youssie070
-
Items
46 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door youssie070
-
-
Logfile of random's system information tool 1.09 (written by random/random)
Run by Manuela at 2012-01-24 14:29:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 416 GB (90%) free of 463 GB
Total RAM: 3956 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:29:03, on 24-1-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Manuela.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9802 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job
C:\Windows\tasks\HP Photo Creations Communicator.job
C:\Windows\tasks\hpwebreg_xxxxxxxxxx.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-02-01 337264]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2009-12-25 401192]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-05 283160]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"AutoStartNPSAgent"=C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2011-07-08 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2010-11-20 229376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-01-24 14:24:27 ----SHD---- C:\$RECYCLE.BIN
2012-01-24 14:23:19 ----A---- C:\ComboFix.txt
2012-01-24 12:52:25 ----A---- C:\Windows\NIRCMD.exe
2012-01-23 12:09:38 ----A---- C:\TDSSKiller.2.7.6.0_23.01.2012_12.09.38_log.txt
2012-01-23 12:08:36 ----A---- C:\TDSSKiller.2.7.6.0_23.01.2012_12.08.36_log.txt
2012-01-23 12:06:28 ----D---- C:\Users\Manuela\AppData\Roaming\WinRAR
2012-01-23 12:06:19 ----D---- C:\Program Files (x86)\WinRAR
2012-01-22 12:57:11 ----A---- C:\Windows\zip.exe
2012-01-22 12:57:11 ----A---- C:\Windows\SWSC.exe
2012-01-22 12:57:11 ----A---- C:\Windows\SWREG.exe
2012-01-22 12:57:11 ----A---- C:\Windows\sed.exe
2012-01-22 12:57:11 ----A---- C:\Windows\PEV.exe
2012-01-22 12:57:11 ----A---- C:\Windows\MBR.exe
2012-01-22 12:57:11 ----A---- C:\Windows\grep.exe
2012-01-22 12:57:02 ----D---- C:\Windows\ERDNT
2012-01-22 12:56:56 ----D---- C:\Qoobox
2012-01-21 21:41:39 ----D---- C:\rsit
2012-01-21 21:14:01 ----D---- C:\Program Files (x86)\Trend Micro
2012-01-21 15:34:54 ----D---- C:\Users\Manuela\AppData\Roaming\Malwarebytes
2012-01-21 15:34:49 ----D---- C:\ProgramData\Malwarebytes
2012-01-21 15:07:22 ----D---- C:\ProgramData\HP Photo Creations
2012-01-21 15:07:22 ----D---- C:\Program Files (x86)\HP Photo Creations
2012-01-21 15:07:10 ----D---- C:\Users\Manuela\AppData\Roaming\HpUpdate
2012-01-21 15:06:55 ----D---- C:\ProgramData\HP
2012-01-21 15:06:32 ----D---- C:\Program Files (x86)\HP
2012-01-13 17:42:40 ----D---- C:\Users\Manuela\AppData\Roaming\Need for Speed World
2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2012-01-13 16:55:43 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2012-01-13 16:55:42 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2012-01-13 16:55:37 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2012-01-13 16:55:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2012-01-13 16:55:30 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2012-01-13 16:55:28 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2012-01-13 16:55:25 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2012-01-13 16:55:22 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2012-01-13 16:55:19 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2012-01-13 16:55:17 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2012-01-13 16:55:10 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2012-01-13 16:55:09 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2012-01-13 16:55:07 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2012-01-13 16:55:06 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2012-01-13 16:55:00 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2012-01-13 16:54:53 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2012-01-13 16:54:42 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2012-01-13 16:54:37 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2012-01-13 16:54:36 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2012-01-13 16:54:34 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2012-01-13 16:54:33 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2012-01-13 16:54:32 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2012-01-13 16:54:31 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2012-01-13 16:49:04 ----HD---- C:\Windows\msdownld.tmp
2012-01-13 16:49:04 ----D---- C:\Windows\SysWOW64\directx
2012-01-13 15:39:00 ----D---- C:\ProgramData\Premium
2012-01-13 15:38:58 ----D---- C:\ProgramData\InstallMate
2012-01-12 21:25:51 ----D---- C:\ProgramData\tmp
2012-01-12 21:25:50 ----D---- C:\ProgramData\hps
2012-01-12 21:20:55 ----D---- C:\Program Files (x86)\Fotoservice
2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\quartz.dll
2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\qdvd.dll
2012-01-12 20:18:52 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-01-12 20:18:50 ----A---- C:\Windows\SysWOW64\ntdll.dll
2012-01-12 20:18:48 ----A---- C:\Windows\SysWOW64\packager.dll
======List of files/folders modified in the last 1 month======
2012-01-24 14:29:02 ----D---- C:\Windows\Temp
2012-01-24 14:15:39 ----D---- C:\Windows
2012-01-24 14:15:39 ----A---- C:\Windows\system.ini
2012-01-24 14:13:48 ----A---- C:\Windows\SysWOW64\log.txt
2012-01-24 14:11:53 ----RD---- C:\Program Files (x86)
2012-01-24 14:11:53 ----D---- C:\ProgramData
2012-01-24 14:08:00 ----D---- C:\Windows\SysWOW64\drivers
2012-01-24 14:08:00 ----D---- C:\Windows\SysWOW64
2012-01-24 14:08:00 ----D---- C:\Windows\System32
2012-01-24 14:08:00 ----D---- C:\Windows\AppPatch
2012-01-24 14:07:56 ----D---- C:\Program Files (x86)\Common Files
2012-01-24 12:51:27 ----SHD---- C:\System Volume Information
2012-01-23 20:45:56 ----D---- C:\Windows\inf
2012-01-23 00:21:25 ----SD---- C:\ProgramData\Microsoft
2012-01-22 21:43:39 ----SHD---- C:\Windows\Installer
2012-01-22 21:43:38 ----SD---- C:\Users\Manuela\AppData\Roaming\Microsoft
2012-01-22 20:18:34 ----D---- C:\Users\Manuela\AppData\Roaming\Liteon
2012-01-21 15:29:55 ----D---- C:\Windows\Tasks
2012-01-21 15:06:32 ----D---- C:\Windows\twain_32
2012-01-21 15:06:07 ----RD---- C:\Program Files
2012-01-21 12:01:16 ----D---- C:\Windows\Microsoft.NET
2012-01-21 12:01:14 ----RSD---- C:\Windows\assembly
2012-01-21 10:36:44 ----D---- C:\Windows\winsxs
2012-01-21 02:47:11 ----D---- C:\ProgramData\DivX
2012-01-21 02:47:05 ----D---- C:\Program Files (x86)\DivX
2012-01-21 02:47:00 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2012-01-21 02:44:58 ----D---- C:\Users\Manuela\AppData\Roaming\DivX
2012-01-13 15:47:12 ----D---- C:\Program Files (x86)\Google
2012-01-13 15:46:44 ----D---- C:\Program Files (x86)\Microsoft
2012-01-12 22:02:18 ----D---- C:\Windows\ehome
2012-01-12 21:54:15 ----D---- C:\ProgramData\Microsoft Help
2011-12-29 21:47:19 ----D---- C:\Windows\SysWOW64\migration
2011-12-29 21:47:19 ----D---- C:\Program Files (x86)\Internet Explorer
2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\nl-NL
2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\fr-FR
2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\en-US
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys []
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys []
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys []
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys []
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys []
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2011-07-08 16392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
-----------------EOF-----------------
-
ComboFix 12-01-23.02 - Manuela 24-01-2012 14:04:43.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3956.2532 [GMT 1:00]
Gestart vanuit: c:\users\Manuela\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Manuela\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"C:\user.js"
"c:\windows\msdownld.tmp"
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\BCHelper.exe
c:\program files (x86)\BrowserCompanion\blabbers-ch.crx
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\Conduit
c:\program files (x86)\Conduit\Community Alerts\Alert.dll
c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}.native.bitness.log
c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}.native.data.log
c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}.native.elements.log
c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}.native.weight.log
c:\programdata\Babylon
C:\user.js
c:\users\Manuela\AppData\Local\Babylon
c:\users\Manuela\AppData\Local\Babylon\Setup\bab033.tbinst.dat
c:\users\Manuela\AppData\Local\Babylon\Setup\bab091.norecovericon.dat
c:\users\Manuela\AppData\Local\Babylon\Setup\Babylon.dat
c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\common.js
c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\eula.html
c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\page2.css
c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\page2.html
c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\page2.js
c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\page2Lrg.css
c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\page9.html
c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\pBar.gif
c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\title2.png
c:\users\Manuela\AppData\Local\Babylon\Setup\HtmlScreens\toolBar.jpg
c:\users\Manuela\AppData\Local\Babylon\Setup\Setup-tbmntr903-9.0.3.19.zpb
c:\users\Manuela\AppData\Local\Babylon\Setup\Setup.exe
c:\users\Manuela\AppData\Local\Babylon\Setup\SetupStrings.dat
c:\users\Manuela\AppData\Local\Babylon\Setup\sqlite3.dll
c:\users\Manuela\AppData\Local\Conduit
c:\users\Manuela\AppData\Roaming\Babylon
c:\users\Manuela\AppData\Roaming\Babylon\log_file.txt
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-12-24 to 2012-01-24 ))))))))))))))))))))))))))))))
.
.
2012-01-24 13:12 . 2012-01-24 13:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-24 11:51 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ACC7CB0D-8D75-419D-930E-21CBF06D9683}\mpengine.dll
2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\users\Manuela\AppData\Roaming\Malwarebytes
2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\programdata\Malwarebytes
2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\programdata\HP Photo Creations
2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\program files (x86)\HP Photo Creations
2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\users\Manuela\AppData\Roaming\HpUpdate
2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\programdata\HP
2012-01-21 14:06 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\HP
2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\program files\HP
2012-01-21 14:05 . 2012-01-22 23:17 -------- d-----w- c:\users\Manuela\AppData\Local\HP
2012-01-14 13:13 . 2012-01-14 13:13 -------- d-----w- c:\users\Manuela\AppData\Local\ElevatedDiagnostics
2012-01-14 13:07 . 2012-01-14 13:07 -------- d-----w- c:\users\Manuela\AppData\Local\PackageAware
2012-01-13 16:42 . 2012-01-13 16:42 -------- d-----w- c:\users\Manuela\AppData\Roaming\Need for Speed World
2012-01-13 15:56 . 2012-01-13 15:56 -------- d-----w- c:\users\Manuela\AppData\Local\Electronic_Arts_Inc
2012-01-13 15:54 . 2007-03-15 15:57 506728 ----a-w- c:\windows\system32\d3dx10_33.dll
2012-01-13 15:49 . 2012-01-13 15:53 -------- d--h--w- c:\windows\msdownld.tmp
2012-01-13 14:39 . 2012-01-13 14:39 -------- d-----w- c:\programdata\Premium
2012-01-13 14:38 . 2012-01-13 14:39 -------- d-----w- c:\programdata\InstallMate
2012-01-12 20:25 . 2012-01-14 12:10 -------- d-----w- c:\programdata\tmp
2012-01-12 20:25 . 2012-01-12 20:25 -------- d-----w- c:\programdata\hps
2012-01-12 20:20 . 2012-01-20 22:20 -------- d-----w- c:\program files (x86)\Fotoservice
2012-01-12 19:18 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-12 19:18 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-12 19:18 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-12 19:18 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-12 19:18 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-12 19:18 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-12 19:18 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-12 19:18 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-03-30 20:09 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-03-30 20:09 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-03-30 19:51 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-07-09 11:48 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-03-30 20:09 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-03-30 20:09 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-03-30 20:09 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-03-30 20:09 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-03-30 20:09 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-24 04:52 . 2011-12-23 19:39 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-15 13:29 . 2011-02-24 20:18 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-05 05:41 . 2011-12-23 19:40 1188864 ----a-w- c:\windows\system32\wininet.dll
2011-11-05 05:32 . 2011-12-23 19:39 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 04:35 . 2011-12-23 19:40 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-11-05 04:26 . 2011-12-23 19:39 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-11-05 03:32 . 2011-12-23 19:40 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-11-05 02:48 . 2011-12-23 19:40 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-22_12.11.55 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-01-22 12:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-24 13:13 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-24 13:13 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-22 12:09 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-22 12:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-24 13:13 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-05-06 23:22 . 2012-01-24 13:16 60510 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-01-24 13:16 49596 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-02-12 16:07 . 2012-01-24 13:16 14790 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1300219434-4275829345-324095623-1000_UserData.bin
+ 2010-11-16 23:48 . 2010-11-16 23:48 42344 c:\windows\system32\spool\drivers\x64\3\hpvplui04.dll
+ 2009-07-14 05:30 . 2012-01-23 19:46 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2012-01-21 14:06 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 00:35 . 2009-07-14 00:35 41984 c:\windows\system32\drivers\usbscan.sys
+ 2011-02-13 06:58 . 2012-01-22 23:22 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-13 06:58 . 2012-01-21 09:33 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-13 06:58 . 2012-01-21 09:33 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-02-13 06:58 . 2012-01-22 23:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-22 23:22 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-21 09:33 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-01-22 23:21 . 2012-01-24 12:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-01-22 23:21 . 2012-01-24 12:05 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-01-22 23:21 . 2012-01-24 12:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-12 16:09 . 2012-01-24 12:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-12 16:09 . 2012-01-22 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-12 16:09 . 2012-01-24 12:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-02-12 16:09 . 2012-01-22 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-01-22 23:20 . 2012-01-22 23:20 9560 c:\windows\system32\NetworkList\Icons\{5C720705-9974-4E99-9DC4-181213C7B520}_48.bin
+ 2012-01-22 23:20 . 2012-01-22 23:20 4280 c:\windows\system32\NetworkList\Icons\{5C720705-9974-4E99-9DC4-181213C7B520}_32.bin
+ 2012-01-22 23:20 . 2012-01-22 23:20 2456 c:\windows\system32\NetworkList\Icons\{5C720705-9974-4E99-9DC4-181213C7B520}_24.bin
- 2012-01-22 12:09 . 2012-01-22 12:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-24 13:13 . 2012-01-24 13:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-24 13:13 . 2012-01-24 13:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-01-22 12:09 . 2012-01-22 12:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-02-12 16:44 . 2012-01-23 19:06 234418 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2010-11-16 23:48 . 2010-11-16 23:48 220520 c:\windows\system32\spool\drivers\x64\3\hpvplres04.dll
+ 2010-11-16 23:48 . 2010-11-16 23:48 538472 c:\windows\system32\spool\drivers\x64\3\hpvpldrv04.dll
+ 2010-11-16 23:48 . 2010-11-16 23:48 349032 c:\windows\system32\spool\drivers\x64\3\hpinksts8711LM.dll
+ 2010-11-16 23:48 . 2010-11-16 23:48 306024 c:\windows\system32\spool\drivers\x64\3\hpinksts8711.dll
+ 2010-11-16 23:48 . 2010-11-16 23:48 518504 c:\windows\system32\spool\drivers\x64\3\hpfime51.dll
+ 2010-11-16 23:48 . 2010-11-16 23:48 349032 c:\windows\system32\hpinksts8711LM.dll
+ 2010-11-16 23:48 . 2010-11-16 23:48 274792 c:\windows\system32\hpinkcoi8711.dll
+ 2009-07-14 05:30 . 2012-01-23 19:46 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-01-21 14:06 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2012-01-22 23:21 . 2012-01-22 23:21 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2012-01-22 12:08 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-01-24 13:12 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-11-16 23:48 . 2010-11-16 23:48 2591080 c:\windows\system32\HPScanMiniDrv_DJ2050_510g.dll
+ 2012-01-22 20:42 . 2012-01-22 20:42 1402880 c:\windows\Installer\512acb.msi
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2011-07-08 102400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2012-01-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job
- c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12]
.
2012-01-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job
- c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12]
.
2012-01-24 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2012-01-21 14:29]
.
2012-01-21 c:\windows\Tasks\hpwebreg_xxxxxxxxxx.job
- c:\program files\HP\HP Deskjet 2050 J510 series\Bin\hpwebreg.exe [2010-11-16 20:29]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-11 9643552]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-04-23 861216]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_7741&r=27360211j306l04e8z1k5t4711p893
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Voltooingstijd: 2012-01-24 14:23:17 - machine werd herstart
ComboFix-quarantined-files.txt 2012-01-24 13:23
ComboFix2.txt 2012-01-24 12:15
ComboFix3.txt 2012-01-22 14:27
ComboFix4.txt 2012-01-22 12:23
.
Pre-Run: 435.864.850.432 bytes beschikbaar
Post-Run: 435.805.491.200 bytes beschikbaar
.
- - End Of File - - 5FFFD59B929A1FB6ABEB479A35AD2C73
---------- Post toegevoegd om 14:30 ---------- Vorige post was om 14:28 ----------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Manuela at 2012-01-24 14:29:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 416 GB (90%) free of 463 GB
Total RAM: 3956 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:29:03, on 24-1-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Manuela.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9802 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job
C:\Windows\tasks\HP Photo Creations Communicator.job
C:\Windows\tasks\hpwebreg_xxxxxxxxxx.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-02-01 337264]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2009-12-25 401192]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-05 283160]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"AutoStartNPSAgent"=C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2011-07-08 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2010-11-20 229376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-01-24 14:24:27 ----SHD---- C:\$RECYCLE.BIN
2012-01-24 14:23:19 ----A---- C:\ComboFix.txt
2012-01-24 12:52:25 ----A---- C:\Windows\NIRCMD.exe
2012-01-23 12:09:38 ----A---- C:\TDSSKiller.2.7.6.0_23.01.2012_12.09.38_log.txt
2012-01-23 12:08:36 ----A---- C:\TDSSKiller.2.7.6.0_23.01.2012_12.08.36_log.txt
2012-01-23 12:06:28 ----D---- C:\Users\Manuela\AppData\Roaming\WinRAR
2012-01-23 12:06:19 ----D---- C:\Program Files (x86)\WinRAR
2012-01-22 12:57:11 ----A---- C:\Windows\zip.exe
2012-01-22 12:57:11 ----A---- C:\Windows\SWSC.exe
2012-01-22 12:57:11 ----A---- C:\Windows\SWREG.exe
2012-01-22 12:57:11 ----A---- C:\Windows\sed.exe
2012-01-22 12:57:11 ----A---- C:\Windows\PEV.exe
2012-01-22 12:57:11 ----A---- C:\Windows\MBR.exe
2012-01-22 12:57:11 ----A---- C:\Windows\grep.exe
2012-01-22 12:57:02 ----D---- C:\Windows\ERDNT
2012-01-22 12:56:56 ----D---- C:\Qoobox
2012-01-21 21:41:39 ----D---- C:\rsit
2012-01-21 21:14:01 ----D---- C:\Program Files (x86)\Trend Micro
2012-01-21 15:34:54 ----D---- C:\Users\Manuela\AppData\Roaming\Malwarebytes
2012-01-21 15:34:49 ----D---- C:\ProgramData\Malwarebytes
2012-01-21 15:07:22 ----D---- C:\ProgramData\HP Photo Creations
2012-01-21 15:07:22 ----D---- C:\Program Files (x86)\HP Photo Creations
2012-01-21 15:07:10 ----D---- C:\Users\Manuela\AppData\Roaming\HpUpdate
2012-01-21 15:06:55 ----D---- C:\ProgramData\HP
2012-01-21 15:06:32 ----D---- C:\Program Files (x86)\HP
2012-01-13 17:42:40 ----D---- C:\Users\Manuela\AppData\Roaming\Need for Speed World
2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2012-01-13 16:55:43 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2012-01-13 16:55:42 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2012-01-13 16:55:37 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2012-01-13 16:55:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2012-01-13 16:55:30 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2012-01-13 16:55:28 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2012-01-13 16:55:25 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2012-01-13 16:55:22 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2012-01-13 16:55:19 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2012-01-13 16:55:17 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2012-01-13 16:55:10 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2012-01-13 16:55:09 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2012-01-13 16:55:07 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2012-01-13 16:55:06 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2012-01-13 16:55:00 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2012-01-13 16:54:53 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2012-01-13 16:54:42 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2012-01-13 16:54:37 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2012-01-13 16:54:36 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2012-01-13 16:54:34 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2012-01-13 16:54:33 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2012-01-13 16:54:32 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2012-01-13 16:54:31 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2012-01-13 16:49:04 ----HD---- C:\Windows\msdownld.tmp
2012-01-13 16:49:04 ----D---- C:\Windows\SysWOW64\directx
2012-01-13 15:39:00 ----D---- C:\ProgramData\Premium
2012-01-13 15:38:58 ----D---- C:\ProgramData\InstallMate
2012-01-12 21:25:51 ----D---- C:\ProgramData\tmp
2012-01-12 21:25:50 ----D---- C:\ProgramData\hps
2012-01-12 21:20:55 ----D---- C:\Program Files (x86)\Fotoservice
2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\quartz.dll
2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\qdvd.dll
2012-01-12 20:18:52 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-01-12 20:18:50 ----A---- C:\Windows\SysWOW64\ntdll.dll
2012-01-12 20:18:48 ----A---- C:\Windows\SysWOW64\packager.dll
======List of files/folders modified in the last 1 month======
2012-01-24 14:29:02 ----D---- C:\Windows\Temp
2012-01-24 14:15:39 ----D---- C:\Windows
2012-01-24 14:15:39 ----A---- C:\Windows\system.ini
2012-01-24 14:13:48 ----A---- C:\Windows\SysWOW64\log.txt
2012-01-24 14:11:53 ----RD---- C:\Program Files (x86)
2012-01-24 14:11:53 ----D---- C:\ProgramData
2012-01-24 14:08:00 ----D---- C:\Windows\SysWOW64\drivers
2012-01-24 14:08:00 ----D---- C:\Windows\SysWOW64
2012-01-24 14:08:00 ----D---- C:\Windows\System32
2012-01-24 14:08:00 ----D---- C:\Windows\AppPatch
2012-01-24 14:07:56 ----D---- C:\Program Files (x86)\Common Files
2012-01-24 12:51:27 ----SHD---- C:\System Volume Information
2012-01-23 20:45:56 ----D---- C:\Windows\inf
2012-01-23 00:21:25 ----SD---- C:\ProgramData\Microsoft
2012-01-22 21:43:39 ----SHD---- C:\Windows\Installer
2012-01-22 21:43:38 ----SD---- C:\Users\Manuela\AppData\Roaming\Microsoft
2012-01-22 20:18:34 ----D---- C:\Users\Manuela\AppData\Roaming\Liteon
2012-01-21 15:29:55 ----D---- C:\Windows\Tasks
2012-01-21 15:06:32 ----D---- C:\Windows\twain_32
2012-01-21 15:06:07 ----RD---- C:\Program Files
2012-01-21 12:01:16 ----D---- C:\Windows\Microsoft.NET
2012-01-21 12:01:14 ----RSD---- C:\Windows\assembly
2012-01-21 10:36:44 ----D---- C:\Windows\winsxs
2012-01-21 02:47:11 ----D---- C:\ProgramData\DivX
2012-01-21 02:47:05 ----D---- C:\Program Files (x86)\DivX
2012-01-21 02:47:00 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2012-01-21 02:44:58 ----D---- C:\Users\Manuela\AppData\Roaming\DivX
2012-01-13 15:47:12 ----D---- C:\Program Files (x86)\Google
2012-01-13 15:46:44 ----D---- C:\Program Files (x86)\Microsoft
2012-01-12 22:02:18 ----D---- C:\Windows\ehome
2012-01-12 21:54:15 ----D---- C:\ProgramData\Microsoft Help
2011-12-29 21:47:19 ----D---- C:\Windows\SysWOW64\migration
2011-12-29 21:47:19 ----D---- C:\Program Files (x86)\Internet Explorer
2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\nl-NL
2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\fr-FR
2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\en-US
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys []
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys []
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys []
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys []
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys []
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2011-07-08 16392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
-----------------EOF-----------------
-
ComboFix 12-01-23.02 - Manuela 24-01-2012 12:53:31.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3956.2447 [GMT 1:00]
Gestart vanuit: c:\users\Manuela\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-12-24 to 2012-01-24 ))))))))))))))))))))))))))))))
.
.
2012-01-24 12:01 . 2012-01-24 12:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-24 11:51 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ACC7CB0D-8D75-419D-930E-21CBF06D9683}\mpengine.dll
2012-01-22 20:43 . 2012-01-22 20:43 388096 ----a-r- c:\users\Manuela\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-22 15:28 . 2012-01-22 15:28 -------- d-----w- c:\program files (x86)\Conduit
2012-01-22 15:28 . 2012-01-22 15:31 -------- d-----w- c:\users\Manuela\AppData\Local\Conduit
2012-01-21 20:41 . 2012-01-21 20:41 -------- d-----w- C:\rsit
2012-01-21 20:14 . 2012-01-22 20:43 -------- d-----w- c:\program files (x86)\Trend Micro
2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\users\Manuela\AppData\Roaming\Malwarebytes
2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\programdata\Malwarebytes
2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\programdata\HP Photo Creations
2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\program files (x86)\HP Photo Creations
2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\users\Manuela\AppData\Roaming\HpUpdate
2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\programdata\HP
2012-01-21 14:06 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\HP
2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\program files\HP
2012-01-21 14:05 . 2012-01-22 23:17 -------- d-----w- c:\users\Manuela\AppData\Local\HP
2012-01-14 13:13 . 2012-01-14 13:13 -------- d-----w- c:\users\Manuela\AppData\Local\ElevatedDiagnostics
2012-01-14 13:10 . 2012-01-14 13:10 -------- d-----w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-01-14 13:07 . 2012-01-14 13:07 -------- d-----w- c:\users\Manuela\AppData\Local\PackageAware
2012-01-13 16:42 . 2012-01-13 16:42 -------- d-----w- c:\users\Manuela\AppData\Roaming\Need for Speed World
2012-01-13 15:56 . 2012-01-13 15:56 -------- d-----w- c:\users\Manuela\AppData\Local\Electronic_Arts_Inc
2012-01-13 15:54 . 2007-03-15 15:57 506728 ----a-w- c:\windows\system32\d3dx10_33.dll
2012-01-13 15:49 . 2012-01-13 15:53 -------- d--h--w- c:\windows\msdownld.tmp
2012-01-13 14:42 . 2012-01-13 14:42 237 ----a-w- C:\user.js
2012-01-13 14:42 . 2012-01-13 14:48 -------- d-----w- c:\program files (x86)\BrowserCompanion
2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\users\Manuela\AppData\Local\Babylon
2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\users\Manuela\AppData\Roaming\Babylon
2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\programdata\Babylon
2012-01-13 14:39 . 2012-01-13 14:39 -------- d-----w- c:\programdata\Premium
2012-01-13 14:38 . 2012-01-13 14:39 -------- d-----w- c:\programdata\InstallMate
2012-01-12 20:25 . 2012-01-14 12:10 -------- d-----w- c:\programdata\tmp
2012-01-12 20:25 . 2012-01-12 20:25 -------- d-----w- c:\programdata\hps
2012-01-12 20:20 . 2012-01-20 22:20 -------- d-----w- c:\program files (x86)\Fotoservice
2012-01-12 19:18 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-12 19:18 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-12 19:18 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-12 19:18 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-12 19:18 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-12 19:18 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-12 19:18 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-12 19:18 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-03-30 20:09 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-03-30 20:09 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-03-30 19:51 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-07-09 11:48 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-03-30 20:09 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-03-30 20:09 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-03-30 20:09 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-03-30 20:09 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-03-30 20:09 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-24 04:52 . 2011-12-23 19:39 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-15 13:29 . 2011-02-24 20:18 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-05 05:41 . 2011-12-23 19:40 1188864 ----a-w- c:\windows\system32\wininet.dll
2011-11-05 05:32 . 2011-12-23 19:39 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 04:35 . 2011-12-23 19:40 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-11-05 04:26 . 2011-12-23 19:39 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-11-05 03:32 . 2011-12-23 19:40 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-11-05 02:48 . 2011-12-23 19:40 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-22_12.11.55 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-01-22 12:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-24 12:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-24 12:02 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-22 12:09 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-22 12:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-24 12:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-05-06 23:22 . 2012-01-24 12:04 60240 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-01-24 12:04 49596 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-02-12 16:07 . 2012-01-24 12:04 14766 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1300219434-4275829345-324095623-1000_UserData.bin
+ 2010-11-16 23:48 . 2010-11-16 23:48 42344 c:\windows\system32\spool\drivers\x64\3\hpvplui04.dll
+ 2009-07-14 05:30 . 2012-01-23 19:46 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2012-01-21 14:06 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 00:35 . 2009-07-14 00:35 41984 c:\windows\system32\drivers\usbscan.sys
+ 2011-02-13 06:58 . 2012-01-22 23:22 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-13 06:58 . 2012-01-21 09:33 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-13 06:58 . 2012-01-21 09:33 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-02-13 06:58 . 2012-01-22 23:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-22 23:22 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-21 09:33 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-01-22 23:21 . 2012-01-24 11:47 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-01-22 23:21 . 2012-01-24 11:47 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-01-22 23:21 . 2012-01-24 11:47 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-12 16:09 . 2012-01-24 11:47 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-12 16:09 . 2012-01-22 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-12 16:09 . 2012-01-24 11:47 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-02-12 16:09 . 2012-01-22 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-01-22 23:20 . 2012-01-22 23:20 9560 c:\windows\system32\NetworkList\Icons\{5C720705-9974-4E99-9DC4-181213C7B520}_48.bin
+ 2012-01-22 23:20 . 2012-01-22 23:20 4280 c:\windows\system32\NetworkList\Icons\{5C720705-9974-4E99-9DC4-181213C7B520}_32.bin
+ 2012-01-22 23:20 . 2012-01-22 23:20 2456 c:\windows\system32\NetworkList\Icons\{5C720705-9974-4E99-9DC4-181213C7B520}_24.bin
- 2012-01-22 12:09 . 2012-01-22 12:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-24 12:02 . 2012-01-24 12:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-24 12:02 . 2012-01-24 12:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-01-22 12:09 . 2012-01-22 12:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-02-12 16:44 . 2012-01-23 19:06 234418 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2010-11-16 23:48 . 2010-11-16 23:48 220520 c:\windows\system32\spool\drivers\x64\3\hpvplres04.dll
+ 2010-11-16 23:48 . 2010-11-16 23:48 538472 c:\windows\system32\spool\drivers\x64\3\hpvpldrv04.dll
+ 2010-11-16 23:48 . 2010-11-16 23:48 349032 c:\windows\system32\spool\drivers\x64\3\hpinksts8711LM.dll
+ 2010-11-16 23:48 . 2010-11-16 23:48 306024 c:\windows\system32\spool\drivers\x64\3\hpinksts8711.dll
+ 2010-11-16 23:48 . 2010-11-16 23:48 518504 c:\windows\system32\spool\drivers\x64\3\hpfime51.dll
+ 2010-11-16 23:48 . 2010-11-16 23:48 349032 c:\windows\system32\hpinksts8711LM.dll
+ 2010-11-16 23:48 . 2010-11-16 23:48 274792 c:\windows\system32\hpinkcoi8711.dll
+ 2009-07-14 05:30 . 2012-01-23 19:46 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-01-21 14:06 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2012-01-22 23:21 . 2012-01-22 23:21 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2012-01-22 12:08 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-01-24 12:01 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-11-16 23:48 . 2010-11-16 23:48 2591080 c:\windows\system32\HPScanMiniDrv_DJ2050_510g.dll
+ 2012-01-22 20:42 . 2012-01-22 20:42 1402880 c:\windows\Installer\512acb.msi
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2011-07-08 102400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Browser companion helper"="c:\program files (x86)\BrowserCompanion\BCHelper.exe" [2011-12-16 187696]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2012-01-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job
- c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12]
.
2012-01-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job
- c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12]
.
2012-01-24 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2012-01-21 14:29]
.
2012-01-21 c:\windows\Tasks\hpwebreg_xxxxxxxxxx.job
- c:\program files\HP\HP Deskjet 2050 J510 series\Bin\hpwebreg.exe [2010-11-16 20:29]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-11 9643552]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-04-23 861216]
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&affID=101241&mntrId=a43664880000000000005cac4c691c22
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_7741&r=27360211j306l04e8z1k5t4711p893
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
.
- - - - ORPHANS VERWIJDERD - - - -
.
URLSearchHooks-{87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe
WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-WinRAR archiver - c:\program files (x86)\WinRAR\uninstall.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Voltooingstijd: 2012-01-24 13:15:00 - machine werd herstart
ComboFix-quarantined-files.txt 2012-01-24 12:14
ComboFix2.txt 2012-01-22 14:27
ComboFix3.txt 2012-01-22 12:23
.
Pre-Run: 436.154.814.464 bytes beschikbaar
Post-Run: 435.983.556.608 bytes beschikbaar
.
- - End Of File - - E7F9A8D95E3184525A1CFC1B5E1DA97B
-
Emsisoft Emergency Kit - Versie 1.0
Laatste Update: 1/23/2012 10:10:51 PM
Scaninstellingen:
Scantype: Diepe Scan
Objecten: Geheugen, Sporen, Cookies, C:\
Scan archieven: Aan
Heuristieken: Uit
ADS Scan: Aan
Scan gestart: 1/23/2012 10:11:22 PM
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@bs.serving-sys[1].txt Ontdekt: Trace.TrackingCookie.bs.serving-sys!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@doubleclick[1].txt Ontdekt: Trace.TrackingCookie.doubleclick!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@serving-sys[2].txt Ontdekt: Trace.TrackingCookie.serving-sys!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@weborama[1].txt Ontdekt: Trace.TrackingCookie.weborama!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@2o7[1].txt Ontdekt: Trace.TrackingCookie.2o7!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@adviva[1].txt Ontdekt: Trace.TrackingCookie.adviva!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@bs.serving-sys[1].txt Ontdekt: Trace.TrackingCookie.bs.serving-sys!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@doubleclick[2].txt Ontdekt: Trace.TrackingCookie.doubleclick!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@fastclick[1].txt Ontdekt: Trace.TrackingCookie.fastclick!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@mediaplex[1].txt Ontdekt: Trace.TrackingCookie.mediaplex!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@serving-sys[2].txt Ontdekt: Trace.TrackingCookie.serving-sys!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@specificclick[1].txt Ontdekt: Trace.TrackingCookie.specificclick!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@statcounter[1].txt Ontdekt: Trace.TrackingCookie.statcounter!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@tradedoubler[2].txt Ontdekt: Trace.TrackingCookie.tradedoubler!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@weborama[1].txt Ontdekt: Trace.TrackingCookie.weborama!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1299881584581000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1299961569368001 Ontdekt: Trace.TrackingCookie.adserv!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016303250000 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016303250001 Ontdekt: Trace.TrackingCookie.zedo.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016434602000 Ontdekt: Trace.TrackingCookie.tribalfusion.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016435721000 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300017562373000 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300019123020000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300019152948000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300022402861000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300022402861001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300028186269002 Ontdekt: Trace.TrackingCookie.www.kdukvh.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300028215785001 Ontdekt: Trace.TrackingCookie.adfarm1.adition.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300031553721000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300050353545000 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300102989989000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300102989990000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300102996978000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300103046463000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300204481412000 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300211131782000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300211131782001 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300272021322000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300273303938000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300273692850000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300287861344000 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300311314935001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300493499312000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300493544275000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300561110645000 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300561110646000 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571056187000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571927257000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571927257001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571931396000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571974321000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300822371364000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300822378899000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300822734226000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300823100729000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300823161632000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300828380930000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300833872569000 Ontdekt: Trace.TrackingCookie.ad.adition.net!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300833872569001 Ontdekt: Trace.TrackingCookie.ad.adition.net!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301133310188000 Ontdekt: Trace.TrackingCookie.d2.advertserve.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301265202604000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301303166394000 Ontdekt: Trace.TrackingCookie.stat.active24stats.nl!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301303166395000 Ontdekt: Trace.TrackingCookie.stat.active24stats.nl!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301351051577000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301409335141000 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301502395570000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301751310363000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301751310363001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301751310385000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301755089320000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301858178662000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301858178662001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302200656403000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302283919595001 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302283919595002 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302285301498000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302361956146000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302365386899000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302444091440000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302444091440001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302444188270000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302447734628000 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302450433442005 Ontdekt: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302450433442006 Ontdekt: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302457846945000 Ontdekt: Trace.TrackingCookie.ilead.itrack.it!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302519672421000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302519769081000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302522841906000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302522866245000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543420107001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543420107002 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543538424000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543538424001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302556574283000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302556621652000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302556644363000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303678972735000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303678972735001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303727816637000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303727816637001 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303854674600000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1304078376983000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1304366225997000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1304750435275001 Ontdekt: Trace.TrackingCookie.www.belstat.be!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305484512814000 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605575212 Ontdekt: Trace.TrackingCookie.myspace.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605580118 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605580149 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605580150 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605584837 Ontdekt: Trace.TrackingCookie.ndparking.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605585726 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605585728 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605592659 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605596093 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605596382 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605600630 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605601680 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605602033 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605604136 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605604289 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605604535 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605606072 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605606313 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605611157 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605611882 Ontdekt: Trace.TrackingCookie.m.webtrends.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605615261 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617580 Ontdekt: Trace.TrackingCookie.ad.zanox.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617593 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617594 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617595 Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617833 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617834 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605618652 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605618653 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605621497 Ontdekt: Trace.TrackingCookie.www.ndparking.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623364 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623421 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623433 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623508 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605624202 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605629116 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630152 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630162 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630163 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630550 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630595 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630596 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630597 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630600 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605632611 Ontdekt: Trace.TrackingCookie.ilead.itrack.it!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605633499 Ontdekt: Trace.TrackingCookie.adserv!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605635306 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605635312 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605640607 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641780 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641787 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641814 Ontdekt: Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641815 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641839 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641881 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641946 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641976 Ontdekt: Trace.TrackingCookie.www.ndparking.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641977 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605642003 Ontdekt: Trace.TrackingCookie.cms!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605643738 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644750 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644785 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644798 Ontdekt: Trace.TrackingCookie.statse.webtrendslive!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644855 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644873 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605645593 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605647738 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605647739 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605647978 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656051 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656078 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656079 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656215 Ontdekt: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Program Files (x86)\WinRAR\Uninstall.exe Ontdekt: Backdoor.Win32.Hupigon!IK
C:\Users\Manuela\Downloads\wrar410nl.exe/Uninstall.exe Ontdekt: Backdoor.Win32.Hupigon!IK
Gescand
Bestanden: 287672
Sporen: 404020
Cookies: 3195
Processen: 79
Gevonden
Bestanden: 2
Sporen: 0
Cookies: 198
Processen: 0
Registersleutels: 0
Scan Geëindigd: 1/24/2012 12:31:31 AM
Scantijd: 2:20:09
C:\Program Files (x86)\WinRAR\Uninstall.exe Verwijderd Backdoor.Win32.Hupigon!IK
C:\Users\Manuela\Downloads\wrar410nl.exe/Uninstall.exe Verwijderd Backdoor.Win32.Hupigon!IK
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644798 Verwijderd Trace.TrackingCookie.statse.webtrendslive!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605642003 Verwijderd Trace.TrackingCookie.cms!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630595 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630596 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630597 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630600 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605621497 Verwijderd Trace.TrackingCookie.www.ndparking.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641976 Verwijderd Trace.TrackingCookie.www.ndparking.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617580 Verwijderd Trace.TrackingCookie.ad.zanox.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605611882 Verwijderd Trace.TrackingCookie.m.webtrends.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605601680 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605602033 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605604136 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605604289 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605604535 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605606072 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605606313 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605615261 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623364 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623421 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623433 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605623508 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605629116 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630152 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605635306 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605635312 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605640607 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641780 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641787 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641815 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641839 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641881 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641946 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641977 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605643738 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644750 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644785 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644855 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605644873 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605645593 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605647978 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656215 Verwijderd Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605596093 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605600630 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605624202 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605647738 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605647739 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656078 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656079 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605592659 Verwijderd Trace.TrackingCookie.doubleclick.net!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630550 Verwijderd Trace.TrackingCookie.doubleclick.net!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605584837 Verwijderd Trace.TrackingCookie.ndparking.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605575212 Verwijderd Trace.TrackingCookie.myspace.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1304750435275001 Verwijderd Trace.TrackingCookie.www.belstat.be!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302457846945000 Verwijderd Trace.TrackingCookie.ilead.itrack.it!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605632611 Verwijderd Trace.TrackingCookie.ilead.itrack.it!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302450433442005 Verwijderd Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302450433442006 Verwijderd Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605641814 Verwijderd Trace.TrackingCookie.d1.openx.org!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301303166394000 Verwijderd Trace.TrackingCookie.stat.active24stats.nl!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301303166395000 Verwijderd Trace.TrackingCookie.stat.active24stats.nl!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301133310188000 Verwijderd Trace.TrackingCookie.d2.advertserve.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300833872569000 Verwijderd Trace.TrackingCookie.ad.adition.net!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300833872569001 Verwijderd Trace.TrackingCookie.ad.adition.net!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300211131782000 Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300211131782001 Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300272021322000 Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300493499312000 Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300493544275000 Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301265202604000 Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302365386899000 Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302447734628000 Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605580118 Verwijderd Trace.TrackingCookie.stat.onestat!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300204481412000 Verwijderd Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300287861344000 Verwijderd Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301409335141000 Verwijderd Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605656051 Verwijderd Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300028215785001 Verwijderd Trace.TrackingCookie.adfarm1.adition.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300028186269002 Verwijderd Trace.TrackingCookie.www.kdukvh.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300017562373000 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302283919595001 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302283919595002 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605611157 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617593 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617594 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617595 Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016435721000 Verwijderd Trace.TrackingCookie.adbrite.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300050353545000 Verwijderd Trace.TrackingCookie.adbrite.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300561110645000 Verwijderd Trace.TrackingCookie.adbrite.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300561110646000 Verwijderd Trace.TrackingCookie.adbrite.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605585726 Verwijderd Trace.TrackingCookie.adbrite.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605585728 Verwijderd Trace.TrackingCookie.adbrite.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016434602000 Verwijderd Trace.TrackingCookie.tribalfusion.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016303250000 Verwijderd Trace.TrackingCookie.zedo.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300016303250001 Verwijderd Trace.TrackingCookie.zedo.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1299961569368001 Verwijderd Trace.TrackingCookie.adserv!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605633499 Verwijderd Trace.TrackingCookie.adserv!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1299881584581000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300019123020000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300019152948000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300022402861000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300022402861001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300031553721000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300102989989000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300102989990000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300102996978000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300103046463000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300273303938000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300273692850000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300311314935001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571056187000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571927257000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571927257001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571931396000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300571974321000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300822371364000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300822378899000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300822734226000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300823100729000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300823161632000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1300828380930000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301351051577000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301502395570000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301751310363000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301751310363001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301751310385000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301755089320000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301858178662000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1301858178662001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302200656403000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302285301498000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302361956146000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302444091440000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302444091440001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302444188270000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302519672421000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302519769081000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302522841906000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302522866245000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543420107001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543420107002 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543538424000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302543538424001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302556574283000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302556621652000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1302556644363000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303678972735000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303678972735001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303727816637000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303727816637001 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1303854674600000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1304078376983000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1304366225997000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305484512814000 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605580149 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605580150 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605596382 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617833 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605617834 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605618652 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605618653 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630162 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\ujovurkn.default\cookies.sqlite:1305637605630163 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@tradedoubler[2].txt Verwijderd Trace.TrackingCookie.tradedoubler!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@statcounter[1].txt Verwijderd Trace.TrackingCookie.statcounter!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@specificclick[1].txt Verwijderd Trace.TrackingCookie.specificclick!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@mediaplex[1].txt Verwijderd Trace.TrackingCookie.mediaplex!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@fastclick[1].txt Verwijderd Trace.TrackingCookie.fastclick!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@adviva[1].txt Verwijderd Trace.TrackingCookie.adviva!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@2o7[1].txt Verwijderd Trace.TrackingCookie.2o7!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@weborama[1].txt Verwijderd Trace.TrackingCookie.weborama!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@weborama[1].txt Verwijderd Trace.TrackingCookie.weborama!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@serving-sys[2].txt Verwijderd Trace.TrackingCookie.serving-sys!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@serving-sys[2].txt Verwijderd Trace.TrackingCookie.serving-sys!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@doubleclick[1].txt Verwijderd Trace.TrackingCookie.doubleclick!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@doubleclick[2].txt Verwijderd Trace.TrackingCookie.doubleclick!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\manuela@bs.serving-sys[1].txt Verwijderd Trace.TrackingCookie.bs.serving-sys!A2
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Cookies\Low\manuela@bs.serving-sys[1].txt Verwijderd Trace.TrackingCookie.bs.serving-sys!A2
Verwijderd
Bestanden: 2
Sporen: 0
Cookies: 178
-
12:09:38.0938 4152 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
12:09:39.0110 4152 ============================================================
12:09:39.0110 4152 Current date / time: 2012/01/23 12:09:39.0110
12:09:39.0110 4152 SystemInfo:
12:09:39.0110 4152
12:09:39.0110 4152 OS Version: 6.1.7601 ServicePack: 1.0
12:09:39.0110 4152 Product type: Workstation
12:09:39.0110 4152 ComputerName: MANUELA-PC
12:09:39.0110 4152 UserName: Manuela
12:09:39.0110 4152 Windows directory: C:\Windows
12:09:39.0110 4152 System windows directory: C:\Windows
12:09:39.0110 4152 Running under WOW64
12:09:39.0110 4152 Processor architecture: Intel x64
12:09:39.0110 4152 Number of processors: 2
12:09:39.0110 4152 Page size: 0x1000
12:09:39.0110 4152 Boot type: Normal boot
12:09:39.0110 4152 ============================================================
12:09:39.0796 4152 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:09:39.0827 4152 Initialize success
12:09:41.0809 3792 ============================================================
12:09:41.0809 3792 Scan started
12:09:41.0809 3792 Mode: Manual;
12:09:41.0809 3792 ============================================================
12:09:42.0214 3792 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:09:42.0230 3792 1394ohci - ok
12:09:42.0339 3792 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:09:42.0339 3792 ACPI - ok
12:09:42.0448 3792 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:09:42.0448 3792 AcpiPmi - ok
12:09:42.0573 3792 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:09:42.0573 3792 adp94xx - ok
12:09:42.0682 3792 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:09:42.0698 3792 adpahci - ok
12:09:42.0807 3792 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:09:42.0807 3792 adpu320 - ok
12:09:43.0166 3792 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
12:09:43.0166 3792 AFD - ok
12:09:43.0275 3792 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:09:43.0291 3792 agp440 - ok
12:09:43.0431 3792 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:09:43.0431 3792 aliide - ok
12:09:43.0494 3792 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:09:43.0494 3792 amdide - ok
12:09:43.0572 3792 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:09:43.0572 3792 AmdK8 - ok
12:09:43.0837 3792 amdkmdag (52679612d742bf74ca1ba6ab86ddf431) C:\Windows\system32\DRIVERS\atipmdag.sys
12:09:43.0899 3792 amdkmdag - ok
12:09:44.0024 3792 amdkmdap (414e0788920a8c856032be2cbf29f984) C:\Windows\system32\DRIVERS\atikmpag.sys
12:09:44.0024 3792 amdkmdap - ok
12:09:44.0040 3792 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:09:44.0040 3792 AmdPPM - ok
12:09:44.0164 3792 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:09:44.0164 3792 amdsata - ok
12:09:44.0258 3792 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:09:44.0258 3792 amdsbs - ok
12:09:44.0305 3792 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:09:44.0305 3792 amdxata - ok
12:09:44.0414 3792 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
12:09:44.0414 3792 AmUStor - ok
12:09:44.0476 3792 ApfiltrService (fab590e0fc28cb474b965f8267458e14) C:\Windows\system32\DRIVERS\Apfiltr.sys
12:09:44.0476 3792 ApfiltrService - ok
12:09:44.0523 3792 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:09:44.0523 3792 AppID - ok
12:09:44.0601 3792 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:09:44.0601 3792 arc - ok
12:09:44.0617 3792 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:09:44.0617 3792 arcsas - ok
12:09:44.0679 3792 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
12:09:44.0679 3792 aswFsBlk - ok
12:09:44.0882 3792 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
12:09:44.0882 3792 aswMonFlt - ok
12:09:45.0007 3792 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
12:09:45.0007 3792 aswRdr - ok
12:09:45.0085 3792 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
12:09:45.0100 3792 aswSnx - ok
12:09:45.0147 3792 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
12:09:45.0163 3792 aswSP - ok
12:09:45.0210 3792 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
12:09:45.0210 3792 aswTdi - ok
12:09:45.0303 3792 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:09:45.0303 3792 AsyncMac - ok
12:09:45.0381 3792 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:09:45.0381 3792 atapi - ok
12:09:45.0444 3792 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
12:09:45.0444 3792 AtiHdmiService - ok
12:09:45.0600 3792 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:09:45.0600 3792 b06bdrv - ok
12:09:45.0724 3792 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:09:45.0724 3792 b57nd60a - ok
12:09:45.0834 3792 BCM43XX (fde8c8dc07e75347e4c6b455a0964217) C:\Windows\system32\DRIVERS\bcmwl664.sys
12:09:45.0865 3792 BCM43XX - ok
12:09:45.0896 3792 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:09:45.0896 3792 Beep - ok
12:09:45.0943 3792 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:09:45.0943 3792 blbdrive - ok
12:09:45.0974 3792 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:09:45.0974 3792 bowser - ok
12:09:45.0990 3792 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:09:45.0990 3792 BrFiltLo - ok
12:09:46.0005 3792 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:09:46.0005 3792 BrFiltUp - ok
12:09:46.0052 3792 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:09:46.0052 3792 BridgeMP - ok
12:09:46.0068 3792 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:09:46.0068 3792 Brserid - ok
12:09:46.0099 3792 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:09:46.0099 3792 BrSerWdm - ok
12:09:46.0114 3792 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:09:46.0114 3792 BrUsbMdm - ok
12:09:46.0130 3792 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:09:46.0130 3792 BrUsbSer - ok
12:09:46.0146 3792 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:09:46.0146 3792 BTHMODEM - ok
12:09:46.0192 3792 catchme - ok
12:09:46.0286 3792 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:09:46.0286 3792 cdfs - ok
12:09:46.0348 3792 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
12:09:46.0348 3792 cdrom - ok
12:09:46.0458 3792 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:09:46.0458 3792 circlass - ok
12:09:46.0504 3792 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:09:46.0504 3792 CLFS - ok
12:09:46.0692 3792 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:09:46.0692 3792 CmBatt - ok
12:09:46.0738 3792 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:09:46.0738 3792 cmdide - ok
12:09:46.0801 3792 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
12:09:46.0816 3792 CNG - ok
12:09:46.0863 3792 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:09:46.0863 3792 Compbatt - ok
12:09:46.0894 3792 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:09:46.0910 3792 CompositeBus - ok
12:09:46.0926 3792 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:09:46.0926 3792 crcdisk - ok
12:09:46.0988 3792 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:09:46.0988 3792 DfsC - ok
12:09:47.0035 3792 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:09:47.0035 3792 discache - ok
12:09:47.0066 3792 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:09:47.0066 3792 Disk - ok
12:09:47.0144 3792 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:09:47.0144 3792 drmkaud - ok
12:09:47.0222 3792 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:09:47.0238 3792 DXGKrnl - ok
12:09:47.0378 3792 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:09:47.0409 3792 ebdrv - ok
12:09:47.0518 3792 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:09:47.0534 3792 elxstor - ok
12:09:47.0596 3792 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:09:47.0596 3792 ErrDev - ok
12:09:47.0643 3792 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:09:47.0643 3792 exfat - ok
12:09:47.0659 3792 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:09:47.0674 3792 fastfat - ok
12:09:47.0690 3792 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:09:47.0690 3792 fdc - ok
12:09:47.0721 3792 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:09:47.0721 3792 FileInfo - ok
12:09:47.0737 3792 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:09:47.0737 3792 Filetrace - ok
12:09:47.0768 3792 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:09:47.0768 3792 flpydisk - ok
12:09:47.0830 3792 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:09:47.0830 3792 FltMgr - ok
12:09:47.0908 3792 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:09:47.0908 3792 FsDepends - ok
12:09:47.0924 3792 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
12:09:47.0924 3792 Fs_Rec - ok
12:09:48.0002 3792 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:09:48.0002 3792 fvevol - ok
12:09:48.0049 3792 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:09:48.0049 3792 gagp30kx - ok
12:09:48.0096 3792 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:09:48.0096 3792 hcw85cir - ok
12:09:48.0174 3792 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:09:48.0174 3792 HdAudAddService - ok
12:09:48.0220 3792 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:09:48.0220 3792 HDAudBus - ok
12:09:48.0283 3792 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
12:09:48.0283 3792 HECIx64 - ok
12:09:48.0314 3792 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:09:48.0314 3792 HidBatt - ok
12:09:48.0330 3792 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:09:48.0330 3792 HidBth - ok
12:09:48.0361 3792 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:09:48.0361 3792 HidIr - ok
12:09:48.0454 3792 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:09:48.0454 3792 HidUsb - ok
12:09:48.0486 3792 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:09:48.0501 3792 HpSAMD - ok
12:09:48.0548 3792 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:09:48.0564 3792 HTTP - ok
12:09:48.0610 3792 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:09:48.0610 3792 hwpolicy - ok
12:09:48.0673 3792 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:09:48.0673 3792 i8042prt - ok
12:09:48.0720 3792 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
12:09:48.0735 3792 iaStor - ok
12:09:48.0876 3792 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:09:48.0876 3792 iaStorV - ok
12:09:49.0094 3792 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:09:49.0156 3792 igfx - ok
12:09:49.0250 3792 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:09:49.0250 3792 iirsp - ok
12:09:49.0422 3792 IntcAzAudAddService (53019327813ff5ab2964b33b2c61307c) C:\Windows\system32\drivers\RTKVHD64.sys
12:09:49.0453 3792 IntcAzAudAddService - ok
12:09:49.0500 3792 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:09:49.0500 3792 intelide - ok
12:09:49.0546 3792 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:09:49.0546 3792 intelppm - ok
12:09:49.0593 3792 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:09:49.0593 3792 IpFilterDriver - ok
12:09:49.0656 3792 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:09:49.0656 3792 IPMIDRV - ok
12:09:49.0687 3792 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:09:49.0687 3792 IPNAT - ok
12:09:49.0718 3792 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:09:49.0718 3792 IRENUM - ok
12:09:49.0765 3792 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:09:49.0765 3792 isapnp - ok
12:09:49.0812 3792 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:09:49.0812 3792 iScsiPrt - ok
12:09:49.0874 3792 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
12:09:49.0890 3792 k57nd60a - ok
12:09:49.0921 3792 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:09:49.0936 3792 kbdclass - ok
12:09:49.0983 3792 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:09:49.0983 3792 kbdhid - ok
12:09:50.0030 3792 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
12:09:50.0030 3792 KSecDD - ok
12:09:50.0077 3792 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
12:09:50.0077 3792 KSecPkg - ok
12:09:50.0108 3792 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:09:50.0108 3792 ksthunk - ok
12:09:50.0217 3792 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
12:09:50.0217 3792 L1E - ok
12:09:50.0264 3792 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:09:50.0264 3792 lltdio - ok
12:09:50.0420 3792 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:09:50.0420 3792 LSI_FC - ok
12:09:50.0436 3792 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:09:50.0436 3792 LSI_SAS - ok
12:09:50.0451 3792 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:09:50.0451 3792 LSI_SAS2 - ok
12:09:50.0467 3792 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:09:50.0467 3792 LSI_SCSI - ok
12:09:50.0498 3792 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:09:50.0498 3792 luafv - ok
12:09:50.0514 3792 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:09:50.0514 3792 megasas - ok
12:09:50.0545 3792 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:09:50.0560 3792 MegaSR - ok
12:09:50.0592 3792 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:09:50.0592 3792 Modem - ok
12:09:50.0623 3792 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:09:50.0623 3792 monitor - ok
12:09:50.0670 3792 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:09:50.0670 3792 mouclass - ok
12:09:50.0732 3792 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:09:50.0732 3792 mouhid - ok
12:09:50.0763 3792 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:09:50.0763 3792 mountmgr - ok
12:09:50.0810 3792 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:09:50.0810 3792 mpio - ok
12:09:50.0857 3792 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:09:50.0857 3792 mpsdrv - ok
12:09:50.0888 3792 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:09:50.0904 3792 MRxDAV - ok
12:09:50.0950 3792 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:09:50.0950 3792 mrxsmb - ok
12:09:51.0013 3792 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:09:51.0013 3792 mrxsmb10 - ok
12:09:51.0060 3792 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:09:51.0060 3792 mrxsmb20 - ok
12:09:51.0091 3792 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\DRIVERS\msahci.sys
12:09:51.0091 3792 msahci - ok
12:09:51.0138 3792 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:09:51.0138 3792 msdsm - ok
12:09:51.0184 3792 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:09:51.0184 3792 Msfs - ok
12:09:51.0200 3792 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:09:51.0200 3792 mshidkmdf - ok
12:09:51.0231 3792 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:09:51.0231 3792 msisadrv - ok
12:09:51.0278 3792 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:09:51.0278 3792 MSKSSRV - ok
12:09:51.0294 3792 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:09:51.0294 3792 MSPCLOCK - ok
12:09:51.0309 3792 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:09:51.0309 3792 MSPQM - ok
12:09:51.0356 3792 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:09:51.0356 3792 MsRPC - ok
12:09:51.0403 3792 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:09:51.0403 3792 mssmbios - ok
12:09:51.0450 3792 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:09:51.0450 3792 MSTEE - ok
12:09:51.0465 3792 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:09:51.0465 3792 MTConfig - ok
12:09:51.0481 3792 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:09:51.0481 3792 Mup - ok
12:09:51.0528 3792 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:09:51.0528 3792 mwlPSDFilter - ok
12:09:51.0559 3792 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:09:51.0559 3792 mwlPSDNServ - ok
12:09:51.0574 3792 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:09:51.0574 3792 mwlPSDVDisk - ok
12:09:51.0715 3792 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:09:51.0715 3792 NativeWifiP - ok
12:09:51.0793 3792 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:09:51.0793 3792 NDIS - ok
12:09:51.0855 3792 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:09:51.0855 3792 NdisCap - ok
12:09:51.0902 3792 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:09:51.0902 3792 NdisTapi - ok
12:09:51.0996 3792 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:09:51.0996 3792 Ndisuio - ok
12:09:52.0074 3792 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:09:52.0074 3792 NdisWan - ok
12:09:52.0120 3792 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:09:52.0136 3792 NDProxy - ok
12:09:52.0167 3792 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:09:52.0167 3792 NetBIOS - ok
12:09:52.0214 3792 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:09:52.0214 3792 NetBT - ok
12:09:52.0339 3792 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:09:52.0354 3792 nfrd960 - ok
12:09:52.0370 3792 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:09:52.0370 3792 Npfs - ok
12:09:52.0401 3792 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:09:52.0401 3792 nsiproxy - ok
12:09:52.0479 3792 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:09:52.0510 3792 Ntfs - ok
12:09:52.0604 3792 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
12:09:52.0604 3792 NTIDrvr - ok
12:09:52.0635 3792 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:09:52.0651 3792 Null - ok
12:09:52.0713 3792 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:09:52.0713 3792 nvraid - ok
12:09:52.0744 3792 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:09:52.0744 3792 nvstor - ok
12:09:52.0807 3792 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:09:52.0807 3792 nv_agp - ok
12:09:52.0885 3792 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:09:52.0885 3792 ohci1394 - ok
12:09:53.0041 3792 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:09:53.0041 3792 Parport - ok
12:09:53.0088 3792 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
12:09:53.0088 3792 partmgr - ok
12:09:53.0212 3792 pccsmcfd (81b5e63131090879ad6ef9f32109b88d) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
12:09:53.0212 3792 pccsmcfd - ok
12:09:53.0259 3792 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:09:53.0259 3792 pci - ok
12:09:53.0322 3792 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:09:53.0322 3792 pciide - ok
12:09:53.0368 3792 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:09:53.0368 3792 pcmcia - ok
12:09:53.0384 3792 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:09:53.0384 3792 pcw - ok
12:09:53.0415 3792 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:09:53.0415 3792 PEAUTH - ok
12:09:53.0602 3792 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:09:53.0602 3792 PptpMiniport - ok
12:09:53.0634 3792 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:09:53.0634 3792 Processor - ok
12:09:53.0774 3792 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:09:53.0790 3792 Psched - ok
12:09:53.0868 3792 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:09:53.0883 3792 ql2300 - ok
12:09:53.0899 3792 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:09:53.0914 3792 ql40xx - ok
12:09:53.0930 3792 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:09:53.0930 3792 QWAVEdrv - ok
12:09:53.0930 3792 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:09:53.0946 3792 RasAcd - ok
12:09:53.0992 3792 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:09:53.0992 3792 RasAgileVpn - ok
12:09:54.0039 3792 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:09:54.0039 3792 Rasl2tp - ok
12:09:54.0070 3792 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:09:54.0086 3792 RasPppoe - ok
12:09:54.0102 3792 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:09:54.0102 3792 RasSstp - ok
12:09:54.0133 3792 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:09:54.0133 3792 rdbss - ok
12:09:54.0180 3792 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:09:54.0180 3792 rdpbus - ok
12:09:54.0242 3792 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:09:54.0242 3792 RDPCDD - ok
12:09:54.0273 3792 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:09:54.0273 3792 RDPENCDD - ok
12:09:54.0289 3792 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:09:54.0289 3792 RDPREFMP - ok
12:09:54.0336 3792 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
12:09:54.0336 3792 RDPWD - ok
12:09:54.0382 3792 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:09:54.0382 3792 rdyboost - ok
12:09:54.0523 3792 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:09:54.0523 3792 rspndr - ok
12:09:54.0570 3792 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:09:54.0570 3792 sbp2port - ok
12:09:54.0616 3792 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:09:54.0616 3792 scfilter - ok
12:09:54.0694 3792 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:09:54.0694 3792 secdrv - ok
12:09:54.0726 3792 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:09:54.0726 3792 Serenum - ok
12:09:54.0757 3792 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:09:54.0757 3792 Serial - ok
12:09:54.0835 3792 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:09:54.0850 3792 sermouse - ok
12:09:54.0928 3792 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:09:54.0928 3792 sffdisk - ok
12:09:54.0960 3792 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:09:54.0960 3792 sffp_mmc - ok
12:09:54.0975 3792 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:09:54.0991 3792 sffp_sd - ok
12:09:55.0022 3792 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:09:55.0022 3792 sfloppy - ok
12:09:55.0053 3792 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:09:55.0053 3792 SiSRaid2 - ok
12:09:55.0069 3792 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:09:55.0069 3792 SiSRaid4 - ok
12:09:55.0084 3792 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:09:55.0084 3792 Smb - ok
12:09:55.0116 3792 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:09:55.0116 3792 spldr - ok
12:09:55.0194 3792 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:09:55.0209 3792 srv - ok
12:09:55.0256 3792 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:09:55.0272 3792 srv2 - ok
12:09:55.0318 3792 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:09:55.0318 3792 srvnet - ok
12:09:55.0381 3792 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:09:55.0396 3792 stexstor - ok
12:09:55.0443 3792 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:09:55.0443 3792 swenum - ok
12:09:55.0568 3792 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
12:09:55.0584 3792 Tcpip - ok
12:09:55.0693 3792 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
12:09:55.0708 3792 TCPIP6 - ok
12:09:55.0755 3792 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:09:55.0755 3792 tcpipreg - ok
12:09:55.0802 3792 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:09:55.0802 3792 TDPIPE - ok
12:09:55.0818 3792 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
12:09:55.0818 3792 TDTCP - ok
12:09:55.0880 3792 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:09:55.0880 3792 tdx - ok
12:09:55.0911 3792 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:09:55.0927 3792 TermDD - ok
12:09:56.0036 3792 TFsExDisk - ok
12:09:56.0114 3792 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:09:56.0114 3792 tssecsrv - ok
12:09:56.0176 3792 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:09:56.0176 3792 TsUsbFlt - ok
12:09:56.0239 3792 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:09:56.0239 3792 tunnel - ok
12:09:56.0270 3792 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:09:56.0270 3792 uagp35 - ok
12:09:56.0348 3792 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
12:09:56.0348 3792 UBHelper - ok
12:09:56.0395 3792 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:09:56.0395 3792 udfs - ok
12:09:56.0488 3792 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:09:56.0488 3792 uliagpkx - ok
12:09:56.0535 3792 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
12:09:56.0535 3792 umbus - ok
12:09:56.0566 3792 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:09:56.0566 3792 UmPass - ok
12:09:56.0722 3792 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:09:56.0722 3792 usbccgp - ok
12:09:56.0785 3792 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:09:56.0785 3792 usbcir - ok
12:09:56.0800 3792 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
12:09:56.0816 3792 usbehci - ok
12:09:56.0878 3792 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:09:56.0878 3792 usbhub - ok
12:09:56.0910 3792 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
12:09:56.0910 3792 usbohci - ok
12:09:56.0941 3792 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:09:56.0941 3792 usbprint - ok
12:09:56.0972 3792 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:09:56.0988 3792 USBSTOR - ok
12:09:57.0019 3792 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:09:57.0019 3792 usbuhci - ok
12:09:57.0128 3792 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
12:09:57.0128 3792 usbvideo - ok
12:09:57.0222 3792 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:09:57.0222 3792 vdrvroot - ok
12:09:57.0268 3792 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:09:57.0268 3792 vga - ok
12:09:57.0284 3792 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:09:57.0284 3792 VgaSave - ok
12:09:57.0315 3792 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:09:57.0315 3792 vhdmp - ok
12:09:57.0346 3792 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:09:57.0362 3792 viaide - ok
12:09:57.0393 3792 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:09:57.0393 3792 volmgr - ok
12:09:57.0440 3792 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:09:57.0440 3792 volmgrx - ok
12:09:57.0534 3792 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:09:57.0534 3792 volsnap - ok
12:09:57.0580 3792 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:09:57.0580 3792 vsmraid - ok
12:09:57.0596 3792 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:09:57.0596 3792 vwifibus - ok
12:09:57.0612 3792 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:09:57.0612 3792 vwififlt - ok
12:09:57.0627 3792 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
12:09:57.0627 3792 vwifimp - ok
12:09:57.0658 3792 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:09:57.0658 3792 WacomPen - ok
12:09:57.0705 3792 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:09:57.0705 3792 WANARP - ok
12:09:57.0705 3792 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:09:57.0705 3792 Wanarpv6 - ok
12:09:57.0799 3792 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:09:57.0799 3792 Wd - ok
12:09:57.0830 3792 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:09:57.0830 3792 Wdf01000 - ok
12:09:57.0939 3792 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:09:57.0939 3792 WfpLwf - ok
12:09:57.0955 3792 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:09:57.0955 3792 WIMMount - ok
12:09:58.0126 3792 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:09:58.0126 3792 WinUsb - ok
12:09:58.0189 3792 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:09:58.0189 3792 WmiAcpi - ok
12:09:58.0251 3792 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:09:58.0251 3792 ws2ifsl - ok
12:09:58.0329 3792 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:09:58.0329 3792 WudfPf - ok
12:09:58.0360 3792 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:09:58.0360 3792 WUDFRd - ok
12:09:58.0438 3792 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
12:09:58.0501 3792 \Device\Harddisk0\DR0 - ok
12:09:58.0501 3792 Boot (0x1200) (d6112fdf5cea1ab7be6c032e4a377fd4) \Device\Harddisk0\DR0\Partition0
12:09:58.0501 3792 \Device\Harddisk0\DR0\Partition0 - ok
12:09:58.0516 3792 Boot (0x1200) (ba513c544e4cc98b5b1b026da215884d) \Device\Harddisk0\DR0\Partition1
12:09:58.0516 3792 \Device\Harddisk0\DR0\Partition1 - ok
12:09:58.0516 3792 ============================================================
12:09:58.0516 3792 Scan finished
12:09:58.0516 3792 ============================================================
12:09:58.0532 2560 Detected object count: 0
12:09:58.0532 2560 Actual detected object count: 0
12:09:59.0359 3796 ============================================================
12:09:59.0359 3796 Scan started
12:09:59.0359 3796 Mode: Manual;
12:09:59.0359 3796 ============================================================
12:09:59.0608 3796 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:09:59.0608 3796 1394ohci - ok
12:09:59.0655 3796 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:09:59.0655 3796 ACPI - ok
12:09:59.0655 3796 Scan interrupted by user!
12:09:59.0655 3796 Scan interrupted by user!
12:09:59.0655 3796 Scan interrupted by user!
12:09:59.0655 3796 ============================================================
12:09:59.0655 3796 Scan finished
12:09:59.0655 3796 ============================================================
12:09:59.0671 4760 Detected object count: 0
12:09:59.0671 4760 Actual detected object count: 0
12:10:02.0962 2396 ============================================================
12:10:02.0962 2396 Scan started
12:10:02.0962 2396 Mode: Manual;
12:10:02.0962 2396 ============================================================
12:10:03.0118 2396 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:10:03.0118 2396 1394ohci - ok
12:10:03.0165 2396 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:10:03.0165 2396 ACPI - ok
12:10:03.0212 2396 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:10:03.0212 2396 AcpiPmi - ok
12:10:03.0243 2396 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:10:03.0259 2396 adp94xx - ok
12:10:03.0274 2396 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:10:03.0274 2396 adpahci - ok
12:10:03.0290 2396 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:10:03.0290 2396 adpu320 - ok
12:10:03.0352 2396 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
12:10:03.0352 2396 AFD - ok
12:10:03.0399 2396 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:10:03.0399 2396 agp440 - ok
12:10:03.0415 2396 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:10:03.0415 2396 aliide - ok
12:10:03.0446 2396 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:10:03.0446 2396 amdide - ok
12:10:03.0493 2396 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:10:03.0493 2396 AmdK8 - ok
12:10:03.0680 2396 amdkmdag (52679612d742bf74ca1ba6ab86ddf431) C:\Windows\system32\DRIVERS\atipmdag.sys
12:10:03.0742 2396 amdkmdag - ok
12:10:03.0774 2396 amdkmdap (414e0788920a8c856032be2cbf29f984) C:\Windows\system32\DRIVERS\atikmpag.sys
12:10:03.0774 2396 amdkmdap - ok
12:10:03.0820 2396 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:10:03.0820 2396 AmdPPM - ok
12:10:03.0867 2396 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:10:03.0867 2396 amdsata - ok
12:10:03.0883 2396 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:10:03.0883 2396 amdsbs - ok
12:10:03.0914 2396 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:10:03.0914 2396 amdxata - ok
12:10:03.0945 2396 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
12:10:03.0945 2396 AmUStor - ok
12:10:03.0976 2396 ApfiltrService (fab590e0fc28cb474b965f8267458e14) C:\Windows\system32\DRIVERS\Apfiltr.sys
12:10:03.0992 2396 ApfiltrService - ok
12:10:04.0008 2396 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:10:04.0023 2396 AppID - ok
12:10:04.0086 2396 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:10:04.0086 2396 arc - ok
12:10:04.0101 2396 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:10:04.0101 2396 arcsas - ok
12:10:04.0148 2396 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
12:10:04.0148 2396 aswFsBlk - ok
12:10:04.0195 2396 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
12:10:04.0195 2396 aswMonFlt - ok
12:10:04.0242 2396 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
12:10:04.0242 2396 aswRdr - ok
12:10:04.0273 2396 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
12:10:04.0288 2396 aswSnx - ok
12:10:04.0335 2396 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
12:10:04.0351 2396 aswSP - ok
12:10:04.0382 2396 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
12:10:04.0382 2396 aswTdi - ok
12:10:04.0413 2396 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:10:04.0413 2396 AsyncMac - ok
12:10:04.0460 2396 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:10:04.0460 2396 atapi - ok
12:10:04.0507 2396 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
12:10:04.0507 2396 AtiHdmiService - ok
12:10:04.0600 2396 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:10:04.0600 2396 b06bdrv - ok
12:10:04.0632 2396 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:10:04.0647 2396 b57nd60a - ok
12:10:04.0756 2396 BCM43XX (fde8c8dc07e75347e4c6b455a0964217) C:\Windows\system32\DRIVERS\bcmwl664.sys
12:10:04.0788 2396 BCM43XX - ok
12:10:04.0819 2396 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:10:04.0819 2396 Beep - ok
12:10:04.0850 2396 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:10:04.0850 2396 blbdrive - ok
12:10:04.0881 2396 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:10:04.0881 2396 bowser - ok
12:10:04.0897 2396 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:10:04.0897 2396 BrFiltLo - ok
12:10:04.0912 2396 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:10:04.0912 2396 BrFiltUp - ok
12:10:04.0928 2396 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:10:04.0928 2396 BridgeMP - ok
12:10:04.0944 2396 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:10:04.0959 2396 Brserid - ok
12:10:04.0975 2396 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:10:04.0975 2396 BrSerWdm - ok
12:10:04.0975 2396 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:10:04.0990 2396 BrUsbMdm - ok
12:10:04.0990 2396 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:10:04.0990 2396 BrUsbSer - ok
12:10:05.0022 2396 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:10:05.0022 2396 BTHMODEM - ok
12:10:05.0037 2396 catchme - ok
12:10:05.0053 2396 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:10:05.0053 2396 cdfs - ok
12:10:05.0084 2396 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
12:10:05.0084 2396 cdrom - ok
12:10:05.0115 2396 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:10:05.0115 2396 circlass - ok
12:10:05.0178 2396 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:10:05.0178 2396 CLFS - ok
12:10:05.0224 2396 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:10:05.0224 2396 CmBatt - ok
12:10:05.0271 2396 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:10:05.0271 2396 cmdide - ok
12:10:05.0334 2396 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
12:10:05.0349 2396 CNG - ok
12:10:05.0380 2396 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:10:05.0380 2396 Compbatt - ok
12:10:05.0412 2396 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:10:05.0412 2396 CompositeBus - ok
12:10:05.0443 2396 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:10:05.0443 2396 crcdisk - ok
12:10:05.0490 2396 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:10:05.0505 2396 DfsC - ok
12:10:05.0521 2396 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:10:05.0521 2396 discache - ok
12:10:05.0536 2396 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:10:05.0536 2396 Disk - ok
12:10:05.0568 2396 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:10:05.0568 2396 drmkaud - ok
12:10:05.0630 2396 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:10:05.0646 2396 DXGKrnl - ok
12:10:05.0755 2396 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:10:05.0802 2396 ebdrv - ok
12:10:05.0848 2396 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:10:05.0864 2396 elxstor - ok
12:10:05.0895 2396 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:10:05.0895 2396 ErrDev - ok
12:10:05.0942 2396 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:10:05.0942 2396 exfat - ok
12:10:05.0958 2396 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:10:05.0973 2396 fastfat - ok
12:10:05.0973 2396 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:10:05.0989 2396 fdc - ok
12:10:06.0004 2396 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:10:06.0004 2396 FileInfo - ok
12:10:06.0020 2396 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:10:06.0020 2396 Filetrace - ok
12:10:06.0036 2396 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:10:06.0036 2396 flpydisk - ok
12:10:06.0082 2396 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:10:06.0082 2396 FltMgr - ok
12:10:06.0129 2396 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:10:06.0129 2396 FsDepends - ok
12:10:06.0145 2396 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
12:10:06.0145 2396 Fs_Rec - ok
12:10:06.0192 2396 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:10:06.0192 2396 fvevol - ok
12:10:06.0238 2396 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:10:06.0238 2396 gagp30kx - ok
12:10:06.0254 2396 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:10:06.0254 2396 hcw85cir - ok
12:10:06.0316 2396 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:10:06.0316 2396 HdAudAddService - ok
12:10:06.0363 2396 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:10:06.0363 2396 HDAudBus - ok
12:10:06.0379 2396 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
12:10:06.0379 2396 HECIx64 - ok
12:10:06.0410 2396 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:10:06.0410 2396 HidBatt - ok
12:10:06.0426 2396 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:10:06.0426 2396 HidBth - ok
12:10:06.0441 2396 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:10:06.0441 2396 HidIr - ok
12:10:06.0488 2396 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:10:06.0488 2396 HidUsb - ok
12:10:06.0519 2396 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:10:06.0535 2396 HpSAMD - ok
12:10:06.0582 2396 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:10:06.0582 2396 HTTP - ok
12:10:06.0628 2396 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:10:06.0628 2396 hwpolicy - ok
12:10:06.0675 2396 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:10:06.0675 2396 i8042prt - ok
12:10:06.0738 2396 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
12:10:06.0738 2396 iaStor - ok
12:10:06.0784 2396 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:10:06.0784 2396 iaStorV - ok
12:10:06.0972 2396 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:10:07.0034 2396 igfx - ok
12:10:07.0050 2396 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:10:07.0050 2396 iirsp - ok
12:10:07.0159 2396 IntcAzAudAddService (53019327813ff5ab2964b33b2c61307c) C:\Windows\system32\drivers\RTKVHD64.sys
12:10:07.0174 2396 IntcAzAudAddService - ok
12:10:07.0237 2396 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:10:07.0237 2396 intelide - ok
12:10:07.0268 2396 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:10:07.0268 2396 intelppm - ok
12:10:07.0315 2396 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:10:07.0315 2396 IpFilterDriver - ok
12:10:07.0362 2396 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:10:07.0362 2396 IPMIDRV - ok
12:10:07.0393 2396 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:10:07.0393 2396 IPNAT - ok
12:10:07.0408 2396 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:10:07.0408 2396 IRENUM - ok
12:10:07.0440 2396 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:10:07.0440 2396 isapnp - ok
12:10:07.0502 2396 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:10:07.0502 2396 iScsiPrt - ok
12:10:07.0533 2396 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
12:10:07.0533 2396 k57nd60a - ok
12:10:07.0580 2396 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:10:07.0580 2396 kbdclass - ok
12:10:07.0627 2396 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:10:07.0627 2396 kbdhid - ok
12:10:07.0674 2396 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
12:10:07.0674 2396 KSecDD - ok
12:10:07.0720 2396 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
12:10:07.0720 2396 KSecPkg - ok
12:10:07.0752 2396 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:10:07.0752 2396 ksthunk - ok
12:10:07.0767 2396 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
12:10:07.0767 2396 L1E - ok
12:10:07.0798 2396 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:10:07.0798 2396 lltdio - ok
12:10:07.0830 2396 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:10:07.0830 2396 LSI_FC - ok
12:10:07.0845 2396 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:10:07.0845 2396 LSI_SAS - ok
12:10:07.0861 2396 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:10:07.0861 2396 LSI_SAS2 - ok
12:10:07.0876 2396 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:10:07.0876 2396 LSI_SCSI - ok
12:10:07.0908 2396 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:10:07.0908 2396 luafv - ok
12:10:07.0923 2396 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:10:07.0923 2396 megasas - ok
12:10:07.0939 2396 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:10:07.0954 2396 MegaSR - ok
12:10:07.0970 2396 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:10:07.0986 2396 Modem - ok
12:10:08.0001 2396 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:10:08.0001 2396 monitor - ok
12:10:08.0048 2396 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:10:08.0048 2396 mouclass - ok
12:10:08.0064 2396 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:10:08.0064 2396 mouhid - ok
12:10:08.0110 2396 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:10:08.0110 2396 mountmgr - ok
12:10:08.0157 2396 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:10:08.0157 2396 mpio - ok
12:10:08.0188 2396 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:10:08.0204 2396 mpsdrv - ok
12:10:08.0235 2396 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:10:08.0235 2396 MRxDAV - ok
12:10:08.0298 2396 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:10:08.0298 2396 mrxsmb - ok
12:10:08.0360 2396 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:10:08.0360 2396 mrxsmb10 - ok
12:10:08.0391 2396 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:10:08.0407 2396 mrxsmb20 - ok
12:10:08.0422 2396 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\DRIVERS\msahci.sys
12:10:08.0438 2396 msahci - ok
12:10:08.0469 2396 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:10:08.0485 2396 msdsm - ok
12:10:08.0532 2396 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:10:08.0532 2396 Msfs - ok
12:10:08.0547 2396 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:10:08.0547 2396 mshidkmdf - ok
12:10:08.0578 2396 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:10:08.0578 2396 msisadrv - ok
12:10:08.0594 2396 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:10:08.0594 2396 MSKSSRV - ok
12:10:08.0610 2396 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:10:08.0610 2396 MSPCLOCK - ok
12:10:08.0625 2396 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:10:08.0625 2396 MSPQM - ok
12:10:08.0672 2396 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:10:08.0672 2396 MsRPC - ok
12:10:08.0703 2396 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:10:08.0719 2396 mssmbios - ok
12:10:08.0750 2396 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:10:08.0750 2396 MSTEE - ok
12:10:08.0766 2396 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:10:08.0766 2396 MTConfig - ok
12:10:08.0781 2396 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:10:08.0781 2396 Mup - ok
12:10:08.0812 2396 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:10:08.0812 2396 mwlPSDFilter - ok
12:10:08.0828 2396 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:10:08.0828 2396 mwlPSDNServ - ok
12:10:08.0844 2396 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:10:08.0844 2396 mwlPSDVDisk - ok
12:10:08.0875 2396 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:10:08.0890 2396 NativeWifiP - ok
12:10:08.0937 2396 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:10:08.0953 2396 NDIS - ok
12:10:08.0984 2396 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:10:08.0984 2396 NdisCap - ok
12:10:09.0000 2396 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:10:09.0000 2396 NdisTapi - ok
12:10:09.0031 2396 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:10:09.0031 2396 Ndisuio - ok
12:10:09.0078 2396 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:10:09.0078 2396 NdisWan - ok
12:10:09.0124 2396 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:10:09.0124 2396 NDProxy - ok
12:10:09.0156 2396 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:10:09.0156 2396 NetBIOS - ok
12:10:09.0202 2396 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:10:09.0202 2396 NetBT - ok
12:10:09.0249 2396 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:10:09.0265 2396 nfrd960 - ok
12:10:09.0280 2396 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:10:09.0280 2396 Npfs - ok
12:10:09.0296 2396 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:10:09.0296 2396 nsiproxy - ok
12:10:09.0390 2396 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:10:09.0421 2396 Ntfs - ok
12:10:09.0468 2396 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
12:10:09.0468 2396 NTIDrvr - ok
12:10:09.0499 2396 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:10:09.0499 2396 Null - ok
12:10:09.0530 2396 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:10:09.0546 2396 nvraid - ok
12:10:09.0561 2396 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:10:09.0561 2396 nvstor - ok
12:10:09.0608 2396 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:10:09.0608 2396 nv_agp - ok
12:10:09.0670 2396 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:10:09.0670 2396 ohci1394 - ok
12:10:09.0717 2396 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:10:09.0717 2396 Parport - ok
12:10:09.0764 2396 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
12:10:09.0764 2396 partmgr - ok
12:10:09.0811 2396 pccsmcfd (81b5e63131090879ad6ef9f32109b88d) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
12:10:09.0826 2396 pccsmcfd - ok
12:10:09.0873 2396 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:10:09.0873 2396 pci - ok
12:10:09.0920 2396 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:10:09.0920 2396 pciide - ok
12:10:09.0967 2396 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:10:09.0967 2396 pcmcia - ok
12:10:09.0982 2396 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:10:09.0982 2396 pcw - ok
12:10:10.0014 2396 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:10:10.0014 2396 PEAUTH - ok
12:10:10.0107 2396 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:10:10.0107 2396 PptpMiniport - ok
12:10:10.0138 2396 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:10:10.0138 2396 Processor - ok
12:10:10.0185 2396 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:10:10.0201 2396 Psched - ok
12:10:10.0263 2396 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:10:10.0294 2396 ql2300 - ok
12:10:10.0294 2396 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:10:10.0310 2396 ql40xx - ok
12:10:10.0326 2396 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:10:10.0326 2396 QWAVEdrv - ok
12:10:10.0341 2396 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:10:10.0341 2396 RasAcd - ok
12:10:10.0372 2396 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:10:10.0372 2396 RasAgileVpn - ok
12:10:10.0419 2396 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:10:10.0419 2396 Rasl2tp - ok
12:10:10.0450 2396 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:10:10.0450 2396 RasPppoe - ok
12:10:10.0466 2396 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:10:10.0466 2396 RasSstp - ok
12:10:10.0513 2396 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:10:10.0513 2396 rdbss - ok
12:10:10.0560 2396 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:10:10.0560 2396 rdpbus - ok
12:10:10.0575 2396 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:10:10.0575 2396 RDPCDD - ok
12:10:10.0591 2396 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:10:10.0591 2396 RDPENCDD - ok
12:10:10.0606 2396 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:10:10.0606 2396 RDPREFMP - ok
12:10:10.0653 2396 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
12:10:10.0653 2396 RDPWD - ok
12:10:10.0700 2396 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:10:10.0700 2396 rdyboost - ok
12:10:10.0762 2396 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:10:10.0762 2396 rspndr - ok
12:10:10.0794 2396 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:10:10.0794 2396 sbp2port - ok
12:10:10.0825 2396 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:10:10.0840 2396 scfilter - ok
12:10:10.0872 2396 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:10:10.0872 2396 secdrv - ok
12:10:10.0903 2396 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:10:10.0903 2396 Serenum - ok
12:10:10.0918 2396 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:10:10.0918 2396 Serial - ok
12:10:10.0965 2396 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:10:10.0965 2396 sermouse - ok
12:10:11.0028 2396 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:10:11.0028 2396 sffdisk - ok
12:10:11.0059 2396 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:10:11.0059 2396 sffp_mmc - ok
12:10:11.0074 2396 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:10:11.0090 2396 sffp_sd - ok
12:10:11.0121 2396 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:10:11.0121 2396 sfloppy - ok
12:10:11.0137 2396 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:10:11.0152 2396 SiSRaid2 - ok
12:10:11.0152 2396 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:10:11.0168 2396 SiSRaid4 - ok
12:10:11.0168 2396 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:10:11.0184 2396 Smb - ok
12:10:11.0199 2396 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:10:11.0199 2396 spldr - ok
12:10:11.0277 2396 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:10:11.0277 2396 srv - ok
12:10:11.0340 2396 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:10:11.0340 2396 srv2 - ok
12:10:11.0371 2396 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:10:11.0371 2396 srvnet - ok
12:10:11.0418 2396 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:10:11.0418 2396 stexstor - ok
12:10:11.0480 2396 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:10:11.0480 2396 swenum - ok
12:10:11.0589 2396 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
12:10:11.0605 2396 Tcpip - ok
12:10:11.0683 2396 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
12:10:11.0714 2396 TCPIP6 - ok
12:10:11.0761 2396 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:10:11.0761 2396 tcpipreg - ok
12:10:11.0792 2396 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:10:11.0792 2396 TDPIPE - ok
12:10:11.0808 2396 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
12:10:11.0808 2396 TDTCP - ok
12:10:11.0870 2396 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:10:11.0870 2396 tdx - ok
12:10:11.0917 2396 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:10:11.0917 2396 TermDD - ok
12:10:11.0932 2396 TFsExDisk - ok
12:10:12.0010 2396 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:10:12.0010 2396 tssecsrv - ok
12:10:12.0042 2396 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:10:12.0057 2396 TsUsbFlt - ok
12:10:12.0088 2396 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:10:12.0088 2396 tunnel - ok
12:10:12.0135 2396 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:10:12.0135 2396 uagp35 - ok
12:10:12.0166 2396 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
12:10:12.0166 2396 UBHelper - ok
12:10:12.0213 2396 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:10:12.0213 2396 udfs - ok
12:10:12.0276 2396 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:10:12.0276 2396 uliagpkx - ok
12:10:12.0322 2396 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
12:10:12.0322 2396 umbus - ok
12:10:12.0354 2396 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:10:12.0354 2396 UmPass - ok
12:10:12.0400 2396 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:10:12.0400 2396 usbccgp - ok
12:10:12.0447 2396 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:10:12.0447 2396 usbcir - ok
12:10:12.0478 2396 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
12:10:12.0478 2396 usbehci - ok
12:10:12.0541 2396 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:10:12.0541 2396 usbhub - ok
12:10:12.0572 2396 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
12:10:12.0572 2396 usbohci - ok
12:10:12.0603 2396 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:10:12.0603 2396 usbprint - ok
12:10:12.0650 2396 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:10:12.0650 2396 USBSTOR - ok
12:10:12.0681 2396 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:10:12.0681 2396 usbuhci - ok
12:10:12.0728 2396 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
12:10:12.0728 2396 usbvideo - ok
12:10:12.0775 2396 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:10:12.0775 2396 vdrvroot - ok
12:10:12.0822 2396 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:10:12.0822 2396 vga - ok
12:10:12.0837 2396 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:10:12.0837 2396 VgaSave - ok
12:10:12.0868 2396 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:10:12.0884 2396 vhdmp - ok
12:10:12.0915 2396 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:10:12.0915 2396 viaide - ok
12:10:12.0946 2396 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:10:12.0946 2396 volmgr - ok
12:10:12.0993 2396 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:10:12.0993 2396 volmgrx - ok
12:10:13.0040 2396 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:10:13.0040 2396 volsnap - ok
12:10:13.0071 2396 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:10:13.0071 2396 vsmraid - ok
12:10:13.0087 2396 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:10:13.0102 2396 vwifibus - ok
12:10:13.0118 2396 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:10:13.0118 2396 vwififlt - ok
12:10:13.0134 2396 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
12:10:13.0134 2396 vwifimp - ok
12:10:13.0149 2396 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:10:13.0149 2396 WacomPen - ok
12:10:13.0180 2396 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:10:13.0196 2396 WANARP - ok
12:10:13.0196 2396 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:10:13.0196 2396 Wanarpv6 - ok
12:10:13.0227 2396 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:10:13.0227 2396 Wd - ok
12:10:13.0258 2396 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:10:13.0258 2396 Wdf01000 - ok
12:10:13.0290 2396 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:10:13.0290 2396 WfpLwf - ok
12:10:13.0305 2396 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:10:13.0305 2396 WIMMount - ok
12:10:13.0368 2396 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:10:13.0368 2396 WinUsb - ok
12:10:13.0414 2396 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:10:13.0414 2396 WmiAcpi - ok
12:10:13.0477 2396 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:10:13.0477 2396 ws2ifsl - ok
12:10:13.0539 2396 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:10:13.0539 2396 WudfPf - ok
12:10:13.0555 2396 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:10:13.0555 2396 WUDFRd - ok
12:10:13.0602 2396 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
12:10:13.0664 2396 \Device\Harddisk0\DR0 - ok
12:10:13.0664 2396 Boot (0x1200) (d6112fdf5cea1ab7be6c032e4a377fd4) \Device\Harddisk0\DR0\Partition0
12:10:13.0664 2396 \Device\Harddisk0\DR0\Partition0 - ok
12:10:13.0680 2396 Boot (0x1200) (ba513c544e4cc98b5b1b026da215884d) \Device\Harddisk0\DR0\Partition1
12:10:13.0680 2396 \Device\Harddisk0\DR0\Partition1 - ok
12:10:13.0680 2396 ============================================================
12:10:13.0680 2396 Scan finished
12:10:13.0680 2396 ============================================================
12:10:13.0695 4164 Detected object count: 0
12:10:13.0695 4164 Actual detected object count: 0
-
ik krijg dezelfde foutmelding als ik hijack log wil maken
zoals de printscreen die ik hier had geplaatst
-
ik heb nu alle programma's verwijdert en logs
dus zullen we van 0 beginnen??
-
dat meen je niet
kan ik me laptop ook helemaal resetten ??
-
dit is Combofix.txt
ComboFix 12-01-21.02 - Manuela 22-01-2012 14:31:52.2.2 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3956.2605 [GMT 1:00]
Gestart vanuit: c:\users\Manuela\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-12-22 to 2012-01-22 ))))))))))))))))))))))))))))))
.
.
2012-01-22 13:39 . 2012-01-22 13:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-21 20:41 . 2012-01-21 20:41 -------- d-----w- C:\rsit
2012-01-21 20:14 . 2012-01-21 20:41 -------- d-----w- c:\program files (x86)\Trend Micro
2012-01-21 20:14 . 2012-01-21 20:14 388096 ----a-r- c:\users\Manuela\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\users\Manuela\AppData\Roaming\Malwarebytes
2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\programdata\Malwarebytes
2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-21 14:34 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\MSN Toolbar
2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\Bing Bar Installer
2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\programdata\HP Photo Creations
2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\program files (x86)\HP Photo Creations
2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\users\Manuela\AppData\Roaming\HpUpdate
2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\programdata\HP
2012-01-21 14:06 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\HP
2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\program files\HP
2012-01-21 14:05 . 2012-01-21 14:05 -------- d-----w- c:\users\Manuela\AppData\Local\HP
2012-01-20 18:19 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4096987-0472-4514-A490-B47187953B58}\mpengine.dll
2012-01-14 13:13 . 2012-01-14 13:13 -------- d-----w- c:\users\Manuela\AppData\Local\ElevatedDiagnostics
2012-01-14 13:10 . 2012-01-14 13:10 -------- d-----w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-01-14 13:07 . 2012-01-14 13:07 -------- d-----w- c:\users\Manuela\AppData\Local\PackageAware
2012-01-13 16:42 . 2012-01-13 16:42 -------- d-----w- c:\users\Manuela\AppData\Roaming\Need for Speed World
2012-01-13 15:56 . 2012-01-13 15:56 -------- d-----w- c:\users\Manuela\AppData\Local\Electronic_Arts_Inc
2012-01-13 15:54 . 2007-03-15 15:57 506728 ----a-w- c:\windows\system32\d3dx10_33.dll
2012-01-13 15:49 . 2012-01-13 15:53 -------- d--h--w- c:\windows\msdownld.tmp
2012-01-13 14:42 . 2012-01-13 14:42 237 ----a-w- C:\user.js
2012-01-13 14:42 . 2012-01-13 14:48 -------- d-----w- c:\program files (x86)\BrowserCompanion
2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\users\Manuela\AppData\Local\Babylon
2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\users\Manuela\AppData\Roaming\Babylon
2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\programdata\Babylon
2012-01-13 14:39 . 2012-01-13 14:39 -------- d-----w- c:\programdata\Premium
2012-01-13 14:38 . 2012-01-13 14:39 -------- d-----w- c:\programdata\InstallMate
2012-01-12 20:25 . 2012-01-14 12:10 -------- d-----w- c:\programdata\tmp
2012-01-12 20:25 . 2012-01-12 20:25 -------- d-----w- c:\programdata\hps
2012-01-12 20:20 . 2012-01-20 22:20 -------- d-----w- c:\program files (x86)\Fotoservice
2012-01-12 19:18 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-12 19:18 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-12 19:18 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-12 19:18 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-12 19:18 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-12 19:18 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-12 19:18 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-12 19:18 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2011-12-23 19:41 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-23 19:39 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-12-23 19:39 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-23 19:39 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-23 19:39 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-23 19:39 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-03-30 20:09 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-03-30 20:09 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-03-30 19:51 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-07-09 11:48 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-03-30 20:09 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-03-30 20:09 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-03-30 20:09 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-03-30 20:09 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-03-30 20:09 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-15 13:29 . 2011-02-24 20:18 270720 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-22_12.11.55 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-01-22 12:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-22 13:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-22 13:40 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-22 12:09 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-22 12:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-22 13:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-02-12 16:09 . 2012-01-22 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-12 16:09 . 2012-01-22 14:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-12 16:09 . 2012-01-22 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-12 16:09 . 2012-01-22 14:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-22 12:09 . 2012-01-22 12:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-22 13:40 . 2012-01-22 13:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-01-22 12:09 . 2012-01-22 12:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-01-22 13:40 . 2012-01-22 13:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-02-12 16:44 . 2012-01-22 14:19 232744 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 05:01 . 2012-01-22 13:40 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-01-22 12:08 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2011-07-08 102400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Browser companion helper"="c:\program files (x86)\BrowserCompanion\BCHelper.exe" [2011-12-16 187696]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2012-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job
- c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12]
.
2012-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job
- c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12]
.
2012-01-22 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2012-01-21 14:29]
.
2012-01-21 c:\windows\Tasks\hpwebreg_xxxxxxxxxx.job
- c:\program files\HP\HP Deskjet 2050 J510 series\Bin\hpwebreg.exe [2010-11-16 20:29]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-11 9643552]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-04-23 861216]
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&affID=101241&mntrId=a43664880000000000005cac4c691c22
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_7741&r=27360211j306l04e8z1k5t4711p893
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
.
**************************************************************************
.
Voltooingstijd: 2012-01-22 15:27:19 - machine werd herstart
ComboFix-quarantined-files.txt 2012-01-22 14:27
ComboFix2.txt 2012-01-22 12:23
.
Pre-Run: 435.269.664.768 bytes beschikbaar
Post-Run: 434.957.684.736 bytes beschikbaar
.
- - End Of File - - 9B9142C95897DA7AB7C4A08A0073A7E3
dit is nieuw logje van RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by Manuela at 2012-01-22 15:33:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 415 GB (90%) free of 463 GB
Total RAM: 3956 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:33:47, on 22-1-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\Manuela\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Manuela.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10957 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job
C:\Windows\tasks\HP Photo Creations Communicator.job
C:\Windows\tasks\hpwebreg_xxxxxxxxxx.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24 612616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24 612616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-02-01 337264]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2009-12-25 401192]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-05 283160]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"Browser companion helper"=C:\Program Files (x86)\BrowserCompanion\BCHelper.exe [2011-12-16 187696]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"AutoStartNPSAgent"=C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2011-07-08 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2010-11-20 229376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-01-22 15:29:07 ----SHD---- C:\$RECYCLE.BIN
2012-01-22 15:27:22 ----A---- C:\ComboFix.txt
2012-01-22 12:57:11 ----A---- C:\Windows\zip.exe
2012-01-22 12:57:11 ----A---- C:\Windows\SWSC.exe
2012-01-22 12:57:11 ----A---- C:\Windows\SWREG.exe
2012-01-22 12:57:11 ----A---- C:\Windows\sed.exe
2012-01-22 12:57:11 ----A---- C:\Windows\PEV.exe
2012-01-22 12:57:11 ----A---- C:\Windows\NIRCMD.exe
2012-01-22 12:57:11 ----A---- C:\Windows\MBR.exe
2012-01-22 12:57:11 ----A---- C:\Windows\grep.exe
2012-01-22 12:57:02 ----D---- C:\Windows\ERDNT
2012-01-22 12:56:56 ----D---- C:\Qoobox
2012-01-21 21:41:39 ----D---- C:\rsit
2012-01-21 21:14:01 ----D---- C:\Program Files (x86)\Trend Micro
2012-01-21 15:34:54 ----D---- C:\Users\Manuela\AppData\Roaming\Malwarebytes
2012-01-21 15:34:49 ----D---- C:\ProgramData\Malwarebytes
2012-01-21 15:34:47 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-21 15:07:34 ----D---- C:\Program Files (x86)\MSN Toolbar
2012-01-21 15:07:25 ----D---- C:\Program Files (x86)\Bing Bar Installer
2012-01-21 15:07:22 ----D---- C:\ProgramData\HP Photo Creations
2012-01-21 15:07:22 ----D---- C:\Program Files (x86)\HP Photo Creations
2012-01-21 15:07:10 ----D---- C:\Users\Manuela\AppData\Roaming\HpUpdate
2012-01-21 15:06:55 ----D---- C:\ProgramData\HP
2012-01-21 15:06:32 ----D---- C:\Program Files (x86)\HP
2012-01-14 14:10:36 ----D---- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-01-13 17:42:40 ----D---- C:\Users\Manuela\AppData\Roaming\Need for Speed World
2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2012-01-13 16:55:43 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2012-01-13 16:55:42 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2012-01-13 16:55:37 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2012-01-13 16:55:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2012-01-13 16:55:30 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2012-01-13 16:55:28 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2012-01-13 16:55:25 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2012-01-13 16:55:22 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2012-01-13 16:55:19 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2012-01-13 16:55:17 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2012-01-13 16:55:10 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2012-01-13 16:55:09 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2012-01-13 16:55:07 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2012-01-13 16:55:06 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2012-01-13 16:55:00 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2012-01-13 16:54:53 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2012-01-13 16:54:42 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2012-01-13 16:54:37 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2012-01-13 16:54:36 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2012-01-13 16:54:34 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2012-01-13 16:54:33 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2012-01-13 16:54:32 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2012-01-13 16:54:31 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2012-01-13 16:49:04 ----HD---- C:\Windows\msdownld.tmp
2012-01-13 16:49:04 ----D---- C:\Windows\SysWOW64\directx
2012-01-13 15:42:06 ----A---- C:\user.js
2012-01-13 15:42:00 ----D---- C:\Program Files (x86)\BrowserCompanion
2012-01-13 15:41:57 ----D---- C:\Users\Manuela\AppData\Roaming\Babylon
2012-01-13 15:41:57 ----D---- C:\ProgramData\Babylon
2012-01-13 15:39:00 ----D---- C:\ProgramData\Premium
2012-01-13 15:38:58 ----D---- C:\ProgramData\InstallMate
2012-01-12 21:25:51 ----D---- C:\ProgramData\tmp
2012-01-12 21:25:50 ----D---- C:\ProgramData\hps
2012-01-12 21:20:55 ----D---- C:\Program Files (x86)\Fotoservice
2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\quartz.dll
2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\qdvd.dll
2012-01-12 20:18:52 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-01-12 20:18:50 ----A---- C:\Windows\SysWOW64\ntdll.dll
2012-01-12 20:18:48 ----A---- C:\Windows\SysWOW64\packager.dll
2011-12-23 20:40:50 ----A---- C:\Windows\SysWOW64\wininet.dll
2011-12-23 20:40:50 ----A---- C:\Windows\SysWOW64\mshtml.dll
2011-12-23 20:40:48 ----A---- C:\Windows\SysWOW64\ieframe.dll
2011-12-23 20:40:46 ----A---- C:\Windows\SysWOW64\urlmon.dll
2011-12-23 20:40:42 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2011-12-23 20:40:41 ----A---- C:\Windows\SysWOW64\ieui.dll
2011-12-23 20:40:41 ----A---- C:\Windows\SysWOW64\iertutil.dll
2011-12-23 20:40:40 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2011-12-23 20:40:40 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2011-12-23 20:40:39 ----A---- C:\Windows\SysWOW64\url.dll
2011-12-23 20:39:17 ----A---- C:\Windows\SysWOW64\EncDec.dll
2011-12-23 20:39:12 ----A---- C:\Windows\SysWOW64\tzres.dll
======List of files/folders modified in the last 1 month======
2012-01-22 15:31:39 ----D---- C:\Windows\Temp
2012-01-22 15:30:47 ----A---- C:\Windows\SysWOW64\log.txt
2012-01-22 15:20:13 ----D---- C:\Windows
2012-01-22 15:20:13 ----A---- C:\Windows\system.ini
2012-01-22 14:35:50 ----D---- C:\Windows\SysWOW64\drivers
2012-01-22 14:35:50 ----D---- C:\Windows\SysWOW64
2012-01-22 14:35:50 ----D---- C:\Windows\System32
2012-01-22 14:35:50 ----D---- C:\Windows\AppPatch
2012-01-22 14:35:46 ----D---- C:\Program Files (x86)\Common Files
2012-01-22 13:07:45 ----D---- C:\ProgramData
2012-01-21 21:14:02 ----SHD---- C:\Windows\Installer
2012-01-21 21:14:01 ----SD---- C:\Users\Manuela\AppData\Roaming\Microsoft
2012-01-21 21:14:01 ----RD---- C:\Program Files (x86)
2012-01-21 20:54:31 ----SHD---- C:\System Volume Information
2012-01-21 15:29:55 ----D---- C:\Windows\Tasks
2012-01-21 15:06:49 ----D---- C:\Windows\inf
2012-01-21 15:06:32 ----D---- C:\Windows\twain_32
2012-01-21 15:06:07 ----RD---- C:\Program Files
2012-01-21 12:01:16 ----D---- C:\Windows\Microsoft.NET
2012-01-21 12:01:14 ----RSD---- C:\Windows\assembly
2012-01-21 10:36:44 ----D---- C:\Windows\winsxs
2012-01-21 02:47:11 ----D---- C:\ProgramData\DivX
2012-01-21 02:47:05 ----D---- C:\Program Files (x86)\DivX
2012-01-21 02:47:00 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2012-01-21 02:44:58 ----D---- C:\Users\Manuela\AppData\Roaming\DivX
2012-01-13 15:47:12 ----D---- C:\Program Files (x86)\Google
2012-01-13 15:46:44 ----SD---- C:\ProgramData\Microsoft
2012-01-13 15:46:44 ----D---- C:\Program Files (x86)\Microsoft
2012-01-12 22:02:18 ----D---- C:\Windows\ehome
2012-01-12 21:54:15 ----D---- C:\ProgramData\Microsoft Help
2011-12-29 21:47:19 ----D---- C:\Windows\SysWOW64\migration
2011-12-29 21:47:19 ----D---- C:\Program Files (x86)\Internet Explorer
2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\nl-NL
2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\fr-FR
2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\en-US
2011-12-24 01:26:59 ----D---- C:\Program Files (x86)\PokerStars
2011-12-24 00:54:07 ----D---- C:\Program Files (x86)\Common Files\Steam
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys []
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys []
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys []
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys []
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys []
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2011-07-08 16392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136]
R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
-----------------EOF-----------------
-
ComboFix 12-01-21.02 - Manuela 22-01-2012 12:59:17.1.2 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3956.2421 [GMT 1:00]
Gestart vanuit: c:\users\Manuela\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-12-22 to 2012-01-22 ))))))))))))))))))))))))))))))
.
.
2012-01-22 12:08 . 2012-01-22 12:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-21 20:41 . 2012-01-21 20:41 -------- d-----w- C:\rsit
2012-01-21 20:14 . 2012-01-21 20:41 -------- d-----w- c:\program files (x86)\Trend Micro
2012-01-21 20:14 . 2012-01-21 20:14 388096 ----a-r- c:\users\Manuela\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\users\Manuela\AppData\Roaming\Malwarebytes
2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\programdata\Malwarebytes
2012-01-21 14:34 . 2012-01-21 14:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-21 14:34 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\MSN Toolbar
2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\Bing Bar Installer
2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\programdata\HP Photo Creations
2012-01-21 14:07 . 2012-01-21 14:29 -------- d-----w- c:\program files (x86)\HP Photo Creations
2012-01-21 14:07 . 2012-01-21 14:07 -------- d-----w- c:\users\Manuela\AppData\Roaming\HpUpdate
2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\programdata\HP
2012-01-21 14:06 . 2012-01-21 14:07 -------- d-----w- c:\program files (x86)\HP
2012-01-21 14:06 . 2012-01-21 14:06 -------- d-----w- c:\program files\HP
2012-01-21 14:05 . 2012-01-21 14:05 -------- d-----w- c:\users\Manuela\AppData\Local\HP
2012-01-20 18:19 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4096987-0472-4514-A490-B47187953B58}\mpengine.dll
2012-01-14 13:13 . 2012-01-14 13:13 -------- d-----w- c:\users\Manuela\AppData\Local\ElevatedDiagnostics
2012-01-14 13:10 . 2012-01-14 13:10 -------- d-----w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-01-14 13:07 . 2012-01-14 13:07 -------- d-----w- c:\users\Manuela\AppData\Local\PackageAware
2012-01-13 16:42 . 2012-01-13 16:42 -------- d-----w- c:\users\Manuela\AppData\Roaming\Need for Speed World
2012-01-13 15:56 . 2012-01-13 15:56 -------- d-----w- c:\users\Manuela\AppData\Local\Electronic_Arts_Inc
2012-01-13 15:54 . 2007-03-15 15:57 506728 ----a-w- c:\windows\system32\d3dx10_33.dll
2012-01-13 15:49 . 2012-01-13 15:53 -------- d--h--w- c:\windows\msdownld.tmp
2012-01-13 14:42 . 2012-01-13 14:42 237 ----a-w- C:\user.js
2012-01-13 14:42 . 2012-01-13 14:48 -------- d-----w- c:\program files (x86)\BrowserCompanion
2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\users\Manuela\AppData\Local\Babylon
2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\users\Manuela\AppData\Roaming\Babylon
2012-01-13 14:41 . 2012-01-13 14:41 -------- d-----w- c:\programdata\Babylon
2012-01-13 14:39 . 2012-01-13 14:39 -------- d-----w- c:\programdata\Premium
2012-01-13 14:38 . 2012-01-13 14:39 -------- d-----w- c:\programdata\InstallMate
2012-01-12 20:25 . 2012-01-14 12:10 -------- d-----w- c:\programdata\tmp
2012-01-12 20:25 . 2012-01-12 20:25 -------- d-----w- c:\programdata\hps
2012-01-12 20:20 . 2012-01-20 22:20 -------- d-----w- c:\program files (x86)\Fotoservice
2012-01-12 19:18 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-12 19:18 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-12 19:18 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-12 19:18 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-12 19:18 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-12 19:18 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-12 19:18 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-12 19:18 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2011-12-23 19:41 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-23 19:39 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-12-23 19:39 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-23 19:39 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-23 19:39 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-23 19:39 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-03-30 20:09 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-03-30 20:09 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-03-30 19:51 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-07-09 11:48 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-03-30 20:09 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-03-30 20:09 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-03-30 20:09 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-03-30 20:09 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-03-30 20:09 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-15 13:29 . 2011-02-24 20:18 270720 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2011-07-08 102400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Browser companion helper"="c:\program files (x86)\BrowserCompanion\BCHelper.exe" [2011-12-16 187696]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - WS2IFSL
.
Inhoud van de 'Gedeelde Taken' map
.
2012-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job
- c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12]
.
2012-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job
- c:\users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 20:12]
.
2012-01-22 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2012-01-21 14:29]
.
2012-01-21 c:\windows\Tasks\hpwebreg_xxxxxxxxxx.job
- c:\program files\HP\HP Deskjet 2050 J510 series\Bin\hpwebreg.exe [2010-11-16 20:29]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-11 9643552]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-04-23 861216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&affID=101241&mntrId=a43664880000000000005cac4c691c22
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_7741&r=27360211j306l04e8z1k5t4711p893
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-NPSStartup - (no file)
Toolbar-Locked - (no file)
WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
AddRemove-{3E29EE6C-963A-4aae-86C1-DC237C4A49FC} - c:\program files (x86)\Intel\Intel® Rapid Storage Technology\Uninstall\setup.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
.
**************************************************************************
.
Voltooingstijd: 2012-01-22 13:23:09 - machine werd herstart
ComboFix-quarantined-files.txt 2012-01-22 12:23
.
Pre-Run: 435.029.532.672 bytes beschikbaar
Post-Run: 435.219.738.624 bytes beschikbaar
.
- - End Of File - - 21C5C13E0F883D8C4B9CA22096AA9153
-
dit is log
Logfile of random's system information tool 1.09 (written by random/random)Run by Manuela at 2012-01-21 21:41:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 414 GB (89%) free of 463 GB
Total RAM: 3956 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:41:44, on 21-1-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Users\Manuela\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Manuela.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12297 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1300219434-4275829345-324095623-1000UA.job
C:\Windows\tasks\HP Photo Creations Communicator.job
C:\Windows\tasks\hpwebreg_xxxxxxxxxx.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24 612616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24 612616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-02-01 337264]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2009-12-25 401192]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-05 283160]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-11-28 3744552]
"NPSStartup"= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"Browser companion helper"=C:\Program Files (x86)\BrowserCompanion\BCHelper.exe [2011-12-16 187696]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2011-04-10 3872080]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"AutoStartNPSAgent"=C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2011-07-08 102400]
"Google Update"=C:\Users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-08 136176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-01-21 21:41:39 ----D---- C:\rsit
2012-01-21 21:14:01 ----D---- C:\Program Files (x86)\Trend Micro
2012-01-21 15:34:54 ----D---- C:\Users\Manuela\AppData\Roaming\Malwarebytes
2012-01-21 15:34:49 ----D---- C:\ProgramData\Malwarebytes
2012-01-21 15:34:47 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-21 15:07:34 ----D---- C:\Program Files (x86)\MSN Toolbar
2012-01-21 15:07:25 ----D---- C:\Program Files (x86)\Bing Bar Installer
2012-01-21 15:07:22 ----D---- C:\ProgramData\HP Photo Creations
2012-01-21 15:07:22 ----D---- C:\Program Files (x86)\HP Photo Creations
2012-01-21 15:07:10 ----D---- C:\Users\Manuela\AppData\Roaming\HpUpdate
2012-01-21 15:06:55 ----D---- C:\ProgramData\HP
2012-01-21 15:06:32 ----D---- C:\Program Files (x86)\HP
2012-01-14 14:10:36 ----D---- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-01-13 17:42:40 ----D---- C:\Users\Manuela\AppData\Roaming\Need for Speed World
2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2012-01-13 16:55:44 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2012-01-13 16:55:43 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2012-01-13 16:55:42 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2012-01-13 16:55:41 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2012-01-13 16:55:40 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2012-01-13 16:55:39 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2012-01-13 16:55:38 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2012-01-13 16:55:37 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2012-01-13 16:55:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2012-01-13 16:55:31 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2012-01-13 16:55:30 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2012-01-13 16:55:28 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2012-01-13 16:55:26 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2012-01-13 16:55:25 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2012-01-13 16:55:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2012-01-13 16:55:22 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2012-01-13 16:55:21 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2012-01-13 16:55:20 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2012-01-13 16:55:19 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2012-01-13 16:55:18 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2012-01-13 16:55:17 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2012-01-13 16:55:16 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2012-01-13 16:55:15 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2012-01-13 16:55:14 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2012-01-13 16:55:13 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2012-01-13 16:55:12 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2012-01-13 16:55:11 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2012-01-13 16:55:10 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2012-01-13 16:55:09 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2012-01-13 16:55:08 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2012-01-13 16:55:07 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2012-01-13 16:55:06 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2012-01-13 16:55:04 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2012-01-13 16:55:03 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2012-01-13 16:55:02 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2012-01-13 16:55:01 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2012-01-13 16:55:00 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2012-01-13 16:54:59 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2012-01-13 16:54:58 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2012-01-13 16:54:56 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2012-01-13 16:54:55 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2012-01-13 16:54:54 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2012-01-13 16:54:53 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2012-01-13 16:54:52 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2012-01-13 16:54:42 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2012-01-13 16:54:38 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2012-01-13 16:54:37 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2012-01-13 16:54:36 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2012-01-13 16:54:34 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2012-01-13 16:54:33 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2012-01-13 16:54:32 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2012-01-13 16:54:31 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2012-01-13 16:49:04 ----HD---- C:\Windows\msdownld.tmp
2012-01-13 16:49:04 ----D---- C:\Windows\SysWOW64\directx
2012-01-13 15:42:06 ----A---- C:\user.js
2012-01-13 15:42:00 ----D---- C:\Program Files (x86)\BrowserCompanion
2012-01-13 15:41:57 ----D---- C:\Users\Manuela\AppData\Roaming\Babylon
2012-01-13 15:41:57 ----D---- C:\ProgramData\Babylon
2012-01-13 15:39:00 ----D---- C:\ProgramData\Premium
2012-01-13 15:38:58 ----D---- C:\ProgramData\InstallMate
2012-01-12 21:25:51 ----D---- C:\ProgramData\tmp
2012-01-12 21:25:50 ----D---- C:\ProgramData\hps
2012-01-12 21:20:55 ----D---- C:\Program Files (x86)\Fotoservice
2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\quartz.dll
2012-01-12 20:18:55 ----A---- C:\Windows\SysWOW64\qdvd.dll
2012-01-12 20:18:52 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-01-12 20:18:50 ----A---- C:\Windows\SysWOW64\ntdll.dll
2012-01-12 20:18:48 ----A---- C:\Windows\SysWOW64\packager.dll
2011-12-23 20:40:50 ----A---- C:\Windows\SysWOW64\wininet.dll
2011-12-23 20:40:50 ----A---- C:\Windows\SysWOW64\mshtml.dll
2011-12-23 20:40:48 ----A---- C:\Windows\SysWOW64\ieframe.dll
2011-12-23 20:40:46 ----A---- C:\Windows\SysWOW64\urlmon.dll
2011-12-23 20:40:42 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2011-12-23 20:40:41 ----A---- C:\Windows\SysWOW64\ieui.dll
2011-12-23 20:40:41 ----A---- C:\Windows\SysWOW64\iertutil.dll
2011-12-23 20:40:40 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2011-12-23 20:40:40 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2011-12-23 20:40:39 ----A---- C:\Windows\SysWOW64\url.dll
2011-12-23 20:39:17 ----A---- C:\Windows\SysWOW64\EncDec.dll
2011-12-23 20:39:12 ----A---- C:\Windows\SysWOW64\tzres.dll
======List of files/folders modified in the last 1 month======
2012-01-21 21:41:43 ----D---- C:\Windows\Temp
2012-01-21 21:14:02 ----SHD---- C:\Windows\Installer
2012-01-21 21:14:01 ----SD---- C:\Users\Manuela\AppData\Roaming\Microsoft
2012-01-21 21:14:01 ----RD---- C:\Program Files (x86)
2012-01-21 20:54:31 ----SHD---- C:\System Volume Information
2012-01-21 17:40:13 ----A---- C:\Windows\SysWOW64\log.txt
2012-01-21 15:34:49 ----HD---- C:\ProgramData
2012-01-21 15:29:55 ----D---- C:\Windows\Tasks
2012-01-21 15:06:49 ----D---- C:\Windows\inf
2012-01-21 15:06:32 ----D---- C:\Windows\twain_32
2012-01-21 15:06:07 ----RD---- C:\Program Files
2012-01-21 12:01:16 ----D---- C:\Windows\Microsoft.NET
2012-01-21 12:01:14 ----RSD---- C:\Windows\assembly
2012-01-21 10:36:44 ----D---- C:\Windows\winsxs
2012-01-21 02:47:11 ----D---- C:\ProgramData\DivX
2012-01-21 02:47:11 ----D---- C:\Program Files (x86)\Common Files
2012-01-21 02:47:05 ----D---- C:\Program Files (x86)\DivX
2012-01-21 02:47:00 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2012-01-21 02:46:53 ----D---- C:\Windows\SysWOW64
2012-01-21 02:44:58 ----D---- C:\Users\Manuela\AppData\Roaming\DivX
2012-01-13 16:55:44 ----D---- C:\Windows\System32
2012-01-13 16:49:04 ----D---- C:\Windows
2012-01-13 15:47:12 ----D---- C:\Program Files (x86)\Google
2012-01-13 15:46:44 ----SD---- C:\ProgramData\Microsoft
2012-01-13 15:46:44 ----D---- C:\Program Files (x86)\Microsoft
2012-01-13 15:31:29 ----D---- C:\Windows\SysWOW64\drivers
2012-01-12 22:02:18 ----D---- C:\Windows\ehome
2012-01-12 21:54:15 ----D---- C:\ProgramData\Microsoft Help
2011-12-29 21:47:19 ----D---- C:\Windows\SysWOW64\migration
2011-12-29 21:47:19 ----D---- C:\Program Files (x86)\Internet Explorer
2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\nl-NL
2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\fr-FR
2011-12-29 21:37:56 ----D---- C:\Windows\SysWOW64\en-US
2011-12-24 01:26:59 ----D---- C:\Program Files (x86)\PokerStars
2011-12-24 00:54:07 ----D---- C:\Program Files (x86)\Common Files\Steam
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys []
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys []
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys []
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys []
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys []
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2011-07-08 16392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136]
R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
-----------------EOF-----------------
dit is info
info.txt logfile of random's system information tool 1.09 2012-01-21 21:41:46
======Uninstall list======
Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->"C:\Program Files (x86)\InstallShield Installation Information\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}\setup.exe" -runfromtemp -l0x0413 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\setup.exe" -runfromtemp -l0x0409 -removeonly
-->C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
Acer Backup Manager-->C:\Program Files (x86)\InstallShield Installation Information\{72B776E5-4530-4C4B-9453-751DF87D9D93}\setup.exe -runfromtemp -l0x0409
Acer Crystal Eye webcam-->MsiExec.exe /I{51F026FA-5146-4232-A8BA-1364740BD053}
Acer ePower Management-->"C:\Program Files (x86)\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x413 -removeonly
Acer eRecovery Management-->"C:\Program Files (x86)\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x413 -removeonly
Acer GameZone Console-->"C:\Program Files (x86)\Acer GameZone\GameConsole\unins000.exe"
Acer Registration-->C:\Program Files (x86)\Acer\Registration\Uninstall.exe
Acer ScreenSaver-->C:\Program Files (x86)\Acer\Screensaver\Uninstall.exe
Acer Updater-->"C:\Program Files (x86)\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\setup.exe" -runfromtemp -l0x413 -removeonly
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10s_Plugin.exe -maintain plugin
Adobe Reader 9.1 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}\setup.exe -runfromtemp
Amazonia-->"C:\Program Files (x86)\Acer GameZone\Amazonia\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Amazonia\install.log"
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Backup Manager Basic-->C:\Program Files (x86)\InstallShield Installation Information\{72B776E5-4530-4C4B-9453-751DF87D9D93}\setup.exe -runfromtemp -l0x0409
Bing Bar Platform-->MsiExec.exe /I{623B8278-8CAD-45C1-B844-58B687C07805}
Bing Bar-->C:\Program Files (x86)\Bing Bar Installer\InstallManager.exe /UNINSTALL
Cake Mania-->"C:\Program Files (x86)\Acer GameZone\Cake Mania\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Cake Mania\install.log"
Catalyst Control Center - Branding-->MsiExec.exe /I{4BCBC4D0-1D88-462D-809E-506F34EA11C0}
Chicken Invaders 2-->"C:\Program Files (x86)\Acer GameZone\Chicken Invaders 2\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Chicken Invaders 2\install.log"
CyberLink PowerDVD 9-->"C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\Setup.exe" /z-uninstall
CyberLink PowerDVD 9-->"C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\Setup.exe" /z-uninstall
Dairy Dash-->"C:\Program Files (x86)\Acer GameZone\Dairy Dash\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Dairy Dash\install.log"
Dream Day First Home-->"C:\Program Files (x86)\Acer GameZone\Dream Day First Home\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Dream Day First Home\install.log"
eSobi v2-->C:\Program Files (x86)\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x0409
Farm Frenzy 2-->"C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\install.log"
Galapago-->"C:\Program Files (x86)\Acer GameZone\Galapago\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Galapago\install.log"
Granny In Paradise-->"C:\Program Files (x86)\Acer GameZone\Granny In Paradise\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Granny In Paradise\install.log"
Heroes of Hellas-->"C:\Program Files (x86)\Acer GameZone\Heroes of Hellas\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Heroes of Hellas\install.log"
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
HP Deskjet 2050 J510 series Haelp-->MsiExec.exe /I{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}
HP Photo Creations-->C:\Program Files (x86)\HP Photo Creations\uninst.exe
HP Update-->MsiExec.exe /X{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
Identity Card-->C:\Program Files (x86)\Acer\Identity Card\Uninstall.exe
Intel® Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall
Intel® Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\Uninstall\setup.exe -uninstall
Java 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216024FF}
Launch Manager-->C:\Windows\UNINSTLMv4.EXE LMv4.UNI
Malwarebytes Anti-Malware versie 1.60.0.1800-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Default Manager-->MsiExec.exe /X{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{928B06E4-DDAA-476A-926A-641620326327}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MyWinLocker Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}\setup.exe" -runfromtemp -l0x0413 -removeonly
MyWinLocker Suite-->MsiExec.exe /X{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}
MyWinLocker-->MsiExec.exe /X{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}
NTI Backup Now 5-->C:\Program Files (x86)\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x0409
NTI Media Maker 8-->C:\Program Files (x86)\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x0409
PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Samsung New PC Studio-->"C:\Program Files (x86)\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x0413 -removeonly
Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A}
SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25}
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2553089)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
Security Update for 2007 Microsoft Office System (KB2553090)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
Security Update for 2007 Microsoft Office System (KB2584063)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Groove 2007 (KB2552997)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A1CBF7D-4704-40BC-B31C-AA761884A3E4}
Security Update for Microsoft Office InfoPath 2007 (KB2510061)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5D930261-AA5B-48D1-931F-425C9D767490}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Shredder-->MsiExec.exe /I{C2695E83-CF1D-43D1-84FE-B3BEC561012A}
Spin & Win-->"C:\Program Files (x86)\Acer GameZone\Spin & Win\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Spin & Win\install.log"
Update for 2007 Microsoft Office System (KB2284654)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7873DF5-9E1C-45EE-8895-D29C6AE01202}
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {48202D27-A6D4-4264-A184-51A6E8AD7C40}
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C20964A7-5181-45E5-9E82-72F5D400DEBF}
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {567103D1-96CD-4B76-93B9-2681A187DEFF}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 (KB2583910)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BDC21583-5601-4B2B-88F3-7919F6DE8FB1}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Welcome Center-->C:\Program Files (x86)\Acer\Welcome Center\Uninstall.exe
Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live aanmeldhulp-->MsiExec.exe /I{1BD6AE96-4742-4498-9D03-9451C7E5A214}
Windows Live Call-->MsiExec.exe /I{C20C2630-B3A7-44BA-BDD0-31E256AE490E}
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen-->MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F}
Windows Live Messenger-->MsiExec.exe /X{CC38A00D-7EED-46CE-9281-D1D97B81F22A}
Windows Live Sync-->MsiExec.exe /X{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}
======System event log======
Computer Name: Manuela-PC
Event Code: 62464
Message: UVD Information
Record Number: 70928
Source Name: amdkmdag
Time Written: 20110506141850.066209-000
Event Type: Informatie
User:
Computer Name: Manuela-PC
Event Code: 62464
Message: UVD Information
Record Number: 70927
Source Name: amdkmdag
Time Written: 20110506141850.066209-000
Event Type: Informatie
User:
Computer Name: Manuela-PC
Event Code: 62464
Message: UVD Information
Record Number: 70926
Source Name: amdkmdag
Time Written: 20110506141850.066209-000
Event Type: Informatie
User:
Computer Name: Manuela-PC
Event Code: 62464
Message: UVD Information
Record Number: 70925
Source Name: amdkmdag
Time Written: 20110506141850.066209-000
Event Type: Informatie
User:
Computer Name: Manuela-PC
Event Code: 62464
Message: UVD Information
Record Number: 70924
Source Name: amdkmdag
Time Written: 20110506141850.066209-000
Event Type: Informatie
User:
=====Application event log=====
Computer Name: WIN-AFD5UUK3K8B
Event Code: 6000
Message: De kennisgevingssubscriber van winlogon <SessionEnv> was niet beschikbaar om een kennisgevingsgebeurtenis te verwerken.
Record Number: 288
Source Name: Microsoft-Windows-Winlogon
Time Written: 20100916105401.000000-000
Event Type: Informatie
User:
Computer Name: WIN-AFD5UUK3K8B
Event Code: 9009
Message: Beheer van bureaubladvensters is afgesloten met code 0x40010004
Record Number: 287
Source Name: Desktop Window Manager
Time Written: 20100916105401.000000-000
Event Type: Informatie
User:
Computer Name: WIN-AFD5UUK3K8B
Event Code: 1003
Message: De Windows Search-service is gestart.
Record Number: 286
Source Name: Microsoft-Windows-Search
Time Written: 20100916105247.000000-000
Event Type: Informatie
User:
Computer Name: WIN-AFD5UUK3K8B
Event Code: 1013
Message: De Windows Search-service is normaal gestopt.
Record Number: 285
Source Name: Microsoft-Windows-Search
Time Written: 20100916105246.000000-000
Event Type: Informatie
User:
Computer Name: WIN-AFD5UUK3K8B
Event Code: 103
Message: Windows (2616) Windows: De database-engine heeft een nieuwe sessie (0) stopgezet.
Record Number: 284
Source Name: ESENT
Time Written: 20100916105246.000000-000
Event Type: Informatie
User:
=====Security event log=====
Computer Name: WIN-AFD5UUK3K8B
Event Code: 4624
Message: Er is een account aangemeld.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: WIN-AFD5UUK3K8B$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldingstype: 5
Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Procesgegevens:
Proces-id: 0x25c
Naam proces: C:\Windows\System32\services.exe
Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -
Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0
Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.
De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.
In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).
Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.
In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.
De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 86
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100916105248.596585-000
Event Type: Controle geslaagd
User:
Computer Name: WIN-AFD5UUK3K8B
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 85
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100916105247.114582-000
Event Type: Controle geslaagd
User:
Computer Name: WIN-AFD5UUK3K8B
Event Code: 4624
Message: Er is een account aangemeld.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: WIN-AFD5UUK3K8B$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldingstype: 5
Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Procesgegevens:
Proces-id: 0x25c
Naam proces: C:\Windows\System32\services.exe
Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -
Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0
Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.
De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.
In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).
Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.
In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.
De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 84
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100916105247.114582-000
Event Type: Controle geslaagd
User:
Computer Name: WIN-AFD5UUK3K8B
Event Code: 4738
Message: Er is een gebruikersaccount gewijzigd.
Onderwerp:
Beveiligings-id: S-1-5-21-1300219434-4275829345-324095623-500
Accountnaam: Administrator
Accountdomein: WIN-AFD5UUK3K8B
Aanmeldings-id: 0x4b1f5
Doelaccount:
Beveiligings-id: S-1-5-21-1300219434-4275829345-324095623-500
Accountnaam: Administrator
Accountdomein: WIN-AFD5UUK3K8B
Gewijzigde kenmerken:
SAM-accountnaam: -
Weergavenaam: -
Principal-naam van gebruiker: -
Basismap: -
Basisstation: -
Pad naar script: -
Pad naar profiel: -
Gebruikerswerkstations: -
Wachtwoord voor het laatst ingesteld: -
Account verloopt op: -
Primaire groeps-id: -
Mag overdragen aan: -
Oude UAC-waarde: 0x211
Nieuwe UAC-waarde: 0x211
Gebruikersaccountbeheer: -
Gebruikersparameters: -
SID-geschiedenis: -
Aantal uren aangemeld: -
Aanvullende gegevens:
Bevoegdheden: -
Record Number: 83
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100916105245.788580-000
Event Type: Controle geslaagd
User:
Computer Name: WIN-AFD5UUK3K8B
Event Code: 1102
Message: Het controlelogboek is gewist.
Onderwerp:
Beveiligings-id: S-1-5-21-1300219434-4275829345-324095623-500
Accountnaam: Administrator
Domeinnaam: WIN-AFD5UUK3K8B
Aanmeldings-id: 0x4b1f5
Record Number: 82
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100916105243.510976-000
Event Type: Controle geslaagd
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\EgisTec MyWinLocker\x86;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505
"Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\;
-----------------EOF-----------------
-
echt vreemd is hulp op afstand een betere oplossing??
-
dat heeft wel wat geholpen ik krijg geen foutmelding meer
maar hij blijft de oude log openen
-
heb ik gedaan maar ik krijg nog steeds hetzelfde foutmelding
-
Dit staat er precies in de foutmelding:
Kan het bestand C:\Program Files (x86)\Trend Micro\HijackThis\hijackthus.log niet vinden.
Wilt u een nieuw bestand maken?
Ja Nee Annuleren
-
ik krijg deze foutmelding
als ik een nieuwe log wil opslaan
-
heej bedankt heb precies gedaan wat je vroeg
als het goed is heb ik allebei de logs als bijlage toegevoegd in deze reactie
-
of je ctrl knop en - knop tegelijk indrukken
-
Avast reageerde ook meteen top
-
Hallo dit is mij logje van hijack ik hoop dat iemand mij kan helpenxD
alvast bedankt
groetenLogfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:42:38, on 21-1-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe
C:\Users\Manuela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Manuela\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11453 bytes
Hijack logje Sqlite3.dll
in Archief Bestrijding malware & virussen
Geplaatst:
harstikke bedankt de probleem is verholpen
maar ik vind dat de pc nu een beetje traag opstart
kan dat aan de programma's liggen die ik heb gedownload??