08.0610 2396 MSPCLOCK - ok 12:10:08.0625 2396 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 12:10:08.0625 2396 MSPQM - ok 12:10:08.0672 2396 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 12:10:08.0672 2396 MsRPC - ok 12:10:08.0703 2396 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 12:10:08.0719 2396 mssmbios - ok 12:10:08.0750 2396 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 12:10:08.0750 2396 MSTEE - ok 12:10:08.0766 2396 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 12:10:08.0766 2396 MTConfig - ok 12:10:08.0781 2396 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 12:10:08.0781 2396 Mup - ok 12:10:08.0812 2396 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 12:10:08.0812 2396 mwlPSDFilter - ok 12:10:08.0828 2396 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 12:10:08.0828 2396 mwlPSDNServ - ok 12:10:08.0844 2396 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 12:10:08.0844 2396 mwlPSDVDisk - ok 12:10:08.0875 2396 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 12:10:08.0890 2396 NativeWifiP - ok 12:10:08.0937 2396 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 12:10:08.0953 2396 NDIS - ok 12:10:08.0984 2396 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 12:10:08.0984 2396 NdisCap - ok 12:10:09.0000 2396 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 12:10:09.0000 2396 NdisTapi - ok 12:10:09.0031 2396 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 12:10:09.0031 2396 Ndisuio - ok 12:10:09.0078 2396 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 12:10:09.0078 2396 NdisWan - ok 12:10:09.0124 2396 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 12:10:09.0124 2396 NDProxy - ok 12:10:09.0156 2396 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 12:10:09.0156 2396 NetBIOS - ok 12:10:09.0202 2396 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 12:10:09.0202 2396 NetBT - ok 12:10:09.0249 2396 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 12:10:09.0265 2396 nfrd960 - ok 12:10:09.0280 2396 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 12:10:09.0280 2396 Npfs - ok 12:10:09.0296 2396 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 12:10:09.0296 2396 nsiproxy - ok 12:10:09.0390 2396 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 12:10:09.0421 2396 Ntfs - ok 12:10:09.0468 2396 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys 12:10:09.0468 2396 NTIDrvr - ok 12:10:09.0499 2396 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 12:10:09.0499 2396 Null - ok 12:10:09.0530 2396 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 12:10:09.0546 2396 nvraid - ok 12:10:09.0561 2396 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 12:10:09.0561 2396 nvstor - ok 12:10:09.0608 2396 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 12:10:09.0608 2396 nv_agp - ok 12:10:09.0670 2396 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 12:10:09.0670 2396 ohci1394 - ok 12:10:09.0717 2396 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 12:10:09.0717 2396 Parport - ok 12:10:09.0764 2396 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 12:10:09.0764 2396 partmgr - ok 12:10:09.0811 2396 pccsmcfd (81b5e63131090879ad6ef9f32109b88d) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 12:10:09.0826 2396 pccsmcfd - ok 12:10:09.0873 2396 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 12:10:09.0873 2396 pci - ok 12:10:09.0920 2396 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 12:10:09.0920 2396 pciide - ok 12:10:09.0967 2396 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 12:10:09.0967 2396 pcmcia - ok 12:10:09.0982 2396 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 12:10:09.0982 2396 pcw - ok 12:10:10.0014 2396 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 12:10:10.0014 2396 PEAUTH - ok 12:10:10.0107 2396 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 12:10:10.0107 2396 PptpMiniport - ok 12:10:10.0138 2396 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 12:10:10.0138 2396 Processor - ok 12:10:10.0185 2396 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 12:10:10.0201 2396 Psched - ok 12:10:10.0263 2396 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 12:10:10.0294 2396 ql2300 - ok 12:10:10.0294 2396 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 12:10:10.0310 2396 ql40xx - ok 12:10:10.0326 2396 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 12:10:10.0326 2396 QWAVEdrv - ok 12:10:10.0341 2396 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 12:10:10.0341 2396 RasAcd - ok 12:10:10.0372 2396 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 12:10:10.0372 2396 RasAgileVpn - ok 12:10:10.0419 2396 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 12:10:10.0419 2396 Rasl2tp - ok 12:10:10.0450 2396 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 12:10:10.0450 2396 RasPppoe - ok 12:10:10.0466 2396 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 12:10:10.0466 2396 RasSstp - ok 12:10:10.0513 2396 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 12:10:10.0513 2396 rdbss - ok 12:10:10.0560 2396 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 12:10:10.0560 2396 rdpbus - ok 12:10:10.0575 2396 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 12:10:10.0575 2396 RDPCDD - ok 12:10:10.0591 2396 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 12:10:10.0591 2396 RDPENCDD - ok 12:10:10.0606 2396 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 12:10:10.0606 2396 RDPREFMP - ok 12:10:10.0653 2396 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 12:10:10.0653 2396 RDPWD - ok 12:10:10.0700 2396 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 12:10:10.0700 2396 rdyboost - ok 12:10:10.0762 2396 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 12:10:10.0762 2396 rspndr - ok 12:10:10.0794 2396 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 12:10:10.0794 2396 sbp2port - ok 12:10:10.0825 2396 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 12:10:10.0840 2396 scfilter - ok 12:10:10.0872 2396 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 12:10:10.0872 2396 secdrv - ok 12:10:10.0903 2396 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 12:10:10.0903 2396 Serenum - ok 12:10:10.0918 2396 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 12:10:10.0918 2396 Serial - ok 12:10:10.0965 2396 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 12:10:10.0965 2396 sermouse - ok 12:10:11.0028 2396 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 12:10:11.0028 2396 sffdisk - ok 12:10:11.0059 2396 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 12:10:11.0059 2396 sffp_mmc - ok 12:10:11.0074 2396 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 12:10:11.0090 2396 sffp_sd - ok 12:10:11.0121 2396 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 12:10:11.0121 2396 sfloppy - ok 12:10:11.0137 2396 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 12:10:11.0152 2396 SiSRaid2 - ok 12:10:11.0152 2396 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 12:10:11.0168 2396 SiSRaid4 - ok 12:10:11.0168 2396 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 12:10:11.0184 2396 Smb - ok 12:10:11.0199 2396 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 12:10:11.0199 2396 spldr - ok 12:10:11.0277 2396 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 12:10:11.0277 2396 srv - ok 12:10:11.0340 2396 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 12:10:11.0340 2396 srv2 - ok 12:10:11.0371 2396 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 12:10:11.0371 2396 srvnet - ok 12:10:11.0418 2396 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 12:10:11.0418 2396 stexstor - ok 12:10:11.0480 2396 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 12:10:11.0480 2396 swenum - ok 12:10:11.0589 2396 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 12:10:11.0605 2396 Tcpip - ok 12:10:11.0683 2396 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 12:10:11.0714 2396 TCPIP6 - ok 12:10:11.0761 2396 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 12:10:11.0761 2396 tcpipreg - ok 12:10:11.0792 2396 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 12:10:11.0792 2396 TDPIPE - ok 12:10:11.0808 2396 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 12:10:11.0808 2396 TDTCP - ok 12:10:11.0870 2396 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 12:10:11.0870 2396 tdx - ok 12:10:11.0917 2396 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 12:10:11.0917 2396 TermDD - ok 12:10:11.0932 2396 TFsExDisk - ok 12:10:12.0010 2396 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 12:10:12.0010 2396 tssecsrv - ok 12:10:12.0042 2396 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 12:10:12.0057 2396 TsUsbFlt - ok 12:10:12.0088 2396 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 12:10:12.0088 2396 tunnel - ok 12:10:12.0135 2396 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 12:10:12.0135 2396 uagp35 - ok 12:10:12.0166 2396 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys 12:10:12.0166 2396 UBHelper - ok 12:10:12.0213 2396 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 12:10:12.0213 2396 udfs - ok 12:10:12.0276 2396 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 12:10:12.0276 2396 uliagpkx - ok 12:10:12.0322 2396 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 12:10:12.0322 2396 umbus - ok 12:10:12.0354 2396 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 12:10:12.0354 2396 UmPass - ok 12:10:12.0400 2396 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 12:10:12.0400 2396 usbccgp - ok 12:10:12.0447 2396 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 12:10:12.0447 2396 usbcir - ok 12:10:12.0478 2396 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 12:10:12.0478 2396 usbehci - ok 12:10:12.0541 2396 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 12:10:12.0541 2396 usbhub - ok 12:10:12.0572 2396 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 12:10:12.0572 2396 usbohci - ok 12:10:12.0603 2396 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 12:10:12.0603 2396 usbprint - ok 12:10:12.0650 2396 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 12:10:12.0650 2396 USBSTOR - ok 12:10:12.0681 2396 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 12:10:12.0681 2396 usbuhci - ok 12:10:12.0728 2396 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 12:10:12.0728 2396 usbvideo - ok 12:10:12.0775 2396 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 12:10:12.0775 2396 vdrvroot - ok 12:10:12.0822 2396 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 12:10:12.0822 2396 vga - ok 12:10:12.0837 2396 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 12:10:12.0837 2396 VgaSave - ok 12:10:12.0868 2396 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 12:10:12.0884 2396 vhdmp - ok 12:10:12.0915 2396 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 12:10:12.0915 2396 viaide - ok 12:10:12.0946 2396 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 12:10:12.0946 2396 volmgr - ok 12:10:12.0993 2396 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 12:10:12.0993 2396 volmgrx - ok 12:10:13.0040 2396 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 12:10:13.0040 2396 volsnap - ok 12:10:13.0071 2396 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 12:10:13.0071 2396 vsmraid - ok 12:10:13.0087 2396 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 12:10:13.0102 2396 vwifibus - ok 12:10:13.0118 2396 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 12:10:13.0118 2396 vwififlt - ok 12:10:13.0134 2396 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 12:10:13.0134 2396 vwifimp - ok 12:10:13.0149 2396 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 12:10:13.0149 2396 WacomPen - ok 12:10:13.0180 2396 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 12:10:13.0196 2396 WANARP - ok 12:10:13.0196 2396 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 12:10:13.0196 2396 Wanarpv6 - ok 12:10:13.0227 2396 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 12:10:13.0227 2396 Wd - ok 12:10:13.0258 2396 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 12:10:13.0258 2396 Wdf01000 - ok 12:10:13.0290 2396 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 12:10:13.0290 2396 WfpLwf - ok 12:10:13.0305 2396 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 12:10:13.0305 2396 WIMMount - ok 12:10:13.0368 2396 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 12:10:13.0368 2396 WinUsb - ok 12:10:13.0414 2396 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 12:10:13.0414 2396 WmiAcpi - ok 12:10:13.0477 2396 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 12:10:13.0477 2396 ws2ifsl - ok 12:10:13.0539 2396 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 12:10:13.0539 2396 WudfPf - ok 12:10:13.0555 2396 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 12:10:13.0555 2396 WUDFRd - ok 12:10:13.0602 2396 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 12:10:13.0664 2396 \Device\Harddisk0\DR0 - ok 12:10:13.0664 2396 Boot (0x1200) (d6112fdf5cea1ab7be6c032e4a377fd4) \Device\Harddisk0\DR0\Partition0 12:10:13.0664 2396 \Device\Harddisk0\DR0\Partition0 - ok 12:10:13.0680 2396 Boot (0x1200) (ba513c544e4cc98b5b1b026da215884d) \Device\Harddisk0\DR0\Partition1 12:10:13.0680 2396 \Device\Harddisk0\DR0\Partition1 - ok 12:10:13.0680 2396 ============================================================ 12:10:13.0680 2396 Scan finished 12:10:13.0680 2396 ============================================================ 12:10:13.0695 4164 Detected object count: 0 12:10:13.0695 4164 Actual detected object count: 0
- 23 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

ik krijg dezelfde foutmelding als ik hijack log wil maken zoals de printscreen die ik hier had geplaatst
- 22 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

ik heb nu alle programma's verwijdert en logs dus zullen we van 0 beginnen??
- 22 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

dat meen je niet kan ik me laptop ook helemaal resetten ??
- 22 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

dit is Combofix.txt ComboFix 12-01-21.02 - Manuela 22-01-2012 14:31:52.2.2 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3956.2605 [GMT 1:00] Gestart vanuit: c:\users\Manuela\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-22 to 2012-01-22 )))))))))))))))))))))))))))))) . . 2012-01-22 13:39 . 2012-01-22 13:39 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-21 20:41 . 2012-01-21 20:41 -------- d-----w- C:\rsit 2012-01-21 20:14 . 2012-01-21 20:41 -------- d-----w- c:\program files (x86)\Trend Micro 2012-01-21 20:14 . 2012-01-21 20:14 388096 ----a-r- c:\users\Manuela\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\users\Manuela\AppData\Roaming\Malwarebytes 2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\programdata\Malwarebytes 2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-01-21 14:34 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\MSN Toolbar 2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\Bing Bar Installer 2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\programdata\HP Photo Creations 2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\program files (x86)\HP Photo Creations 2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\users\Manuela\AppData\Roaming\HpUpdate 2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\programdata\HP 2012-01-21 14:06 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\HP 2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\program files\HP 2012-01-21 14:05 . 2012-01-21 14:05 -------- d-----w- c:\users\Manuela\AppData\Local\HP 2012-01-20 18:19 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4096987-0472-4514-A490-B47187953B58}\mpengine.dll 2012-01-14 13:13 . 2012-01-14 13:13 -------- d-----w- c:\users\Manuela\AppData\Local\ElevatedDiagnostics 2012-01-14 13:10 . 2012-01-14 13:10 -------- d-----w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} 2012-01-14 13:07 . 2012-01-14 13:07 -------- d-----w- c:\users\Manuela\AppData\Local\PackageAware 2012-01-13 16:42 . 2012-01-13 16:42 -------- d-----w- c:\users\Manuela\AppData\Roaming\Need for Speed World 2012-01-13 15:56 . 2012-01-13 15:56 -------- d-----w- c:\users\Manuela\AppData\Local\Electronic_Arts_Inc 2012-01-13 15:54 . 2007-03-15 15:57 506728 ----a-w- c:\windows\system32\d3dx10_33.dll 2012-01-13 15:49 . 2012-01-13 15:53 -------- d--h--w- c:\windows\msdownld.tmp 2012-01-13 14:42 . 2012-01-13 14:42 237 ----a-w- C:\user.js 2012-01-13 14:42 . 2012-01-13 14:48 -------- d-----w- c:\program files (x86)\BrowserCompanion 2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\users\Manuela\AppData\Local\Babylon 2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\users\Manuela\AppData\Roaming\Babylon 2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\programdata\Babylon 2012-01-13 14:39 . 2012-01-13 14:39 -------- d-----w- c:\programdata\Premium 2012-01-13 14:38 . 2012-01-13 14:39 -------- d-----w- c:\programdata\InstallMate 2012-01-12 20:25 . 2012-01-14 12:10 -------- d-----w- c:\programdata\tmp 2012-01-12 20:25 . 2012-01-12 20:25 -------- d-----w- c:\programdata\hps 2012-01-12 20:20 . 2012-01-20 22:20 -------- d-----w- c:\program files (x86)\Fotoservice 2012-01-12 19:18 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll 2012-01-12 19:18 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-01-12 19:18 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll 2012-01-12 19:18 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-01-12 19:18 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll 2012-01-12 19:18 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll 2012-01-12 19:18 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll 2012-01-12 19:18 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll 2011-12-23 19:41 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-23 19:39 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys 2011-12-23 19:39 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll 2011-12-23 19:39 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll 2011-12-23 19:39 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll 2011-12-23 19:39 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-28 18:01 . 2011-03-30 20:09 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2011-03-30 20:09 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-11-28 18:01 . 2011-03-30 19:51 256960 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:54 . 2011-07-09 11:48 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2011-03-30 20:09 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2011-03-30 20:09 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2011-03-30 20:09 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2011-03-30 20:09 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-11-28 17:51 . 2011-03-30 20:09 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-15 13:29 . 2011-02-24 20:18 270720 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((( SnapShot@2012-01-22_12.11.55 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-01-22 12:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-01-22 13:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-01-22 13:40 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-01-22 12:09 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-01-22 12:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-01-22 13:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-02-12 16:09 . 2012-01-22 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-02-12 16:09 . 2012-01-22 14:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-02-12 16:09 . 2012-01-22 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-02-12 16:09 . 2012-01-22 14:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2012-01-22 12:09 . 2012-01-22 12:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-01-22 13:40 . 2012-01-22 13:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-01-22 12:09 . 2012-01-22 12:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-01-22 13:40 . 2012-01-22 13:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-02-12 16:44 . 2012-01-22 14:19 232744 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2009-07-14 05:01 . 2012-01-22 13:40 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2012-01-22 12:08 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2011-07-08 102400] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696] "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264] "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512] "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Browser companion helper"="c:\program files (x86)\BrowserCompanion\BCHelper.exe" [2011-12-16 187696] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x] R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520] R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2012-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job - c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12] . 2012-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job - c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12] . 2012-01-22 c:\windows\Tasks\HP Photo Creations Communicator.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2012-01-21 14:29] . 2012-01-21 c:\windows\Tasks\hpwebreg_xxxxxxxxxx.job - c:\program files\HP\HP Deskjet 2050 J510 series\Bin\hpwebreg.exe [2010-11-16 20:29] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584] "mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-11 9643552] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-04-23 861216] . ------- Bijkomende Scan ------- . uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&affID=101241&mntrId=a43664880000000000005cac4c691c22 uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_7741&r=27360211j306l04e8z1k5t4711p893 mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe . ************************************************************************** . Voltooingstijd: 2012-01-22 15:27:19 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-22 14:27 ComboFix2.txt 2012-01-22 12:23 . Pre-Run: 435.269.664.768 bytes beschikbaar Post-Run: 434.957.684.736 bytes beschikbaar . - - End Of File - - 9B9142C95897DA7AB7C4A08A0073A7E3 dit is nieuw logje van RSIT Logfile of random's system information tool 1.09 (written by random/random) Run by Manuela at 2012-01-22 15:33:08 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 415 GB (90%) free of 463 GB Total RAM: 3956 MB (66% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:33:47, on 22-1-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Users\Manuela\Downloads\RSIT.exe C:\Program Files (x86)\trend micro\Manuela.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10957 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job C:\Windows\tasks\HP Photo Creations Communicator.job C:\Windows\tasks\hpwebreg_xxxxxxxxxx.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24 612616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24 612616] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608] "SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-02-01 337264] "EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512] "EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2009-12-25 401192] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-05 283160] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696] "Browser companion helper"=C:\Program Files (x86)\BrowserCompanion\BCHelper.exe [2011-12-16 187696] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208] "Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584] "AutoStartNPSAgent"=C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2011-07-08 102400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2010-11-20 229376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "msacm.siren"=sirenacm.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2012-01-22 15:29:07 ----SHD---- C:\$RECYCLE.BIN 2012-01-22 15:27:22 ----A---- C:\ComboFix.txt 2012-01-22 12:57:11 ----A---- C:\Windows\zip.exe 2012-01-22 12:57:11 ----A---- C:\Windows\SWSC.exe 2012-01-22 12:57:11 ----A---- C:\Windows\SWREG.exe 2012-01-22 12:57:11 ----A---- C:\Windows\sed.exe 2012-01-22 12:57:11 ----A---- C:\Windows\PEV.exe 2012-01-22 12:57:11 ----A---- C:\Windows\NIRCMD.exe 2012-01-22 12:57:11 ----A---- C:\Windows\MBR.exe 2012-01-22 12:57:11 ----A---- C:\Windows\grep.exe 2012-01-22 12:57:02 ----D---- C:\Windows\ERDNT 2012-01-22 12:56:56 ----D---- C:\Qoobox 2012-01-21 21:41:39 ----D---- C:\rsit 2012-01-21 21:14:01 ----D---- C:\Program Files (x86)\Trend Micro 2012-01-21 15:34:54 ----D---- C:\Users\Manuela\AppData\Roaming\Malwarebytes 2012-01-21 15:34:49 ----D---- C:\ProgramData\Malwarebytes 2012-01-21 15:34:47 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-01-21 15:07:34 ----D---- C:\Program Files (x86)\MSN Toolbar 2012-01-21 15:07:25 ----D---- C:\Program Files (x86)\Bing Bar Installer 2012-01-21 15:07:22 ----D---- C:\ProgramData\HP Photo Creations 2012-01-21 15:07:22 ----D---- C:\Program Files (x86)\HP Photo Creations 2012-01-21 15:07:10 ----D---- C:\Users\Manuela\AppData\Roaming\HpUpdate 2012-01-21 15:06:55 ----D---- C:\ProgramData\HP 2012-01-21 15:06:32 ----D---- C:\Program Files (x86)\HP 2012-01-14 14:10:36 ----D---- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} 2012-01-13 17:42:40 ----D---- C:\Users\Manuela\AppData\Roaming\Need for Speed World 2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll 2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll 2012-01-13 16:55:43 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll 2012-01-13 16:55:42 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll 2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll 2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll 2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll 2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll 2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll 2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll 2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll 2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll 2012-01-13 16:55:37 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll 2012-01-13 16:55:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll 2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll 2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll 2012-01-13 16:55:30 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll 2012-01-13 16:55:28 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll 2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll 2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll 2012-01-13 16:55:25 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll 2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll 2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll 2012-01-13 16:55:22 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll 2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll 2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll 2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll 2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll 2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll 2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll 2012-01-13 16:55:19 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll 2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll 2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll 2012-01-13 16:55:17 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll 2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll 2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll 2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll 2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll 2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll 2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll 2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll 2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll 2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll 2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll 2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll 2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll 2012-01-13 16:55:10 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll 2012-01-13 16:55:09 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll 2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll 2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll 2012-01-13 16:55:07 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll 2012-01-13 16:55:06 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll 2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll 2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll 2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll 2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll 2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll 2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll 2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll 2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\xinput1_3.dll 2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll 2012-01-13 16:55:00 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll 2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll 2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll 2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll 2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll 2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll 2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\d3dx10.dll 2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll 2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll 2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll 2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xinput1_2.dll 2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll 2012-01-13 16:54:53 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll 2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xinput1_1.dll 2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll 2012-01-13 16:54:42 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll 2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll 2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll 2012-01-13 16:54:37 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll 2012-01-13 16:54:36 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll 2012-01-13 16:54:34 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll 2012-01-13 16:54:33 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll 2012-01-13 16:54:32 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll 2012-01-13 16:54:31 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll 2012-01-13 16:49:04 ----HD---- C:\Windows\msdownld.tmp 2012-01-13 16:49:04 ----D---- C:\Windows\SysWOW64\directx 2012-01-13 15:42:06 ----A---- C:\user.js 2012-01-13 15:42:00 ----D---- C:\Program Files (x86)\BrowserCompanion 2012-01-13 15:41:57 ----D---- C:\Users\Manuela\AppData\Roaming\Babylon 2012-01-13 15:41:57 ----D---- C:\ProgramData\Babylon 2012-01-13 15:39:00 ----D---- C:\ProgramData\Premium 2012-01-13 15:38:58 ----D---- C:\ProgramData\InstallMate 2012-01-12 21:25:51 ----D---- C:\ProgramData\tmp 2012-01-12 21:25:50 ----D---- C:\ProgramData\hps 2012-01-12 21:20:55 ----D---- C:\Program Files (x86)\Fotoservice 2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\quartz.dll 2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\qdvd.dll 2012-01-12 20:18:52 ----A---- C:\Windows\SysWOW64\jscript.dll 2012-01-12 20:18:50 ----A---- C:\Windows\SysWOW64\ntdll.dll 2012-01-12 20:18:48 ----A---- C:\Windows\SysWOW64\packager.dll 2011-12-23 20:40:50 ----A---- C:\Windows\SysWOW64\wininet.dll 2011-12-23 20:40:50 ----A---- C:\Windows\SysWOW64\mshtml.dll 2011-12-23 20:40:48 ----A---- C:\Windows\SysWOW64\ieframe.dll 2011-12-23 20:40:46 ----A---- C:\Windows\SysWOW64\urlmon.dll 2011-12-23 20:40:42 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2011-12-23 20:40:41 ----A---- C:\Windows\SysWOW64\ieui.dll 2011-12-23 20:40:41 ----A---- C:\Windows\SysWOW64\iertutil.dll 2011-12-23 20:40:40 ----A---- C:\Windows\SysWOW64\mshtmled.dll 2011-12-23 20:40:40 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2011-12-23 20:40:39 ----A---- C:\Windows\SysWOW64\url.dll 2011-12-23 20:39:17 ----A---- C:\Windows\SysWOW64\EncDec.dll 2011-12-23 20:39:12 ----A---- C:\Windows\SysWOW64\tzres.dll ======List of files/folders modified in the last 1 month====== 2012-01-22 15:31:39 ----D---- C:\Windows\Temp 2012-01-22 15:30:47 ----A---- C:\Windows\SysWOW64\log.txt 2012-01-22 15:20:13 ----D---- C:\Windows 2012-01-22 15:20:13 ----A---- C:\Windows\system.ini 2012-01-22 14:35:50 ----D---- C:\Windows\SysWOW64\drivers 2012-01-22 14:35:50 ----D---- C:\Windows\SysWOW64 2012-01-22 14:35:50 ----D---- C:\Windows\System32 2012-01-22 14:35:50 ----D---- C:\Windows\AppPatch 2012-01-22 14:35:46 ----D---- C:\Program Files (x86)\Common Files 2012-01-22 13:07:45 ----D---- C:\ProgramData 2012-01-21 21:14:02 ----SHD---- C:\Windows\Installer 2012-01-21 21:14:01 ----SD---- C:\Users\Manuela\AppData\Roaming\Microsoft 2012-01-21 21:14:01 ----RD---- C:\Program Files (x86) 2012-01-21 20:54:31 ----SHD---- C:\System Volume Information 2012-01-21 15:29:55 ----D---- C:\Windows\Tasks 2012-01-21 15:06:49 ----D---- C:\Windows\inf 2012-01-21 15:06:32 ----D---- C:\Windows\twain_32 2012-01-21 15:06:07 ----RD---- C:\Program Files 2012-01-21 12:01:16 ----D---- C:\Windows\Microsoft.NET 2012-01-21 12:01:14 ----RSD---- C:\Windows\assembly 2012-01-21 10:36:44 ----D---- C:\Windows\winsxs 2012-01-21 02:47:11 ----D---- C:\ProgramData\DivX 2012-01-21 02:47:05 ----D---- C:\Program Files (x86)\DivX 2012-01-21 02:47:00 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine 2012-01-21 02:44:58 ----D---- C:\Users\Manuela\AppData\Roaming\DivX 2012-01-13 15:47:12 ----D---- C:\Program Files (x86)\Google 2012-01-13 15:46:44 ----SD---- C:\ProgramData\Microsoft 2012-01-13 15:46:44 ----D---- C:\Program Files (x86)\Microsoft 2012-01-12 22:02:18 ----D---- C:\Windows\ehome 2012-01-12 21:54:15 ----D---- C:\ProgramData\Microsoft Help 2011-12-29 21:47:19 ----D---- C:\Windows\SysWOW64\migration 2011-12-29 21:47:19 ----D---- C:\Program Files (x86)\Internet Explorer 2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\nl-NL 2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\fr-FR 2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\en-US 2011-12-24 01:26:59 ----D---- C:\Program Files (x86)\PokerStars 2011-12-24 00:54:07 ----D---- C:\Program Files (x86)\Common Files\Steam ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [] R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [] R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2011-07-08 16392] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360] R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-03 268824] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] -----------------EOF-----------------
- 22 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

ComboFix 12-01-21.02 - Manuela 22-01-2012 12:59:17.1.2 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3956.2421 [GMT 1:00] Gestart vanuit: c:\users\Manuela\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\FullRemove.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-22 to 2012-01-22 )))))))))))))))))))))))))))))) . . 2012-01-22 12:08 . 2012-01-22 12:08 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-21 20:41 . 2012-01-21 20:41 -------- d-----w- C:\rsit 2012-01-21 20:14 . 2012-01-21 20:41 -------- d-----w- c:\program files (x86)\Trend Micro 2012-01-21 20:14 . 2012-01-21 20:14 388096 ----a-r- c:\users\Manuela\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\users\Manuela\AppData\Roaming\Malwarebytes 2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\programdata\Malwarebytes 2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-01-21 14:34 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\MSN Toolbar 2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\Bing Bar Installer 2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\programdata\HP Photo Creations 2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\program files (x86)\HP Photo Creations 2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\users\Manuela\AppData\Roaming\HpUpdate 2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\programdata\HP 2012-01-21 14:06 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\HP 2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\program files\HP 2012-01-21 14:05 . 2012-01-21 14:05 -------- d-----w- c:\users\Manuela\AppData\Local\HP 2012-01-20 18:19 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4096987-0472-4514-A490-B47187953B58}\mpengine.dll 2012-01-14 13:13 . 2012-01-14 13:13 -------- d-----w- c:\users\Manuela\AppData\Local\ElevatedDiagnostics 2012-01-14 13:10 . 2012-01-14 13:10 -------- d-----w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} 2012-01-14 13:07 . 2012-01-14 13:07 -------- d-----w- c:\users\Manuela\AppData\Local\PackageAware 2012-01-13 16:42 . 2012-01-13 16:42 -------- d-----w- c:\users\Manuela\AppData\Roaming\Need for Speed World 2012-01-13 15:56 . 2012-01-13 15:56 -------- d-----w- c:\users\Manuela\AppData\Local\Electronic_Arts_Inc 2012-01-13 15:54 . 2007-03-15 15:57 506728 ----a-w- c:\windows\system32\d3dx10_33.dll 2012-01-13 15:49 . 2012-01-13 15:53 -------- d--h--w- c:\windows\msdownld.tmp 2012-01-13 14:42 . 2012-01-13 14:42 237 ----a-w- C:\user.js 2012-01-13 14:42 . 2012-01-13 14:48 -------- d-----w- c:\program files (x86)\BrowserCompanion 2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\users\Manuela\AppData\Local\Babylon 2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\users\Manuela\AppData\Roaming\Babylon 2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\programdata\Babylon 2012-01-13 14:39 . 2012-01-13 14:39 -------- d-----w- c:\programdata\Premium 2012-01-13 14:38 . 2012-01-13 14:39 -------- d-----w- c:\programdata\InstallMate 2012-01-12 20:25 . 2012-01-14 12:10 -------- d-----w- c:\programdata\tmp 2012-01-12 20:25 . 2012-01-12 20:25 -------- d-----w- c:\programdata\hps 2012-01-12 20:20 . 2012-01-20 22:20 -------- d-----w- c:\program files (x86)\Fotoservice 2012-01-12 19:18 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll 2012-01-12 19:18 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-01-12 19:18 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll 2012-01-12 19:18 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-01-12 19:18 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll 2012-01-12 19:18 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll 2012-01-12 19:18 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll 2012-01-12 19:18 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll 2011-12-23 19:41 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-23 19:39 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys 2011-12-23 19:39 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll 2011-12-23 19:39 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll 2011-12-23 19:39 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll 2011-12-23 19:39 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-28 18:01 . 2011-03-30 20:09 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2011-03-30 20:09 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-11-28 18:01 . 2011-03-30 19:51 256960 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:54 . 2011-07-09 11:48 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2011-03-30 20:09 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2011-03-30 20:09 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2011-03-30 20:09 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2011-03-30 20:09 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-11-28 17:51 . 2011-03-30 20:09 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-15 13:29 . 2011-02-24 20:18 270720 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2011-07-08 102400] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696] "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264] "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512] "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Browser companion helper"="c:\program files (x86)\BrowserCompanion\BCHelper.exe" [2011-12-16 187696] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x] R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520] R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job - c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12] . 2012-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job - c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12] . 2012-01-22 c:\windows\Tasks\HP Photo Creations Communicator.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2012-01-21 14:29] . 2012-01-21 c:\windows\Tasks\hpwebreg_xxxxxxxxxx.job - c:\program files\HP\HP Deskjet 2050 J510 series\Bin\hpwebreg.exe [2010-11-16 20:29] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584] "mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-11 9643552] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-04-23 861216] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Bijkomende Scan ------- . uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&affID=101241&mntrId=a43664880000000000005cac4c691c22 uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_7741&r=27360211j306l04e8z1k5t4711p893 mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-NPSStartup - (no file) Toolbar-Locked - (no file) WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe AddRemove-{3E29EE6C-963A-4aae-86C1-DC237C4A49FC} - c:\program files (x86)\Intel\Intel® Rapid Storage Technology\Uninstall\setup.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe . ************************************************************************** . Voltooingstijd: 2012-01-22 13:23:09 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-22 12:23 . Pre-Run: 435.029.532.672 bytes beschikbaar Post-Run: 435.219.738.624 bytes beschikbaar . - - End Of File - - 21C5C13E0F883D8C4B9CA22096AA9153
- 22 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

dit is log Logfile of random's system information tool 1.09 (written by random/random)Run by Manuela at 2012-01-21 21:41:39 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 414 GB (89%) free of 463 GB Total RAM: 3956 MB (53% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:41:44, on 21-1-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Users\Manuela\Downloads\RSIT.exe C:\Program Files (x86)\trend micro\Manuela.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12297 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job C:\Windows\tasks\HP Photo Creations Communicator.job C:\Windows\tasks\hpwebreg_xxxxxxxxxx.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24 612616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24 612616] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608] "SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-02-01 337264] "EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512] "EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2009-12-25 401192] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-05 283160] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-11-28 3744552] "NPSStartup"= [] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696] "Browser companion helper"=C:\Program Files (x86)\BrowserCompanion\BCHelper.exe [2011-12-16 187696] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208] ""= [] "Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2011-04-10 3872080] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584] "AutoStartNPSAgent"=C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2011-07-08 102400] "Google Update"=C:\Users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 136176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "msacm.siren"=sirenacm.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-01-21 21:41:39 ----D---- C:\rsit 2012-01-21 21:14:01 ----D---- C:\Program Files (x86)\Trend Micro 2012-01-21 15:34:54 ----D---- C:\Users\Manuela\AppData\Roaming\Malwarebytes 2012-01-21 15:34:49 ----D---- C:\ProgramData\Malwarebytes 2012-01-21 15:34:47 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-01-21 15:07:34 ----D---- C:\Program Files (x86)\MSN Toolbar 2012-01-21 15:07:25 ----D---- C:\Program Files (x86)\Bing Bar Installer 2012-01-21 15:07:22 ----D---- C:\ProgramData\HP Photo Creations 2012-01-21 15:07:22 ----D---- C:\Program Files (x86)\HP Photo Creations 2012-01-21 15:07:10 ----D---- C:\Users\Manuela\AppData\Roaming\HpUpdate 2012-01-21 15:06:55 ----D---- C:\ProgramData\HP 2012-01-21 15:06:32 ----D---- C:\Program Files (x86)\HP 2012-01-14 14:10:36 ----D---- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} 2012-01-13 17:42:40 ----D---- C:\Users\Manuela\AppData\Roaming\Need for Speed World 2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll 2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll 2012-01-13 16:55:43 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll 2012-01-13 16:55:42 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll 2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll 2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll 2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll 2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll 2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll 2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll 2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll 2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll 2012-01-13 16:55:37 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll 2012-01-13 16:55:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll 2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll 2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll 2012-01-13 16:55:30 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll 2012-01-13 16:55:28 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll 2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll 2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll 2012-01-13 16:55:25 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll 2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll 2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll 2012-01-13 16:55:22 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll 2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll 2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll 2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll 2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll 2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll 2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll 2012-01-13 16:55:19 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll 2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll 2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll 2012-01-13 16:55:17 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll 2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll 2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll 2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll 2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll 2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll 2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll 2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll 2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll 2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll 2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll 2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll 2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll 2012-01-13 16:55:10 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll 2012-01-13 16:55:09 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll 2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll 2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll 2012-01-13 16:55:07 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll 2012-01-13 16:55:06 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll 2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll 2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll 2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll 2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll 2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll 2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll 2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll 2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\xinput1_3.dll 2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll 2012-01-13 16:55:00 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll 2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll 2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll 2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll 2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll 2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll 2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\d3dx10.dll 2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll 2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll 2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll 2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xinput1_2.dll 2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll 2012-01-13 16:54:53 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll 2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xinput1_1.dll 2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll 2012-01-13 16:54:42 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll 2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll 2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll 2012-01-13 16:54:37 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll 2012-01-13 16:54:36 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll 2012-01-13 16:54:34 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll 2012-01-13 16:54:33 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll 2012-01-13 16:54:32 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll 2012-01-13 16:54:31 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll 2012-01-13 16:49:04 ----HD---- C:\Windows\msdownld.tmp 2012-01-13 16:49:04 ----D---- C:\Windows\SysWOW64\directx 2012-01-13 15:42:06 ----A---- C:\user.js 2012-01-13 15:42:00 ----D---- C:\Program Files (x86)\BrowserCompanion 2012-01-13 15:41:57 ----D---- C:\Users\Manuela\AppData\Roaming\Babylon 2012-01-13 15:41:57 ----D---- C:\ProgramData\Babylon 2012-01-13 15:39:00 ----D---- C:\ProgramData\Premium 2012-01-13 15:38:58 ----D---- C:\ProgramData\InstallMate 2012-01-12 21:25:51 ----D---- C:\ProgramData\tmp 2012-01-12 21:25:50 ----D---- C:\ProgramData\hps 2012-01-12 21:20:55 ----D---- C:\Program Files (x86)\Fotoservice 2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\quartz.dll 2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\qdvd.dll 2012-01-12 20:18:52 ----A---- C:\Windows\SysWOW64\jscript.dll 2012-01-12 20:18:50 ----A---- C:\Windows\SysWOW64\ntdll.dll 2012-01-12 20:18:48 ----A---- C:\Windows\SysWOW64\packager.dll 2011-12-23 20:40:50 ----A---- C:\Windows\SysWOW64\wininet.dll 2011-12-23 20:40:50 ----A---- C:\Windows\SysWOW64\mshtml.dll 2011-12-23 20:40:48 ----A---- C:\Windows\SysWOW64\ieframe.dll 2011-12-23 20:40:46 ----A---- C:\Windows\SysWOW64\urlmon.dll 2011-12-23 20:40:42 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2011-12-23 20:40:41 ----A---- C:\Windows\SysWOW64\ieui.dll 2011-12-23 20:40:41 ----A---- C:\Windows\SysWOW64\iertutil.dll 2011-12-23 20:40:40 ----A---- C:\Windows\SysWOW64\mshtmled.dll 2011-12-23 20:40:40 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2011-12-23 20:40:39 ----A---- C:\Windows\SysWOW64\url.dll 2011-12-23 20:39:17 ----A---- C:\Windows\SysWOW64\EncDec.dll 2011-12-23 20:39:12 ----A---- C:\Windows\SysWOW64\tzres.dll ======List of files/folders modified in the last 1 month====== 2012-01-21 21:41:43 ----D---- C:\Windows\Temp 2012-01-21 21:14:02 ----SHD---- C:\Windows\Installer 2012-01-21 21:14:01 ----SD---- C:\Users\Manuela\AppData\Roaming\Microsoft 2012-01-21 21:14:01 ----RD---- C:\Program Files (x86) 2012-01-21 20:54:31 ----SHD---- C:\System Volume Information 2012-01-21 17:40:13 ----A---- C:\Windows\SysWOW64\log.txt 2012-01-21 15:34:49 ----HD---- C:\ProgramData 2012-01-21 15:29:55 ----D---- C:\Windows\Tasks 2012-01-21 15:06:49 ----D---- C:\Windows\inf 2012-01-21 15:06:32 ----D---- C:\Windows\twain_32 2012-01-21 15:06:07 ----RD---- C:\Program Files 2012-01-21 12:01:16 ----D---- C:\Windows\Microsoft.NET 2012-01-21 12:01:14 ----RSD---- C:\Windows\assembly 2012-01-21 10:36:44 ----D---- C:\Windows\winsxs 2012-01-21 02:47:11 ----D---- C:\ProgramData\DivX 2012-01-21 02:47:11 ----D---- C:\Program Files (x86)\Common Files 2012-01-21 02:47:05 ----D---- C:\Program Files (x86)\DivX 2012-01-21 02:47:00 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine 2012-01-21 02:46:53 ----D---- C:\Windows\SysWOW64 2012-01-21 02:44:58 ----D---- C:\Users\Manuela\AppData\Roaming\DivX 2012-01-13 16:55:44 ----D---- C:\Windows\System32 2012-01-13 16:49:04 ----D---- C:\Windows 2012-01-13 15:47:12 ----D---- C:\Program Files (x86)\Google 2012-01-13 15:46:44 ----SD---- C:\ProgramData\Microsoft 2012-01-13 15:46:44 ----D---- C:\Program Files (x86)\Microsoft 2012-01-13 15:31:29 ----D---- C:\Windows\SysWOW64\drivers 2012-01-12 22:02:18 ----D---- C:\Windows\ehome 2012-01-12 21:54:15 ----D---- C:\ProgramData\Microsoft Help 2011-12-29 21:47:19 ----D---- C:\Windows\SysWOW64\migration 2011-12-29 21:47:19 ----D---- C:\Program Files (x86)\Internet Explorer 2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\nl-NL 2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\fr-FR 2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\en-US 2011-12-24 01:26:59 ----D---- C:\Program Files (x86)\PokerStars 2011-12-24 00:54:07 ----D---- C:\Program Files (x86)\Common Files\Steam ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [] R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [] R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2011-07-08 16392] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360] R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-03 268824] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] -----------------EOF----------------- dit is info info.txt logfile of random's system information tool 1.09 2012-01-21 21:41:46 ======Uninstall list====== Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} -->"C:\Program Files (x86)\InstallShield Installation Information\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}\setup.exe" -runfromtemp -l0x0413 -removeonly -->"C:\Program Files (x86)\InstallShield Installation Information\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\setup.exe" -runfromtemp -l0x0409 -removeonly -->C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe Acer Backup Manager-->C:\Program Files (x86)\InstallShield Installation Information\{72B776E5-4530-4C4B-9453-751DF87D9D93}\setup.exe -runfromtemp -l0x0409 Acer Crystal Eye webcam-->MsiExec.exe /I{51F026FA-5146-4232-A8BA-1364740BD053} Acer ePower Management-->"C:\Program Files (x86)\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x413 -removeonly Acer eRecovery Management-->"C:\Program Files (x86)\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x413 -removeonly Acer GameZone Console-->"C:\Program Files (x86)\Acer GameZone\GameConsole\unins000.exe" Acer Registration-->C:\Program Files (x86)\Acer\Registration\Uninstall.exe Acer ScreenSaver-->C:\Program Files (x86)\Acer\Screensaver\Uninstall.exe Acer Updater-->"C:\Program Files (x86)\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\setup.exe" -runfromtemp -l0x413 -removeonly Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40} Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10s_Plugin.exe -maintain plugin Adobe Reader 9.1 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001} Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe" Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}\setup.exe -runfromtemp Amazonia-->"C:\Program Files (x86)\Acer GameZone\Amazonia\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Amazonia\install.log" avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup Backup Manager Basic-->C:\Program Files (x86)\InstallShield Installation Information\{72B776E5-4530-4C4B-9453-751DF87D9D93}\setup.exe -runfromtemp -l0x0409 Bing Bar Platform-->MsiExec.exe /I{623B8278-8CAD-45C1-B844-58B687C07805} Bing Bar-->C:\Program Files (x86)\Bing Bar Installer\InstallManager.exe /UNINSTALL Cake Mania-->"C:\Program Files (x86)\Acer GameZone\Cake Mania\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Cake Mania\install.log" Catalyst Control Center - Branding-->MsiExec.exe /I{4BCBC4D0-1D88-462D-809E-506F34EA11C0} Chicken Invaders 2-->"C:\Program Files (x86)\Acer GameZone\Chicken Invaders 2\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Chicken Invaders 2\install.log" CyberLink PowerDVD 9-->"C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\Setup.exe" /z-uninstall CyberLink PowerDVD 9-->"C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\Setup.exe" /z-uninstall Dairy Dash-->"C:\Program Files (x86)\Acer GameZone\Dairy Dash\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Dairy Dash\install.log" Dream Day First Home-->"C:\Program Files (x86)\Acer GameZone\Dream Day First Home\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Dream Day First Home\install.log" eSobi v2-->C:\Program Files (x86)\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x0409 Farm Frenzy 2-->"C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\install.log" Galapago-->"C:\Program Files (x86)\Acer GameZone\Galapago\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Galapago\install.log" Granny In Paradise-->"C:\Program Files (x86)\Acer GameZone\Granny In Paradise\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Granny In Paradise\install.log" Heroes of Hellas-->"C:\Program Files (x86)\Acer GameZone\Heroes of Hellas\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Heroes of Hellas\install.log" HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} HP Deskjet 2050 J510 series Haelp-->MsiExec.exe /I{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F} HP Photo Creations-->C:\Program Files (x86)\HP Photo Creations\uninst.exe HP Update-->MsiExec.exe /X{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE} Identity Card-->C:\Program Files (x86)\Acer\Identity Card\Uninstall.exe Intel® Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall Intel® Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\Uninstall\setup.exe -uninstall Java 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216024FF} Launch Manager-->C:\Windows\UNINSTLMv4.EXE LMv4.UNI Malwarebytes Anti-Malware versie 1.60.0.1800-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Default Manager-->MsiExec.exe /X{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE} Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE} Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE} Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE} Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE} Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE} Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{928B06E4-DDAA-476A-926A-641620326327} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MyWinLocker Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}\setup.exe" -runfromtemp -l0x0413 -removeonly MyWinLocker Suite-->MsiExec.exe /X{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE} MyWinLocker-->MsiExec.exe /X{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768} NTI Backup Now 5-->C:\Program Files (x86)\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x0409 NTI Media Maker 8-->C:\Program Files (x86)\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x0409 PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930} Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly Samsung New PC Studio-->"C:\Program Files (x86)\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x0413 -removeonly Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A} SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25} Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D} Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263} Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B} Security Update for 2007 Microsoft Office System (KB2553089)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D4CA59-7070-4420-9BCC-0EFA7C5D76BE} Security Update for 2007 Microsoft Office System (KB2553090)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {643C12A2-AF9A-4712-B8BE-3B7650AFE00A} Security Update for 2007 Microsoft Office System (KB2584063)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A} Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09} Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060} Security Update for Microsoft Office Groove 2007 (KB2552997)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A1CBF7D-4704-40BC-B31C-AA761884A3E4} Security Update for Microsoft Office InfoPath 2007 (KB2510061)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5D930261-AA5B-48D1-931F-425C9D767490} Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F} Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP Shredder-->MsiExec.exe /I{C2695E83-CF1D-43D1-84FE-B3BEC561012A} Spin & Win-->"C:\Program Files (x86)\Acer GameZone\Spin & Win\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Spin & Win\install.log" Update for 2007 Microsoft Office System (KB2284654)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A} Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42} Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7873DF5-9E1C-45EE-8895-D29C6AE01202} Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {48202D27-A6D4-4264-A184-51A6E8AD7C40} Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C20964A7-5181-45E5-9E82-72F5D400DEBF} Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987} Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {567103D1-96CD-4B76-93B9-2681A187DEFF} Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9} Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63} Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF} Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245} Update for Microsoft Office Outlook 2007 (KB2583910)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BDC21583-5601-4B2B-88F3-7919F6DE8FB1} Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784} Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876} Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F} Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C} Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726} Welcome Center-->C:\Program Files (x86)\Acer\Welcome Center\Uninstall.exe Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Live aanmeldhulp-->MsiExec.exe /I{1BD6AE96-4742-4498-9D03-9451C7E5A214} Windows Live Call-->MsiExec.exe /I{C20C2630-B3A7-44BA-BDD0-31E256AE490E} Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3} Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen-->MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F} Windows Live Messenger-->MsiExec.exe /X{CC38A00D-7EED-46CE-9281-D1D97B81F22A} Windows Live Sync-->MsiExec.exe /X{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D} ======System event log====== Computer Name: Manuela-PC Event Code: 62464 Message: UVD Information Record Number: 70928 Source Name: amdkmdag Time Written: 20110506141850.066209-000 Event Type: Informatie User: Computer Name: Manuela-PC Event Code: 62464 Message: UVD Information Record Number: 70927 Source Name: amdkmdag Time Written: 20110506141850.066209-000 Event Type: Informatie User: Computer Name: Manuela-PC Event Code: 62464 Message: UVD Information Record Number: 70926 Source Name: amdkmdag Time Written: 20110506141850.066209-000 Event Type: Informatie User: Computer Name: Manuela-PC Event Code: 62464 Message: UVD Information Record Number: 70925 Source Name: amdkmdag Time Written: 20110506141850.066209-000 Event Type: Informatie User: Computer Name: Manuela-PC Event Code: 62464 Message: UVD Information Record Number: 70924 Source Name: amdkmdag Time Written: 20110506141850.066209-000 Event Type: Informatie User: =====Application event log===== Computer Name: WIN-AFD5UUK3K8B Event Code: 6000 Message: De kennisgevingssubscriber van winlogon <SessionEnv> was niet beschikbaar om een kennisgevingsgebeurtenis te verwerken. Record Number: 288 Source Name: Microsoft-Windows-Winlogon Time Written: 20100916105401.000000-000 Event Type: Informatie User: Computer Name: WIN-AFD5UUK3K8B Event Code: 9009 Message: Beheer van bureaubladvensters is afgesloten met code 0x40010004 Record Number: 287 Source Name: Desktop Window Manager Time Written: 20100916105401.000000-000 Event Type: Informatie User: Computer Name: WIN-AFD5UUK3K8B Event Code: 1003 Message: De Windows Search-service is gestart. Record Number: 286 Source Name: Microsoft-Windows-Search Time Written: 20100916105247.000000-000 Event Type: Informatie User: Computer Name: WIN-AFD5UUK3K8B Event Code: 1013 Message: De Windows Search-service is normaal gestopt. Record Number: 285 Source Name: Microsoft-Windows-Search Time Written: 20100916105246.000000-000 Event Type: Informatie User: Computer Name: WIN-AFD5UUK3K8B Event Code: 103 Message: Windows (2616) Windows: De database-engine heeft een nieuwe sessie (0) stopgezet. Record Number: 284 Source Name: ESENT Time Written: 20100916105246.000000-000 Event Type: Informatie User: =====Security event log===== Computer Name: WIN-AFD5UUK3K8B Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: WIN-AFD5UUK3K8B$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x25c Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 86 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100916105248.596585-000 Event Type: Controle geslaagd User: Computer Name: WIN-AFD5UUK3K8B Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 85 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100916105247.114582-000 Event Type: Controle geslaagd User: Computer Name: WIN-AFD5UUK3K8B Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: WIN-AFD5UUK3K8B$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x25c Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 84 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100916105247.114582-000 Event Type: Controle geslaagd User: Computer Name: WIN-AFD5UUK3K8B Event Code: 4738 Message: Er is een gebruikersaccount gewijzigd. Onderwerp: Beveiligings-id: S-1-5-21-1300219434-4275829345-324095623-500 Accountnaam: Administrator Accountdomein: WIN-AFD5UUK3K8B Aanmeldings-id: 0x4b1f5 Doelaccount: Beveiligings-id: S-1-5-21-1300219434-4275829345-324095623-500 Accountnaam: Administrator Accountdomein: WIN-AFD5UUK3K8B Gewijzigde kenmerken: SAM-accountnaam: - Weergavenaam: - Principal-naam van gebruiker: - Basismap: - Basisstation: - Pad naar script: - Pad naar profiel: - Gebruikerswerkstations: - Wachtwoord voor het laatst ingesteld: - Account verloopt op: - Primaire groeps-id: - Mag overdragen aan: - Oude UAC-waarde: 0x211 Nieuwe UAC-waarde: 0x211 Gebruikersaccountbeheer: - Gebruikersparameters: - SID-geschiedenis: - Aantal uren aangemeld: - Aanvullende gegevens: Bevoegdheden: - Record Number: 83 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100916105245.788580-000 Event Type: Controle geslaagd User: Computer Name: WIN-AFD5UUK3K8B Event Code: 1102 Message: Het controlelogboek is gewist. Onderwerp: Beveiligings-id: S-1-5-21-1300219434-4275829345-324095623-500 Accountnaam: Administrator Domeinnaam: WIN-AFD5UUK3K8B Aanmeldings-id: 0x4b1f5 Record Number: 82 Source Name: Microsoft-Windows-Eventlog Time Written: 20100916105243.510976-000 Event Type: Controle geslaagd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\EgisTec MyWinLocker\x86;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=2 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel "PROCESSOR_REVISION"=2505 "Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ "NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\; -----------------EOF-----------------
- 21 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

echt vreemd is hulp op afstand een betere oplossing??
- 21 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

dat heeft wel wat geholpen ik krijg geen foutmelding meer maar hij blijft de oude log openen
- 21 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

heb ik gedaan maar ik krijg nog steeds hetzelfde foutmelding
- 21 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

Dit staat er precies in de foutmelding: Kan het bestand C:\Program Files (x86)\Trend Micro\HijackThis\hijackthus.log niet vinden. Wilt u een nieuw bestand maken? Ja Nee Annuleren
- 21 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

ik krijg deze foutmelding als ik een nieuwe log wil opslaan
- 21 januari 2012
- 47 antwoorden
Hijack logje Sqlite3.dll

youssie070 reageerde op youssie070's topic in Archief Bestrijding malware & virussen

heej bedankt heb precies gedaan wat je vroeg als het goed is heb ik allebei de logs als bijlage toegevoegd in deze reactie hijackthis1.txt mbam-log-2012-01-21 (15-35-57).txt
- 21 januari 2012
- 47 antwoorden
youtube pagina te groot

youssie070 reageerde op tmaraax's topic in Archief Internet & Netwerk

of je ctrl knop en - knop tegelijk indrukken
- 21 januari 2012
- 2 antwoorden
Hoe kan ik mijn antivirus testen?

youssie070 reageerde op kape's topic in Beveiliging & Privacy

Avast reageerde ook meteen top
- 21 januari 2012
- 137 antwoorden
Hijack logje Sqlite3.dll

youssie070 plaatste een topic in Archief Bestrijding malware & virussen

Hallo dit is mij logje van hijack ik hoop dat iemand mij kan helpenxD alvast bedankt groeten Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:42:38, on 21-1-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe" /c O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11453 bytes hijackthis.log
- 21 januari 2012
- 47 antwoorden

Inloggen

youssie070

Items

Registratiedatum

Laatst bezocht

Inhoudstype

Profielen

Forums

Store

Alles dat geplaatst werd door youssie070

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

Hijack logje Sqlite3.dll

youtube pagina te groot

Hoe kan ik mijn antivirus testen?

Hijack logje Sqlite3.dll

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie