Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Public comp : iPumper, ADWARE/amonetize.W.6, Malware.Packer.Krunchy &#


  • This topic is locked This topic is locked

#1
Admirgency

Admirgency

    Member

  • Member
  • PipPip
  • 97 posts
Excuse me for opening a new thread while previous isn't solved yet. Obviously this is a diferent computer, one of our Guest-computers. The event today is postponed due to rainy weather therefore i went to work here to check "last weeks" Windows Updates (well, last weeks updates.... not on the other public computer). I will take leave from the project i would normally work on Monday, and i will be working overtime as much as i can this week, to continue working on these 3 computers.

This-one was our safest computer (IF i did my work about right) until a few weeks ago. One of our (not that responsable) employees forgot his BIOS-password and needed to upload password-recovery-software to his Samsung. I thought i could trust him to install Samsung Kies in Owner-account. But he had downloaded more then that. He has searched sites all over the world for the game Roller Coaster Tycoon 2 + a crack key. At least iPumper & Yapkea came with one or more of these downloads.

The iPumper is not the toolbar i see in most questions about it, it is a complete downloadmanager-programme. Ipumper is not visible in Configuration-screen->Software nor in Revo Uninstaller. OTL can see it, as wel as Combofix ľ that is, a version detected last august 21st on Bleepingcomputer under guidance of Gringo_pr.

Today i ran Mbam and, when Avira detected the malware right after Mbam did, i initially decided that i would not remove/fix becouse of the double detections. Avira started scanning every time Mbam found something and Avira could not be stopped with Task Manager. Allas i've clicked a wrong button somewhere in the lagging coused by Mbam and the multiple Avirascans. Mbamlogfile shows it could quaranteine/remove the malware.

OTLExtras (Full scan) shows a lot of AV and Firewalls i did not install and neither did the other employee (intentially). Via ComputerAssociatesAntiVirus and TinyFirewall i tracked that specific list of AV and Firewalls back on Sophos Thread Center to be an effect of Troj/Agent-ABKQ.

Open Candy usually comes bundled with Winamp and can't be declined. Yapkea downloaded with Roller Coaster Tycoon. Malware.Packer.Krunchy is the same as, or is hiding in, Yapkea. Ipumper will have been downloaded with or just before the Bios-password-recoverer, Roller Coaster Tycoon and/or Samsung Kies. Don't know where Babylon, amonetize and & InstallBrain stem from.

The above are detected by Mbam as well as Avira, with the exception of iPumper. As far as i can see iPumper has not been detected for removal by Mbam nor Avira.

Note : Avira uses Ask-search. I did not notice another version of Ask.

Mbam-logfile :
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Databaseversie: v2013.10.13.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Eigenaar :: EIGENAAR-PC [administrator]

13-10-2013 15:00:05
mbam-log-2013-10-13 (15-00-05).txt

Scan type: Volledige scan (C:\|D:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM | P2P
Uitgeschakelde scan opties:
Objecten gescand: 302429
Verstreken tijd: 1 uur/uren, 55 minuut/minuten, 5 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.Amonetize.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 1
C:\Documents and Settings\Bezoekers\Application Data\Babylon (PUP.Optional.Babylon.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 8
C:\Documents and Settings\Bezoekers\Local Settings\Temp\setup.exe (PUP.Optional.Amonetize.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Bezoekers\Local Settings\Temp\setup__1546.exe (PUP.Optional.Amonetize.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Bezoekers\Local Settings\Temp\setup__1837.exe (PUP.Optional.Amonetize.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Eigenaar\Local Settings\Temporary Internet Files\Content.IE5\A5NU0TK4\stubinst_pkg_en-eu[1].cab (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\RECYCLER\S-1-5-21-1614895754-879983540-1606980848-1003\Dc17.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\RECYCLER\S-1-5-21-1614895754-879983540-1606980848-1006\Dc3.exe (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\RECYCLER\S-1-5-21-1614895754-879983540-1606980848-1006\Dc7\roller coaster tycoon 2\Razor1911\yapkea.exe (Malware.Packer.Krunchy) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Bezoekers\Application Data\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)



OTL.txt (quickscan) :
OTL logfile created on: 13-10-2013 17:55:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Eigenaar\Bureaublad
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

503,48 Mb Total Physical Memory | 316,77 Mb Available Physical Memory | 62,92% Memory free
1,20 Gb Paging File | 0,56 Gb Available in Paging File | 46,35% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38,28 Gb Total Space | 14,28 Gb Free Space | 37,31% Space Free | Partition Type: NTFS
Drive D: | 38,28 Gb Total Space | 38,18 Gb Free Space | 99,74% Space Free | Partition Type: NTFS

Computer Name: EIGENAAR-PC | User Name: Eigenaar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-10-13 17:36:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013OTL.exe
PRC - [2013-10-13 13:03:52 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013-09-19 18:50:02 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013-09-19 15:14:24 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013-09-19 15:14:07 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013-09-19 15:14:06 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013-09-19 15:14:02 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013-09-19 15:14:01 | 000,347,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013-08-22 06:39:36 | 000,084,576 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2013-08-14 15:19:56 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2013-08-14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013-07-18 05:36:04 | 000,578,560 | ---- | M] (Samsung Electronics) -- C:\Program Files\Samsung\Kies\kiesairmessage.exe
PRC - [2013-04-30 12:03:00 | 001,648,264 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2013-04-23 13:48:16 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013-04-23 13:48:12 | 001,561,968 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2012-02-15 17:06:07 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013-10-13 13:07:13 | 000,115,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\a632a6ee2d0c2fa63dee385bb7a25f64\DeviceStoryAlbum.ni.dll
MOD - [2013-10-13 13:07:11 | 000,610,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePodcast\4526c5f66f4d58cba3b8f6e8b3483c68\DevicePodcast.ni.dll
MOD - [2013-10-13 13:07:08 | 000,295,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceVideo\c7a355ff12bdc431ceb4c39e608a25dd\DeviceVideo.ni.dll
MOD - [2013-10-13 13:07:05 | 000,351,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePhoto\d4322605567d0ef641d74421a2dc03cb\DevicePhoto.ni.dll
MOD - [2013-10-13 13:07:03 | 000,304,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceMusic\ec2aeec61b291557a7f4323fc14cf1cf\DeviceMusic.ni.dll
MOD - [2013-10-13 13:07:01 | 000,469,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\VideoManager\fef9e0bdc4b01d2470315c86e4d40a3b\VideoManager.ni.dll
MOD - [2013-10-13 13:06:57 | 000,777,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PhotoManager\312a0f8f8fe6c44fbb6f7d3c2a6557f7\PhotoManager.ni.dll
MOD - [2013-10-13 13:06:53 | 001,983,488 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Phonebook\4a5fb68238e344209d8a0217bd40ba3c\Phonebook.ni.dll
MOD - [2013-10-13 13:06:44 | 000,203,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\e1a87c286c4d99a53c257e35741a688c\StoryAlbumManager.ni.dll
MOD - [2013-10-13 13:06:42 | 000,940,544 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MusicManager\51c1f02c4240f88e79c131b92c3df2be\MusicManager.ni.dll
MOD - [2013-10-13 13:06:37 | 000,404,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BATPlugin\d4bb8b896d76bf17f292c605335c443e\BATPlugin.ni.dll
MOD - [2013-10-13 13:06:25 | 000,534,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\e81c5fdd0458721e7e60dbe6466f2e55\Kies.Common.MediaDB.ni.dll
MOD - [2013-10-13 13:06:22 | 000,063,488 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\f689e9242f93f3135698ce84fb9c1b4d\Kies.Common.AllShare.ni.dll
MOD - [2013-10-13 13:06:21 | 000,066,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\943fa57ac751efce3d5155dc0447e2d7\Kies.Common.DBManager.ni.dll
MOD - [2013-10-13 13:06:19 | 001,141,248 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Podcaster\5e0135eaded46791a24d1631def268e4\Podcaster.ni.dll
MOD - [2013-10-13 13:06:14 | 000,283,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\23d7e3863f30312c864562eac90c2a8b\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2013-10-13 13:06:12 | 000,580,096 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\2393f816a9726a97672c9132b70d5090\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2013-10-13 13:06:09 | 001,205,248 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bb3d1a08c445d38d97a9074c0a97fd4d\Kies.Common.DeviceService.ni.dll
MOD - [2013-10-13 13:06:03 | 000,995,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\3e604491264f523924f0089a87190472\DeviceCommonLib.ni.dll
MOD - [2013-10-13 13:05:58 | 000,743,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\deb26ac455c68a38a6887e65d6fa7ec9\Kies.Plugin.ContentsManagerLib.ni.dll
MOD - [2013-10-13 13:05:54 | 000,201,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\339553a6d31ea06708f46a95509459cf\Kies.Common.MainUI.ni.dll
MOD - [2013-10-13 13:05:30 | 000,927,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\90769b2989785042f42c58da8125653a\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2013-10-13 13:05:19 | 002,202,112 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\69bc55613395a04121b0f8de5624b585\Kies.Common.Multimedia.ni.dll
MOD - [2013-10-13 13:05:11 | 000,638,976 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\b0071a5f8af6c00d98e0b1cd6963e057\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2013-10-13 13:04:52 | 007,027,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceHost\5bbb0dcbc6f994227394a2ddb0ff6c79\DeviceHost.ni.dll
MOD - [2013-10-13 13:04:21 | 000,282,624 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\051bbc053f10717a6772c1f1a953cf02\Kies.Common.Util.ni.dll
MOD - [2013-10-13 13:04:14 | 001,892,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.UI\2e5b40e22d54b43afc114be55e432841\Kies.UI.ni.dll
MOD - [2013-10-13 13:04:02 | 000,154,112 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\cfab2e070c415fa349141897f075fb7d\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2013-10-13 13:03:58 | 001,273,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Interface\dfe85b87684e535992467c9a26d1bf91\Kies.Interface.ni.dll
MOD - [2013-10-13 13:02:24 | 002,171,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies\fb7da9c93b51b737375aeb2bffdd59fe\Kies.ni.exe
MOD - [2013-10-11 12:25:13 | 018,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll
MOD - [2013-10-11 12:23:54 | 011,451,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll
MOD - [2013-10-11 12:22:53 | 003,858,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll
MOD - [2013-10-11 12:21:54 | 001,014,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
MOD - [2013-10-11 12:21:36 | 007,070,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll
MOD - [2013-09-25 09:38:04 | 017,554,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Theme\e4751f9b36b2c6508c16b10ce5320e22\Kies.Theme.ni.dll
MOD - [2013-09-25 09:38:01 | 000,307,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\2b32fa32c886281edf5660ded3a3ca3c\DummyStorePlugin.ni.dll
MOD - [2013-09-24 14:47:52 | 000,029,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9874d45458a36056c54a0bf82326a62\Kies.Common.StoreManager.ni.dll
MOD - [2013-09-24 14:47:43 | 000,232,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\6c2268d21092027249488bb1b5b0b75f\ASF_cSharpAPI.ni.dll
MOD - [2013-09-24 14:47:30 | 000,109,568 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\d7401875953f4a9073354d6f675bf9bc\Kies.Common.CRMManager.ni.dll
MOD - [2013-09-24 14:47:16 | 000,043,008 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.FUSCryptLib\f7bd2f216e228003483586f88738ea13\Interop.FUSCryptLib.ni.dll
MOD - [2013-09-24 14:46:59 | 000,189,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\fa231f175f9469261bba3f7a83f791c0\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2013-09-24 14:46:54 | 000,175,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\454db849dfc8d375153b9a20d37199f9\Interop.DevFileServiceLib.ni.dll
MOD - [2013-09-24 14:44:38 | 000,045,568 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a6e94a63e686f47fb77e19d97d5f2045\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2013-09-24 14:44:29 | 000,080,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ZipStore\3a2ea444aa16a449759bd64ef15ee047\ZipStore.ni.dll
MOD - [2013-09-24 14:44:28 | 000,032,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\1bacad5614827f888c2c488e0fdb2625\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2013-09-24 14:44:27 | 000,052,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\b4494a60ab409d1faffed1dc6e083f61\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2013-09-24 14:44:26 | 000,171,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\222d144071a97633b9750cccffaecb8a\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2013-09-24 14:44:26 | 000,030,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\698237a4d8cdffc93832a0b95dfc002e\Interop.PRPLAYERCORELib.ni.dll
MOD - [2013-09-24 14:44:07 | 000,018,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DeviceServi#\c03cbfdf1c9ffdc70c54318f2b05c239\Interop.DeviceServiceModelDBLib.ni.dll
MOD - [2013-09-24 14:44:04 | 000,187,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1921c5cb9941147f2954c22668bd2c81\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2013-09-24 14:42:22 | 000,395,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CabLib\6a94081144d30902c2b577b86b60a372\CabLib.ni.dll
MOD - [2013-09-24 14:42:18 | 000,052,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\3086d141c6ce19b137f2b32ffc4dc2fa\Interop.DeviceSearchLib.ni.dll
MOD - [2013-09-24 14:42:17 | 001,644,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Locale\55d9ef4648cf7bf52dbb5c1133c6905e\Kies.Locale.ni.dll
MOD - [2013-09-24 14:42:15 | 000,079,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\8a7f8d009ea559fc9f3e864e013205c8\Kies.MVVM.ni.dll
MOD - [2013-09-24 14:38:50 | 000,770,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ab934d739a0906bec56492882d935e57\System.Runtime.Remoting.ni.dll
MOD - [2013-09-19 18:37:01 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll
MOD - [2013-09-19 18:12:18 | 001,801,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013-09-19 15:50:10 | 005,628,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013-09-19 15:49:19 | 009,099,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013-08-14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2013-07-10 00:48:18 | 014,416,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013-04-21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013-04-21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013-03-24 13:17:17 | 000,397,704 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013-10-10 15:57:11 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-10-10 10:34:45 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-09-19 15:14:24 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013-09-19 15:14:07 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013-09-19 15:14:02 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013-09-05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-08-14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2008-10-02 11:22:20 | 000,071,832 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe -- (SandraAgentSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013-09-19 15:14:33 | 000,136,672 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013-09-19 15:14:33 | 000,088,840 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013-06-24 09:53:59 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013-06-21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2013-06-21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013-06-21 02:07:52 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013-03-24 13:17:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011-06-02 10:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009-08-07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2002-07-07 13:53:32 | 000,296,179 | ---- | M] (SigmaTel Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97na.sys -- (STAC97NA)
DRV - [2002-07-07 13:52:46 | 000,231,983 | ---- | M] (SigmaTel Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97nh.sys -- (STAC97NH)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {FF541736-0706-4575-9C2C-7DBFC6F3B24A}
IE - HKU\.DEFAULT\..\SearchScopes\{FF541736-0706-4575-9C2C-7DBFC6F3B24A}: "URL" = http://websearch.ask...1E-B2E6F28D5F18
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {FF541736-0706-4575-9C2C-7DBFC6F3B24A}
IE - HKU\S-1-5-18\..\SearchScopes\{FF541736-0706-4575-9C2C-7DBFC6F3B24A}: "URL" = http://websearch.ask...1E-B2E6F28D5F18
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1614895754-879983540-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.avira....EU&locale=nl_NL
IE - HKU\S-1-5-21-1614895754-879983540-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1614895754-879983540-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKU\S-1-5-21-1614895754-879983540-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 88 1D 78 FF 7D 95 CD 01 [binary data]
IE - HKU\S-1-5-21-1614895754-879983540-1606980848-1003\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1614895754-879983540-1606980848-1003\..\SearchScopes,DefaultScope = {B16C97B2-33E0-42CA-96F9-E7A70567AA27}
IE - HKU\S-1-5-21-1614895754-879983540-1606980848-1003\..\SearchScopes\{B16C97B2-33E0-42CA-96F9-E7A70567AA27}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-1614895754-879983540-1606980848-1003\..\SearchScopes\CEB4644C31D947E0B8F1DB4980F8D9D4: "URL" = http://websearch.ask...1E-B2E6F28D5F18
IE - HKU\S-1-5-21-1614895754-879983540-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1614895754-879983540-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://search.avira....U&locale=nl_NL"
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1
FF - prefs.js..extensions.enabledAddons: %7BDF153AFF-6948-45d7-AC98-4FC4AF8A08E2%7D:1.3.3
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130924
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-09-19 18:53:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-09-19 18:50:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2013-03-24 17:48:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Extensions
[2013-10-13 14:40:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions
[2013-10-13 14:40:47 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013-09-19 17:01:48 | 000,128,676 | ---- | M] () (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\[email protected]
[2013-09-19 17:01:48 | 001,314,979 | ---- | M] () (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\[email protected]
[2013-10-13 13:51:12 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-03-24 17:56:32 | 000,138,614 | ---- | M] () (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013-09-19 16:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-09-19 17:00:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013-09-19 18:53:37 | 000,000,000 | ---D | M] (RealDownloader) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2013-09-19 18:50:25 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

========== Chrome ==========

CHR - homepage: http://search.avira....EU&locale=nl_NL
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: JavaÖ Platform SE 7 U17 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Google Documenten = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Documenten = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: WOT = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.12_0\
CHR - Extension: YouTube = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Zoeken = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Zoeken = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealDownloader = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Adblock Pro = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\2.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2004-08-04 14:00:00 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1614895754-879983540-1606980848-1003\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKU\S-1-5-21-1614895754-879983540-1606980848-1003\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1614895754-879983540-1606980848-1003..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-1614895754-879983540-1606980848-1003..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-879983540-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1364126438671 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.13.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.23.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBBB6759-C7E8-4871-BD0D-F6CF94A8EA25}: DhcpNameServer = 192.168.23.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Ierland.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Ierland.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-09-18 10:23:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013-10-13 17:36:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013OTL.exe
[2013-10-13 14:52:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Menu Start\Programma's\Revo Uninstaller
[2013-10-13 14:52:03 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013-10-13 14:51:29 | 002,623,656 | ---- | C] (VS Revo Group Ltd.) -- C:\Documents and Settings\Eigenaar\Bureaublad\revosetup.exe
[2013-10-13 12:34:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013-10-06 14:53:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Foxit Reader
[2013-10-06 13:18:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\iTunes
[2013-10-06 13:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013-10-06 13:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013-10-06 13:15:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013-09-24 14:35:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documenten\NativeFus_Log
[2013-09-24 14:35:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documenten\CrashDump
[2013-09-24 14:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Samsung
[2013-09-24 14:34:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Application Data\Samsung
[2013-09-24 14:33:13 | 000,000,000 | ---D | C] -- D:\Gebruikers\Eigenaar\Mijn Documenten\samsung
[2013-09-24 14:31:27 | 000,181,912 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\System32\drivers\ssudserd.sys
[2013-09-24 14:31:24 | 000,181,912 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\System32\drivers\ssudmdm.sys
[2013-09-24 14:31:21 | 000,084,248 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\System32\drivers\ssudbus.sys
[2013-09-24 14:25:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Samsung
[2013-09-24 14:25:40 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll
[2013-09-24 14:24:57 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll
[2013-09-24 14:24:57 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys
[2013-09-24 14:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2013-09-24 14:23:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2013-09-24 14:22:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Downloaded Installations
[2013-09-19 18:55:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Application Data\RealNetworks
[2013-09-19 18:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013-09-19 18:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks
[2013-09-19 18:51:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2013-09-19 16:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-10-13 18:02:01 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013-10-13 17:36:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013OTL.exe
[2013-10-13 17:33:17 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-10-13 17:23:34 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1614895754-879983540-1606980848-1003.job
[2013-10-13 17:23:31 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1614895754-879983540-1606980848-1003.job
[2013-10-13 17:23:20 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-10-13 17:23:08 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-10-13 17:21:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-10-13 17:09:01 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-10-13 14:52:04 | 000,000,924 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Bureaublad\Revo Uninstaller.lnk
[2013-10-13 14:51:25 | 002,623,656 | ---- | M] (VS Revo Group Ltd.) -- C:\Documents and Settings\Eigenaar\Bureaublad\revosetup.exe
[2013-10-13 14:27:18 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013-10-13 14:20:39 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D00FDB6F-8963-405A-804E-BB510CC46110}.job
[2013-10-13 13:53:46 | 000,001,675 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Mozilla Thunderbird.lnk
[2013-10-13 12:30:39 | 000,124,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-10-11 13:11:52 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013-10-11 13:01:17 | 000,552,774 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat
[2013-10-11 13:01:17 | 000,481,188 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-10-11 13:01:17 | 000,100,822 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat
[2013-10-11 13:01:17 | 000,079,644 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-10-06 14:53:53 | 000,001,710 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Foxit Reader.lnk
[2013-10-06 13:49:19 | 000,001,029 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\SiSoftware Sandra Lite 2013.SP6.lnk
[2013-09-24 14:34:16 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2013-09-24 14:32:33 | 000,001,650 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Samsung Kies (Lite).lnk
[2013-09-24 14:32:33 | 000,001,640 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Samsung Kies.lnk
[2013-09-24 14:25:45 | 000,001,668 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk
[2013-09-24 14:25:45 | 000,001,658 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2013-09-19 18:50:09 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013-09-19 18:00:54 | 000,001,838 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013-09-19 15:14:33 | 000,136,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013-09-19 15:14:33 | 000,088,840 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-10-13 14:52:04 | 000,000,924 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Bureaublad\Revo Uninstaller.lnk
[2013-10-13 13:53:46 | 000,001,675 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Mozilla Thunderbird.lnk
[2013-10-06 14:53:53 | 000,001,710 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Foxit Reader.lnk
[2013-10-06 14:53:51 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\gcapi_dll.dll
[2013-10-06 13:49:19 | 000,001,029 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\SiSoftware Sandra Lite 2013.SP6.lnk
[2013-09-24 14:48:32 | 000,131,222 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013-09-24 14:32:33 | 000,001,650 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Samsung Kies (Lite).lnk
[2013-09-24 14:32:33 | 000,001,640 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Samsung Kies.lnk
[2013-09-24 14:25:45 | 000,001,668 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk
[2013-09-24 14:25:45 | 000,001,658 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2013-06-25 11:33:41 | 000,124,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-06-24 13:55:54 | 013,709,312 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Application Data\Sandra.mdb
[2013-04-18 19:07:00 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2013-04-18 19:06:46 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2013-04-18 19:06:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2013-04-18 19:06:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2013-04-18 19:06:46 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2013-03-24 16:06:58 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Local Settings\Application Data\fusioncache.dat
[2012-09-18 12:13:39 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-09-18 11:12:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-09-18 10:31:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-09-18 10:19:50 | 000,021,748 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-02-15 17:16:19 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

========== ZeroAccess Check ==========

[2013-03-24 15:09:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012-02-15 17:06:50 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2012-02-15 17:06:07 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 23:32:46 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013-10-06 13:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013-09-24 14:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2013-06-09 21:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VS Revo Group
[2013-06-28 10:20:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bezoekers\Application Data\AskToolbar
[2013-10-11 13:56:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bezoekers\Application Data\CallingID
[2013-09-25 13:15:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bezoekers\Application Data\iPumper
[2013-08-25 00:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bezoekers\Application Data\Thunderbird
[2013-03-24 15:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\AskToolbar
[2013-10-13 13:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\CallingID
[2013-06-25 09:42:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Foxit Software
[2012-09-18 12:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\OpenOffice.org
[2013-09-24 14:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Samsung
[2013-07-09 09:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Thunderbird
[2013-06-25 11:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gast\Application Data\AskToolbar
[2013-06-26 13:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gast\Application Data\CallingID
[2013-06-25 09:42:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Foxit Software

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013-10-11 09:57:55 | 100,446,413 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᙈ⬨召6
[2013-10-11 09:57:55 | 100,446,413 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᙈ⬨召6
[2013-10-10 09:43:44 | 100,221,909 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\丷ꞛ召6
[2013-10-10 09:43:44 | 100,221,909 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\丷ꞛ召6
[2013-10-09 09:57:56 | 100,120,694 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䘠凹召6
[2013-10-09 09:57:56 | 100,120,694 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䘠凹召6
[2013-10-08 15:14:16 | 099,859,239 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\顶隱召6
[2013-10-08 15:14:16 | 099,859,239 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\顶隱召6
[2013-10-06 12:51:53 | 099,399,748 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\뎔淅召6
[2013-10-06 12:51:53 | 099,399,748 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\뎔淅召6
[2013-09-26 07:38:25 | 097,892,804 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\偕召6
[2013-09-26 07:38:25 | 097,892,804 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\偕召6
[2013-09-25 09:36:53 | 097,673,008 | ---- | M] ()(C:\WINDOWS\System32\O??6) -- C:\WINDOWS\System32\O↫召6
[2013-09-25 09:36:53 | 097,673,008 | ---- | C] ()(C:\WINDOWS\System32\O??6) -- C:\WINDOWS\System32\O↫召6
[2013-09-24 10:16:35 | 098,852,061 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ꅓ먔召6
[2013-09-24 10:16:35 | 098,852,061 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ꅓ먔召6
[2013-09-23 10:47:51 | 098,615,842 | ---- | M] ()(C:\WINDOWS\System32\?s?6) -- C:\WINDOWS\System32\s召6
[2013-09-23 10:47:51 | 098,615,842 | ---- | C] ()(C:\WINDOWS\System32\?s?6) -- C:\WINDOWS\System32\s召6

< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Guess you are stuck with me again. We used to recommend Avira a lot until they went over to the dark side and started foisting the Ask toolbar. Following step makes it a little easier to fix things:

1. Open Avira AntiVir Personal. (There is likely an icon on your desktop, or in your system tray by the clock.)
2. Click the "Configuration" link on the main screen. This opens the configuration panel.
3. Check the "Expert mode" option.
4. Click on General > Security.
5. *Uncheck* the option titled "Protect files and registry entries from manipulation".
6. Click the "OK" button.
7. Reboot your computer.


Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus. Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Download aswMBR.exe to your desktop.
Run aswMBR.exe (Vista or Win 7 => right click and Run As Administrator)

uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply


Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

(If you do not already have OTL then: Download OTL from
http://www.geekstogo...timers-list-it/
and Save it to your desktop.)

Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
rsvpsp.dll
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
user32.dll
/md5stop
dir C:\ /S /A:L /C
C:\Windows\assembly\tmp\U\*.* /s
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%ProgramFiles%\WINDOWS NT\*.* /s
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


Ron
  • 0

#3
Admirgency

Admirgency

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Mistake i made in the post about the other public comp, to get online i reset the router not the modem. I quote myself :

Our 2 public computers have been used continuously all morning and early afternoon in Guest-account + there-after closed like they should be closed. Nevertheless – and despite systemtray-icon said the comps did have a good connection - i did not have propper Internet-connection in Owner-account. Tried FireFox, Chrome, IE and MSSE-update on this-one. On the other public comp (#1) Avira could update (or so it seemed) while FF, Chrome, IE and Foxit PDFreader did not get a connection.
On this comp IE troubleshooting advised to reset modem and/or router, resetting Modem was enough to get a connection for the computer


[edit] Before i wrote and posted this report, i visited Guest-account offline and opened iPumper, it was still working. When i used ctrl-Alt-Del taskmanager opened 22 times. I noticed in Start -> all programs that there was an uninstaller for iPumper and i used it. It uninstalled without special permission, after all, it was Guest-acc.

Next scans will be made friday and/or in the weekend. Tomorrow we are visited by the State Secratary for (schooling,) Social Policy, (Healing). It'll be a memorable day. [endEdit]


No OTL Extra.for this computer.

When scans completed i went offline deliberately with both computers. Writing report for 2nd computer, Avira detected 2 instances of TR/trash.Gen, they are quaranteined. In Avira Events i see that this morning and early afternoon TR/trash.Gen has manifested and was blocked.

from Avira -> events :
Begin scan in 'C:\System Volume Information\_restore{26132161-1802-46AC-AE0C-3F73BD906AA8}\RP53\A0016401.exe'
C:\System Volume Information\_restore{26132161-1802-46AC-AE0C-3F73BD906AA8}\RP53\
C:\System Volume Information\_restore{26132161-1802-46AC-AE0C-3F73BD906AA8}\RP53\A0016401.exe
[DETECTIE] Is het trojaanse paard TR/Trash.Gen

Er wordt begonnen met desinfecteren:
C:\System Volume Information\_restore{26132161-1802-46AC-AE0C-3F73BD906AA8}\RP53\A0016401.exe
[DETECTIE] Is het trojaanse paard TR/Trash.Gen
[OPMERKING] Het bestand verplaatst naar de quarantainemap onder de naam '51406351.qua'.



# AdwCleaner v3.007 - Report created 16/10/2013 at 16:06:37
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Eigenaar - EIGENAAR-PC
# Running from : C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-2-AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\Eigenaar\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\Eigenaar\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\Bezoekers\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\Bezoekers\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\Gast\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\Gast\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\jetpack
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

***** [ Shortcuts ] *****

***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v24.0 (nl)

[ File : C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU&locale=nl_NL");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");

[ File : C:\Documents and Settings\Bezoekers\Application Data\Mozilla\Firefox\Profiles\wwss62e6.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU&locale=nl_NL");

[ File : C:\Documents and Settings\Gast\Application Data\Mozilla\Firefox\Profiles\vcka7sxy.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU&locale=nl_NL");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v30.0.1599.69

[ File : C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

[ File : C:\Documents and Settings\Bezoekers\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************
AdwCleaner[R0].txt - [9669 octets] - [16/10/2013 15:57:52]
AdwCleaner[S0].txt - [9723 octets] - [16/10/2013 16:06:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9783 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Microsoft Windows XP x86
Ran by Eigenaar on wo 16-10-2013 at 16:19:49,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted: [Folder] C:\Documents and Settings\Eigenaar\Application Data\mozilla\firefox\profiles\rjfq1y1i.default\extensions\staged


~~~ Chrome

Successfully deleted: [Folder] C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on wo 16-10-2013 at 16:31:31,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-10-16 16:39:25
-----------------------------
16:39:25.875 OS Version: Windows 5.1.2600 Service Pack 3
16:39:25.875 Number of processors: 1 586 0x209
16:39:25.875 ComputerName: EIGENAAR-PC UserName: Eigenaar
16:39:26.859 Initialize success
17:05:01.875 AVAST engine defs: 13101600
17:07:39.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
17:07:39.468 Disk 0 Vendor: Maxtor_6E040L0 NAR61EA0 Size: 39204MB BusType: 3
17:07:39.468 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
17:07:39.484 Disk 1 Vendor: Maxtor_6E040L0 NAR61590 Size: 39204MB BusType: 3
17:07:39.625 Disk 0 MBR read successfully
17:07:39.625 Disk 0 MBR scan
17:07:39.890 Disk 0 Windows XP default MBR code
17:07:39.921 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 39197 MB offset 63
17:07:40.171 Disk 0 scanning sectors +80276805
17:07:40.390 Disk 0 scanning C:\WINDOWS\system32\drivers
17:08:08.171 Service scanning
17:08:39.906 Modules scanning
17:08:55.703 AVAST engine scan C:\WINDOWS
17:09:19.562 AVAST engine scan C:\WINDOWS\system32
17:18:48.968 AVAST engine scan C:\WINDOWS\system32\drivers
17:19:14.187 AVAST engine scan C:\Documents and Settings\Eigenaar
17:24:05.578 AVAST engine scan C:\Documents and Settings\All Users
17:25:50.515 Scan finished successfully
17:28:12.125 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\All Users\Documenten\aReebok Maintenance\Logs\MBR.dat"
17:28:12.140 The log file has been saved successfully to "C:\Documents and Settings\All Users\Documenten\aReebok Maintenance\Logs\16okt2013-4-aswMBR.txt"


Summary
Operating System
Windows XP Home Edition 32-bit SP3
CPU
Intel Celeron
Northwood 0.13um Technology
RAM
512MB DDR @ 132MHz (2.5-3-3-6)
Motherboard
NEC N4-IBFGL (SOCKET 478 M/B) 27 °C
Graphics
Standaardbeeldscherm ([email protected])
Intel 82845G/GL/GE/PE/GV Graphics Controller (Packard Bell B.V.)
Hard Drives
38,3GB Maxtor 6E040L0 (ATA) 40 °C
38,3GB Maxtor 6E040L0 (ATA) 40 °C
Optical Drives
HL-DT-ST CD-ROM GCR-8482B
Audio
SigmaTel C-Major Audio
Operating System
Windows XP Home Edition 32-bit SP3
Computer type: Desktop
Installation Date: 18-9-2012 10:30:57
Serial Number:
Windows Security Center
Firewall Enabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every Day
Schedule Time 12:00
Antivirus
Antivirus Enabled
Company Name Avira
Display Name Avira Desktop
Product Version 13.6.20.2100
Virus Signature Database Up to date
.NET Frameworks installed
v4.0 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
v1.1 SP1
Internet Explorer
Version 8.0.6001.18702
PowerShell
Version 2.0
Environment Variables
USERPROFILE C:\Documents and Settings\Eigenaar
SystemRoot C:\WINDOWS
User Variables
TEMP C:\Documents and Settings\Eigenaar\Local Settings\Temp
TMP C:\Documents and Settings\Eigenaar\Local Settings\Temp
MOZ_PLUGIN_PATH C:\Program Files\Foxit Software\Foxit Reader\plugins\
Machine Variables
ComSpec C:\WINDOWS\system32\cmd.exe
Path C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\System32\Wbem
C:\WINDOWS\system32\WindowsPowerShell\v1.0
C:\Program Files\QuickTime\QTSystem\
windir C:\WINDOWS
FP_NO_HOST_CHECK NO
OS Windows_NT
PROCESSOR_ARCHITECTURE x86
PROCESSOR_LEVEL 15
PROCESSOR_IDENTIFIER x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_REVISION 0209
NUMBER_OF_PROCESSORS 1
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
TEMP C:\WINDOWS\TEMP
TMP C:\WINDOWS\TEMP
PSModulePath C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
SAN_DIR C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4
GPU_MAX_ALLOC_PERCENT 100
asl.log Destination=file
CLASSPATH .;C:\Program Files\QuickTime\QTSystem\QTJava.zip
QTJAVA C:\Program Files\QuickTime\QTSystem\QTJava.zip
Power Profile
Active power scheme Thuis/kantoor
Hibernation Disabled
Turn Off Monitor after: (On AC Power) Never
Turn Off Hard Disk after: (On AC Power) Never
Suspend after: (On AC Power) Never
Screen saver Enabled
Uptime
Current Session
Current Time 16-10-2013 17:33:36
Current Uptime 5.027 sec (0 d, 01 h, 23 m, 47 s)
Last Boot Time 16-10-2013 16:09:49
TimeZone
TimeZone GMT +1:00 Hours
Language Nederlands (Nederland)
Location Nederland
Format Nederlands (Nederland)
Currency €
Date Format d-M-yyyy
Time Format H:mm:ss
Process List
alg.exe
Process ID 2172
Path C:\WINDOWS\System32\alg.exe
Memory Usage 96 KB
Peak Memory Usage 3,20 MB
AppleMobileDeviceService.exe
Process ID 1664
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 640 KB
Peak Memory Usage 13 MB
avgnt.exe
Process ID 2044
User Eigenaar
Domain EIGENAAR-PC
Path C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
Memory Usage 2,80 MB
Peak Memory Usage 210 MB
avguard.exe
Process ID 1652
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\avguard.exe
Memory Usage 46 MB
Peak Memory Usage 284 MB
avshadow.exe
Process ID 2524
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
Memory Usage 48 KB
Peak Memory Usage 2,61 MB
avwebgrd.exe
Process ID 2780
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
Memory Usage 464 KB
Peak Memory Usage 8,59 MB
csrss.exe
Process ID 596
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\csrss.exe
Memory Usage 1,85 MB
Peak Memory Usage 3,33 MB
ctfmon.exe
Process ID 420
User Eigenaar
Domain EIGENAAR-PC
Path C:\WINDOWS\system32\ctfmon.exe
Memory Usage 1,46 MB
Peak Memory Usage 3,52 MB
explorer.exe
Process ID 3108
User Eigenaar
Domain EIGENAAR-PC
Path C:\WINDOWS\explorer.exe
Memory Usage 10 MB
Peak Memory Usage 23 MB
GoogleCrashHandler.exe
Process ID 216
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
Memory Usage 416 KB
Peak Memory Usage 2,51 MB
hkcmd.exe
Process ID 1992
User Eigenaar
Domain EIGENAAR-PC
Path C:\WINDOWS\system32\hkcmd.exe
Memory Usage 312 KB
Peak Memory Usage 3,94 MB
igfxtray.exe
Process ID 2004
User Eigenaar
Domain EIGENAAR-PC
Path C:\WINDOWS\system32\igfxtray.exe
Memory Usage 308 KB
Peak Memory Usage 3,84 MB
Kies.exe
Process ID 432
User Eigenaar
Domain EIGENAAR-PC
Path C:\Program Files\Samsung\Kies\Kies.exe
Memory Usage 2,70 MB
Peak Memory Usage 21 MB
KiesTrayAgent.exe
Process ID 400
User Eigenaar
Domain EIGENAAR-PC
Path C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
Memory Usage 876 KB
Peak Memory Usage 8,76 MB
lsass.exe
Process ID 680
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\lsass.exe
Memory Usage 2,08 MB
Peak Memory Usage 6,29 MB
mDNSResponder.exe
Process ID 1688
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bonjour\mDNSResponder.exe
Memory Usage 436 KB
Peak Memory Usage 3,18 MB
realsched.exe
Process ID 384
User Eigenaar
Domain EIGENAAR-PC
Path C:\program files\real\realplayer\update\realsched.exe
Memory Usage 152 KB
Peak Memory Usage 3,04 MB
recordingmanager.exe
Process ID 3104
User Eigenaar
Domain EIGENAAR-PC
Path C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
Memory Usage 1,08 MB
Peak Memory Usage 7,47 MB
rndlresolversvc.exe
Process ID 1924
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
Memory Usage 48 KB
Peak Memory Usage 2,32 MB
sched.exe
Process ID 1516
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\sched.exe
Memory Usage 620 KB
Peak Memory Usage 5,09 MB
services.exe
Process ID 668
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\services.exe
Memory Usage 1,74 MB
Peak Memory Usage 3,52 MB
smss.exe
Process ID 532
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 44 KB
Peak Memory Usage 692 KB
Speccy.exe
Process ID 1368
User Eigenaar
Domain EIGENAAR-PC
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 20 MB
Peak Memory Usage 38 MB
spoolsv.exe
Process ID 1468
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\spoolsv.exe
Memory Usage 1,22 MB
Peak Memory Usage 4,80 MB
svchost.exe
Process ID 1344
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 1,63 MB
Peak Memory Usage 6,21 MB
svchost.exe
Process ID 1248
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 1,34 MB
Peak Memory Usage 2,96 MB
svchost.exe
Process ID 1056
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 120 KB
Peak Memory Usage 3,24 MB
svchost.exe
Process ID 1020
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 35 MB
svchost.exe
Process ID 924
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 1,49 MB
Peak Memory Usage 4,46 MB
svchost.exe
Process ID 844
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 1,46 MB
Peak Memory Usage 3,72 MB
svchost.exe
Process ID 2848
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 244 KB
Peak Memory Usage 3,36 MB
svchost.exe
Process ID 1580
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 652 KB
Peak Memory Usage 3,75 MB
System
Process ID 4
Memory Usage 40 KB
Peak Memory Usage 2,00 MB
System Idle Process
Process ID 0
taskmgr.exe
Process ID 2932
User Eigenaar
Domain EIGENAAR-PC
Path C:\WINDOWS\system32\taskmgr.exe
Memory Usage 1,78 MB
Peak Memory Usage 4,75 MB
winampa.exe
Process ID 352
User Eigenaar
Domain EIGENAAR-PC
Path C:\Program Files\Winamp\winampa.exe
Memory Usage 276 KB
Peak Memory Usage 2,67 MB
winlogon.exe
Process ID 624
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\winlogon.exe
Memory Usage 1,47 MB
Peak Memory Usage 13 MB
wmiprvse.exe
Process ID 4080
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 7,99 MB
Peak Memory Usage 8,00 MB
Scheduler
16-10-2013 17:33;elke 1 uur, vanaf 0:33 uur, gedurende 24 uur elke dag, te beginnen op 1-1-2000 Adobe Flash Player Updater
16-10-2013 18:09;elke 1 uur, vanaf 13:09 uur, gedurende 24 uur elke dag, te beginnen op 13-10-2013 GoogleUpdateTaskMachineUA
17-10-2013 13:09;Uitvoeren bij aanmelden GoogleUpdateTaskMachineCore
19-10-2013 22:47;om 22:47 uur, elke za van elke week, te beginnen op 24-6-2013 AppleSoftwareUpdate
23-10-2013 16:16;om 16:16 uur, elke 7 dagen, te beginnen op 16-10-2013 RealPlayerRealUpgradeScheduledTaskS-1-5-21-1614895754-879983540-1606980848-1003
Uitvoeren bij aanmelden RealPlayerRealUpgradeLogonTaskS-1-5-21-1614895754-879983540-1606980848-1003
Hotfixes
13-10-2013 KB951847: Microsoft .NET Framework 3.5 Service Pack 1 en .NET Framework 3.5 Family Update x86 voor .NET-versies 2.0 tot en met 3.5
Microsoft .NET Framework 3.5 Service Pack 1 is een volledige,
cumulatieve update die veel nieuwe functies bevat, die stuk voor
stuk voortbouwen op .NET Framework 2.0, 3.0 en 3.5. De update
bevat ook cumulatieve serviceupdates voor de subcomponenten van
.NET Framework 2.0 en .NET Framework 3.0. De .NET Framework 3.5
Family Update biedt belangrijke updates voor toepassingscompatibiliteit.
Deze combinatie van servicepack en update is geschikt voor .NET-versies
2.0 tot en met 3.5.
11-10-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2863239)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
11-10-2013 KB2847311: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
11-10-2013 KB2862335: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
11-10-2013 Beveiligingsupdate voor Microsoft .NET Framework 4 voor XP, Server 2003, Vista en Server 2008 voor x86-systemen (KB2861188)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
11-10-2013 KB890830: Windows-programma voor het verwijderen van schadelijke software - oktober 2013
Nadat u dit hulpprogramma hebt gedownload, wordt het één keer
uitgevoerd om te controleren of uw computer is geïnfecteerd met
bepaalde soorten schadelijke software (inclusief Blaster, Sasser
en Mydoom). Eventuele infecties kunt u tevens met dit hulpprogramma
verwijderen. Wanneer een infectie wordt aangetroffen, wordt de
volgende keer dat u uw computer opstart een statusrapport weergegeven.
Er is iedere maand een nieuwe versie van dit hulpprogramma beschikbaar.
Als u het hulpprogramma handmatig op uw computer wilt uitvoeren,
kunt u een exemplaar downloaden via het Microsoft Downloadcentrum
of een onlineversie uitvoeren via microsoft.com. Dit hulpprogramma
is geen vervanging voor antivirussoftware. U moet een antivirusproduct
gebruiken om uw computer hiertegen te beveiligen.
11-10-2013 Beveiligingsupdate voor Microsoft Silverlight (KB2890788)
Deze beveiligingsupdate voor Silverlight bevat fixes die worden
beschreven in KB-artikel 2890788. Deze update is achterwaarts
compatibel met webtoepassingen die zijn gemaakt met eerdere versies
van Silverlight.
11-10-2013 KB2861697: Beveiligingsupdate voor Microsoft .NET Framework 3.5 SP1 op Windows XP, Windows Server 2003, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
11-10-2013 KB2879017: Cumulatieve beveiligingsupdate voor Internet Explorer 8 voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
11-10-2013 KB2883150: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
11-10-2013 KB2862330: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
11-10-2013 Beveiligingsupdate voor Microsoft .NET Framework 3.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2861189)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
11-10-2013 KB2858302: Beveiligingsupdate voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
19-9-2013 Update voor Microsoft .NET Framework 2.0 SP2 voor Windows Server 2003 en Windows XP voor x86-systemen (KB2836941)
Installeer deze update om problemen in Windows op te lossen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel
voor meer informatie. Wanneer u deze update hebt geïnstalleerd,
moet u de computer mogelijk opnieuw opstarten.
19-9-2013 Update voor basiscertificaten voor Windows XP [augustus 2013] (KB931125)
Met dit pakket wordt de lijst met basiscertificaten op uw computer
bijgewerkt naar de lijst die door Microsoft wordt geaccepteerd
in het kader van het Microsoft-programma voor basiscertificaten.
Door de installatie van aanvullende basiscertificaten op de computer
kunt u gebruik maken van uitgebreide validatiecertificaten in
Internet Explorer en een groter aantal beveiligde webnavigatie-,
versleutelde e-mail- en beveiligde coderingstoepassingen. Wanneer
u deze update hebt geïnstalleerd, moet u de computer mogelijk
opnieuw opstarten. Deze update kan na installatie niet worden
verwijderd.
19-9-2013 KB928416: Taalpakket voor Microsoft .NET Framework 3.0: x86
Microsoft NET Framework 3.0 is het programmeermodel voor begeleide
code voor Windows. Met versie 3.0 wordt versie 2.0 uitgebreid
met nieuwe technologieën waarmee toepassingen kunnen worden voorzien
van visueel intrigerende gebruikerservaringen, naadloze communicatie
over technologiegrenzen heen en de mogelijkheid om een groot
aantal bedrijfsprocessen te ondersteunen. Wanneer u deze update
hebt geïnstalleerd, moet u de computer mogelijk opnieuw opstarten.
19-9-2013 KB2864063: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
19-9-2013 KB890830: Windows-programma voor het verwijderen van schadelijke software - september 2013
Nadat u dit hulpprogramma hebt gedownload, wordt het één keer
uitgevoerd om te controleren of uw computer is geïnfecteerd met
bepaalde soorten schadelijke software (inclusief Blaster, Sasser
en Mydoom). Eventuele infecties kunt u tevens met dit hulpprogramma
verwijderen. Wanneer een infectie wordt aangetroffen, wordt de
volgende keer dat u uw computer opstart een statusrapport weergegeven.
Er is iedere maand een nieuwe versie van dit hulpprogramma beschikbaar.
Als u het hulpprogramma handmatig op uw computer wilt uitvoeren,
kunt u een exemplaar downloaden via het Microsoft Downloadcentrum
of een onlineversie uitvoeren via microsoft.com. Dit hulpprogramma
is geen vervanging voor antivirussoftware. U moet een antivirusproduct
gebruiken om uw computer hiertegen te beveiligen.
19-9-2013 KB2870699: Cumulatieve beveiligingsupdate voor Internet Explorer 8 voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
19-9-2013 KB2876217: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
19-9-2013 KB2876315: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
19-9-2013 Beveiligingsupdate voor Windows Media Format Runtime 11 voor Windows XP (KB2834904)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
19-9-2013 KB2850869: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
19-9-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2844285)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
19-9-2013 KB2840628: Beveiligingsupdate voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
19-9-2013 KB2863058: Update voor Windows XP
Installeer deze update om problemen in Windows op te lossen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel
voor meer informatie. Wanneer u deze update hebt geïnstalleerd,
moet u de computer mogelijk opnieuw opstarten.
19-9-2013 KB2859537: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
19-9-2013 KB2849470: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
10-7-2013 KB890830: Windows-programma voor het verwijderen van schadelijke software - juli 2013
Nadat u dit hulpprogramma hebt gedownload, wordt het één keer
uitgevoerd om te controleren of uw computer is geïnfecteerd met
bepaalde soorten schadelijke software (inclusief Blaster, Sasser
en Mydoom). Eventuele infecties kunt u tevens met dit hulpprogramma
verwijderen. Wanneer een infectie wordt aangetroffen, wordt de
volgende keer dat u uw computer opstart een statusrapport weergegeven.
Er is iedere maand een nieuwe versie van dit hulpprogramma beschikbaar.
Als u het hulpprogramma handmatig op uw computer wilt uitvoeren,
kunt u een exemplaar downloaden via het Microsoft Downloadcentrum
of een onlineversie uitvoeren via microsoft.com. Dit hulpprogramma
is geen vervanging voor antivirussoftware. U moet een antivirusproduct
gebruiken om uw computer hiertegen te beveiligen.
10-7-2013 KB890830: Windows-programma voor het verwijderen van schadelijke software - juli 2013
Nadat u dit hulpprogramma hebt gedownload, wordt het één keer
uitgevoerd om te controleren of uw computer is geïnfecteerd met
bepaalde soorten schadelijke software (inclusief Blaster, Sasser
en Mydoom). Eventuele infecties kunt u tevens met dit hulpprogramma
verwijderen. Wanneer een infectie wordt aangetroffen, wordt de
volgende keer dat u uw computer opstart een statusrapport weergegeven.
Er is iedere maand een nieuwe versie van dit hulpprogramma beschikbaar.
Als u het hulpprogramma handmatig op uw computer wilt uitvoeren,
kunt u een exemplaar downloaden via het Microsoft Downloadcentrum
of een onlineversie uitvoeren via microsoft.com. Dit hulpprogramma
is geen vervanging voor antivirussoftware. U moet een antivirusproduct
gebruiken om uw computer hiertegen te beveiligen.
9-7-2013 KB2850851: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 Cumulatieve beveiligingsupdate voor Internet Explorer 8 voor Windows XP (KB2846071)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 KB2845187: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2844285)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 KB2840629: Beveiligingsupdate voor Microsoft .NET Framework 3.5 SP1 op Windows XP, Windows Server 2003, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 KB2840628: Beveiligingsupdate voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 Beveiligingsupdate voor Windows Media Format Runtime 11 voor Windows XP (KB2834904)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 KB2834886: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 Beveiligingsupdate voor Microsoft .NET Framework 4 voor XP, Server 2003, Vista en Server 2008 voor x86-systemen (KB2832407)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 Beveiligingsupdate voor Microsoft .NET Framework 3.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2832411)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 KB890830: Windows-programma voor het verwijderen van schadelijke software - juli 2013
Nadat u dit hulpprogramma hebt gedownload, wordt het één keer
uitgevoerd om te controleren of uw computer is geïnfecteerd met
bepaalde soorten schadelijke software (inclusief Blaster, Sasser
en Mydoom). Eventuele infecties kunt u tevens met dit hulpprogramma
verwijderen. Wanneer een infectie wordt aangetroffen, wordt de
volgende keer dat u uw computer opstart een statusrapport weergegeven.
Er is iedere maand een nieuwe versie van dit hulpprogramma beschikbaar.
Als u het hulpprogramma handmatig op uw computer wilt uitvoeren,
kunt u een exemplaar downloaden via het Microsoft Downloadcentrum
of een onlineversie uitvoeren via microsoft.com. Dit hulpprogramma
is geen vervanging voor antivirussoftware. U moet een antivirusproduct
gebruiken om uw computer hiertegen te beveiligen.
9-7-2013 KB2850851: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 Cumulatieve beveiligingsupdate voor Internet Explorer 8 voor Windows XP (KB2846071)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 KB2845187: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2844285)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 KB2840629: Beveiligingsupdate voor Microsoft .NET Framework 3.5 SP1 op Windows XP, Windows Server 2003, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 KB2840628: Beveiligingsupdate voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 Beveiligingsupdate voor Windows Media Format Runtime 11 voor Windows XP (KB2834904)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 KB2834886: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 Beveiligingsupdate voor Microsoft .NET Framework 4 voor XP, Server 2003, Vista en Server 2008 voor x86-systemen (KB2832407)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 Beveiligingsupdate voor Microsoft .NET Framework 3.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2832411)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2833940)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 KB2833941: Beveiligingsupdate voor Microsoft .NET Framework 1.1 SP1 op Windows XP, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-7-2013 Beveiligingsupdate voor Microsoft Silverlight (KB2847559)
Deze beveiligingsupdate voor Silverlight bevat fixes die worden
beschreven in KB-artikel 2847559. Deze update is achterwaarts
compatibel met webtoepassingen die zijn gemaakt met eerdere versies
van Silverlight.
9-7-2013 KB2835393: Beveiligingsupdate voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt geïnstalleerd, moet u de computer wellicht
opnieuw opstarten.

Edited by Admirgency, 16 October 2013 - 03:20 PM.

  • 0

#4
Admirgency

Admirgency

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
24-6-2013 Update voor Microsoft .NET Framework 2.0 SP2 voor Windows Server 2003 en Windows XP voor x86-systemen (KB2836941)
Installeer deze update om problemen in Windows op te lossen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel
voor meer informatie. Wanneer u deze update hebt ge´nstalleerd,
moet u de computer mogelijk opnieuw opstarten.
24-6-2013 Update voor Microsoft .NET Framework 3.5 SP1 voor Windows XP, Server 2003, Vista en Server 2008 voor x86-systemen (KB2836940)
Installeer deze update om problemen in Windows op te lossen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel
voor meer informatie. Wanneer u deze update hebt ge´nstalleerd,
moet u de computer mogelijk opnieuw opstarten.
24-6-2013 KB2836939: Update voor Microsoft .NET Framework 4 op XP, Server 2003, Vista, Windows 7 en Windows Server 2008 x86
Installeer deze update om problemen in Windows op te lossen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel
voor meer informatie. Wanneer u deze update hebt ge´nstalleerd,
moet u de computer mogelijk opnieuw opstarten.
24-6-2013 KB2808679: Update voor Windows XP
Installeer deze update om problemen in Windows op te lossen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel
voor meer informatie. Wanneer u deze update hebt ge´nstalleerd,
moet u de computer mogelijk opnieuw opstarten.
24-6-2013 Update voor basiscertificaten voor Windows XP [mei 2013] (KB931125)
Met dit pakket wordt de lijst met basiscertificaten op uw computer
bijgewerkt naar de lijst die door Microsoft wordt geaccepteerd
in het kader van het Microsoft-programma voor basiscertificaten.
Door de installatie van aanvullende basiscertificaten op de computer
kunt u gebruik maken van uitgebreide validatiecertificaten in
Internet Explorer en een groter aantal beveiligde webnavigatie-,
versleutelde e-mail- en beveiligde coderingstoepassingen. Wanneer
u deze update hebt ge´nstalleerd, moet u de computer mogelijk
opnieuw opstarten. Deze update kan na installatie niet worden
verwijderd.
24-6-2013 KB928416: Taalpakket voor Microsoft .NET Framework 3.0: x86
Microsoft NET Framework 3.0 is het programmeermodel voor begeleide
code voor Windows. Met versie 3.0 wordt versie 2.0 uitgebreid
met nieuwe technologieŰn waarmee toepassingen kunnen worden voorzien
van visueel intrigerende gebruikerservaringen, naadloze communicatie
over technologiegrenzen heen en de mogelijkheid om een groot
aantal bedrijfsprocessen te ondersteunen. Wanneer u deze update
hebt ge´nstalleerd, moet u de computer mogelijk opnieuw opstarten.
24-6-2013 KB2839229: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt ge´nstalleerd, moet u de computer wellicht
opnieuw opstarten.
24-6-2013 KB890830: Windows-programma voor het verwijderen van schadelijke software - juni 2013
Nadat u dit hulpprogramma hebt gedownload, wordt het ÚÚn keer
uitgevoerd om te controleren of uw computer is ge´nfecteerd met
bepaalde soorten schadelijke software (inclusief Blaster, Sasser
en Mydoom). Eventuele infecties kunt u tevens met dit hulpprogramma
verwijderen. Wanneer een infectie wordt aangetroffen, wordt de
volgende keer dat u uw computer opstart een statusrapport weergegeven.
Er is iedere maand een nieuwe versie van dit hulpprogramma beschikbaar.
Als u het hulpprogramma handmatig op uw computer wilt uitvoeren,
kunt u een exemplaar downloaden via het Microsoft Downloadcentrum
of een onlineversie uitvoeren via microsoft.com. Dit hulpprogramma
is geen vervanging voor antivirussoftware. U moet een antivirusproduct
gebruiken om uw computer hiertegen te beveiligen.
24-6-2013 Cumulatieve beveiligingsupdate voor Internet Explorer 8 voor Windows XP (KB2838727)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt ge´nstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-6-2013 Cumulatieve beveiligingsupdate voor Internet Explorer 8 voor Windows XP (KB2829530)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt ge´nstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-6-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2804577)
Er is een beveiligingsprobleem vastgesteld waardoor een kwaadwillende
gebruiker acties of gedrag van een systeem verkeerd kan weergeven
zonder medeweten van de gebruiker. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
9-6-2013 KB2804576: Beveiligingsupdate voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een kwaadwillende
gebruiker acties of gedrag van een systeem verkeerd kan weergeven
zonder medeweten van de gebruiker. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
9-6-2013 Beveiligingsupdate voor Internet Explorer 8 voor Windows XP (KB2847204)
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt ge´nstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-6-2013 KB2820917: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt ge´nstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-6-2013 KB2820197: Cumulatieve beveiligingsupdate voor ActiveX Killbits voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt ge´nstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-6-2013 KB890830: Windows-programma voor het verwijderen van schadelijke software - mei 2013
Nadat u dit hulpprogramma hebt gedownload, wordt het ÚÚn keer
uitgevoerd om te controleren of uw computer is ge´nfecteerd met
bepaalde soorten schadelijke software (inclusief Blaster, Sasser
en Mydoom). Eventuele infecties kunt u tevens met dit hulpprogramma
verwijderen. Wanneer een infectie wordt aangetroffen, wordt de
volgende keer dat u uw computer opstart een statusrapport weergegeven.
Er is iedere maand een nieuwe versie van dit hulpprogramma beschikbaar.
Als u het hulpprogramma handmatig op uw computer wilt uitvoeren,
kunt u een exemplaar downloaden via het Microsoft Downloadcentrum
of een onlineversie uitvoeren via microsoft.com. Dit hulpprogramma
is geen vervanging voor antivirussoftware. U moet een antivirusproduct
gebruiken om uw computer hiertegen te beveiligen.
9-6-2013 KB2813170: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt ge´nstalleerd, moet u de computer wellicht
opnieuw opstarten.
9-6-2013 KB2829361: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld bij een softwareproduct
van Microsoft dat invloed kan hebben op uw systeem. Installeer
deze update van Microsoft om uw systeem hiertegen te beveiligen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel.
Nadat u deze update hebt ge´nstalleerd, moet u de computer wellicht
opnieuw opstarten.
24-3-2013 Update voor basiscertificaten voor Windows XP [december 2012] (KB931125)
Met dit pakket wordt de lijst met basiscertificaten op uw computer
bijgewerkt naar de lijst die door Microsoft wordt geaccepteerd
in het kader van het Microsoft-programma voor basiscertificaten.
Door de installatie van aanvullende basiscertificaten op de computer
kunt u gebruik maken van uitgebreide validatiecertificaten in
Internet Explorer en een groter aantal beveiligde webnavigatie-,
versleutelde e-mail- en beveiligde coderingstoepassingen. Wanneer
u deze update hebt ge´nstalleerd, moet u de computer mogelijk
opnieuw opstarten. Deze update kan na installatie niet worden
verwijderd.
24-3-2013 Windows Live Essentials
Windows Live Essentials is de naam voor een reeks van gratis
programma's waarmee je contact kunt houden met de mensen die
belangrijk voor je zijn, herinneringen en foto's kunt bewerken
en uitwisselen, en waarmee je zelfs je kinderen online kunt beschermen.
Deze programma's zijn bijvoorbeeld Windows Live Messenger, Mail,
Writer, Photo Gallery, Family Safety, Toolbar en Movie Maker.
24-3-2013 KB2600217: Update voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Deze update heeft betrekking op de stabiliteit, betrouwbaarheid
en prestaties van Microsoft .NET Framework 4. Nadat u deze update
hebt ge´nstalleerd, moet u de computer opnieuw opstarten.
24-3-2013 KB2632503: Update voor Windows XP
Installeer deze update om problemen in Windows op te lossen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel
voor meer informatie. Wanneer u deze update hebt ge´nstalleerd,
moet u de computer mogelijk opnieuw opstarten.
24-3-2013 KB2468871: Update voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Installeer deze update om problemen in Microsoft .NET Framework
4 op te lossen. Zie voor een complete lijst met problemen die
in deze update zijn opgenomen het bijbehorende Microsoft Knowledge
Base-artikel voor meer informatie. Wanneer u deze update hebt
ge´nstalleerd, moet u de computer mogelijk opnieuw opstarten.
24-3-2013 KB2533523: Update voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Deze update heeft betrekking op de stabiliteit, betrouwbaarheid
en prestaties van Microsoft .NET Framework 4. Nadat u deze update
hebt ge´nstalleerd, moet u de computer opnieuw opstarten.
24-3-2013 KB968930: Windows PowerShell 2.0 en WinRM 2.0 voor Windows XP en Windows Embedded
Het basispakket voor Windows Management Framework bevat Windows
PowerShell 2.0 en Windows Remote Management (WinRM) 2.0. Zie
http://support.microsoft.com/kb/968929 voor meer informatie over
Windows Management Framework.
24-3-2013 KB928416: Taalpakket voor Microsoft .NET Framework 3.0: x86
Microsoft NET Framework 3.0 is het programmeermodel voor begeleide
code voor Windows. Met versie 3.0 wordt versie 2.0 uitgebreid
met nieuwe technologieŰn waarmee toepassingen kunnen worden voorzien
van visueel intrigerende gebruikerservaringen, naadloze communicatie
over technologiegrenzen heen en de mogelijkheid om een groot
aantal bedrijfsprocessen te ondersteunen. Wanneer u deze update
hebt ge´nstalleerd, moet u de computer mogelijk opnieuw opstarten.
24-3-2013 KB951847: Microsoft .NET Framework 3.5 Service Pack 1 (x86-taalpakket)
Microsoft .NET Framework 3.5 Service Pack 1 is een volledige,
cumulatieve update die veel nieuwe functies bevat, die stuk voor
stuk voortbouwen op .NET Framework 2.0, 3.0 en 3.5. De update
bevat ook cumulatieve serviceupdates voor de subcomponenten van
.NET Framework 2.0 en .NET Framework 3.0.
24-3-2013 KB2742597: Beveiligingsupdate voor Microsoft .NET Framework 1.1 SP1 op Windows XP, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2742596)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 3.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2756918)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 3.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2604110)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2604111: Beveiligingsupdate voor Microsoft .NET Framework 3.5 SP1 op Windows XP, Windows Server 2003, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2657424: Beveiligingsupdate voor Microsoft .NET Framework 3.5 SP1 op Windows XP, Windows Server 2003, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2736416: Beveiligingsupdate voor Microsoft .NET Framework 3.5 SP1 op Windows XP, Windows Server 2003, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker ervoor kan zorgen dat de beschadigde
toepassing niet meer reageert. Installeer deze update van Microsoft
om uw computer hiertegen te beveiligen. Wanneer u deze update
hebt ge´nstalleerd, moet u de computer mogelijk opnieuw opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2656352)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 3.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2656407)
Er is een beveiligingsprobleem vastgesteld waardoor een kwaadwillende
gebruiker een beveiligingsfunctie van de software kan doorbreken
of omzeilen. Installeer deze update van Microsoft om uw systeem
hiertegen te beveiligen. Nadat u deze update hebt ge´nstalleerd,
moet u de computer wellicht opnieuw opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2742596)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 3.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2756918)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 3.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2604110)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2604111: Beveiligingsupdate voor Microsoft .NET Framework 3.5 SP1 op Windows XP, Windows Server 2003, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2657424: Beveiligingsupdate voor Microsoft .NET Framework 3.5 SP1 op Windows XP, Windows Server 2003, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2736416: Beveiligingsupdate voor Microsoft .NET Framework 3.5 SP1 op Windows XP, Windows Server 2003, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker ervoor kan zorgen dat de beschadigde
toepassing niet meer reageert. Installeer deze update van Microsoft
om uw computer hiertegen te beveiligen. Wanneer u deze update
hebt ge´nstalleerd, moet u de computer mogelijk opnieuw opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2656352)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 3.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2656407)
Er is een beveiligingsprobleem vastgesteld waardoor een kwaadwillende
gebruiker een beveiligingsfunctie van de software kan doorbreken
of omzeilen. Installeer deze update van Microsoft om uw systeem
hiertegen te beveiligen. Nadat u deze update hebt ge´nstalleerd,
moet u de computer wellicht opnieuw opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2729450)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2789643)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2789643)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 3.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2756918)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2736416: Beveiligingsupdate voor Microsoft .NET Framework 3.5 SP1 op Windows XP, Windows Server 2003, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker ervoor kan zorgen dat de beschadigde
toepassing niet meer reageert. Installeer deze update van Microsoft
om uw computer hiertegen te beveiligen. Wanneer u deze update
hebt ge´nstalleerd, moet u de computer mogelijk opnieuw opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2742596)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2729450)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2604111: Beveiligingsupdate voor Microsoft .NET Framework 3.5 SP1 op Windows XP, Windows Server 2003, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2657424: Beveiligingsupdate voor Microsoft .NET Framework 3.5 SP1 op Windows XP, Windows Server 2003, Windows Vista en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 3.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2656407)
Er is een beveiligingsprobleem vastgesteld waardoor een kwaadwillende
gebruiker een beveiligingsfunctie van de software kan doorbreken
of omzeilen. Installeer deze update van Microsoft om uw systeem
hiertegen te beveiligen. Nadat u deze update hebt ge´nstalleerd,
moet u de computer wellicht opnieuw opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2656352)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 3.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2604110)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft .NET Framework 2.0 SP2 op Windows Server 2003 en Windows XP x86 (KB2604092)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB982524: Update voor Microsoft .NET Framework 3.5 SP1 en .NET Framework 2.0 SP2 voor Windows Server 2003 en Windows XP x86
Met deze update verhelpt u een aantal bekende problemen met Microsoft
.NET Framework 3.5 Service Pack 1. Wanneer u deze update hebt
ge´nstalleerd, moet u de computer mogelijk opnieuw opstarten.
24-3-2013 KB982168: Update voor Microsoft .NET Framework 3.5 SP1 voor Windows Server 2003 en Windows XP x86
Installeer deze update om verificatiereferenties in specifieke
scenario's te verbeteren. Als u deze update hebt ge´nstalleerd,
moet u de computer wellicht opnieuw opstarten
24-3-2013 Update voor .NET Framework 3.5 Service Pack 1 voor de .NET Framework Assistant 1.0 x86 (KB963707)
Met de update voor .NET Framework 3.5 Service Pack 1 voor de
.NET Framework Assistant 1.0 voor Firefox worden diverse compatibiliteitsproblemen
met versie 1.0 van de extensie opgelost.
24-3-2013 Microsoft .NET Framework 1.1 Service Pack 1
Met Microsoft .NET Framework 1.1 Service Pack 1 verhelpt u een
aantal problemen die zijn gevonden na de eerste release van .NET
Framework 1.1. Het gaat hierbij zowel om veiligheidsproblemen
als andere problemen. Als u deze update hebt ge´nstalleerd, moet
u de computer wellicht opnieuw opstarten. Dit onderdeel kan niet
worden verwijderd na installatie.
24-3-2013 KB951847: Microsoft .NET Framework 3.5 Service Pack 1 en .NET Framework 3.5 Family Update x86 voor .NET-versies 2.0 tot en met 3.5
Microsoft .NET Framework 3.5 Service Pack 1 is een volledige,
cumulatieve update die veel nieuwe functies bevat, die stuk voor
stuk voortbouwen op .NET Framework 2.0, 3.0 en 3.5. De update
bevat ook cumulatieve serviceupdates voor de subcomponenten van
.NET Framework 2.0 en .NET Framework 3.0. De .NET Framework 3.5
Family Update biedt belangrijke updates voor toepassingscompatibiliteit.
Deze combinatie van servicepack en update is geschikt voor .NET-versies
2.0 tot en met 3.5.
24-3-2013 Update voor basiscertificaten voor Windows XP [december 2012] (KB931125)
Met dit pakket wordt de lijst met basiscertificaten op uw computer
bijgewerkt naar de lijst die door Microsoft wordt geaccepteerd
in het kader van het Microsoft-programma voor basiscertificaten.
Door de installatie van aanvullende basiscertificaten op de computer
kunt u gebruik maken van uitgebreide validatiecertificaten in
Internet Explorer en een groter aantal beveiligde webnavigatie-,
versleutelde e-mail- en beveiligde coderingstoepassingen. Wanneer
u deze update hebt ge´nstalleerd, moet u de computer mogelijk
opnieuw opstarten. Deze update kan na installatie niet worden
verwijderd.
24-3-2013 Windows Live Essentials
Windows Live Essentials is de naam voor een reeks van gratis
programma's waarmee je contact kunt houden met de mensen die
belangrijk voor je zijn, herinneringen en foto's kunt bewerken
en uitwisselen, en waarmee je zelfs je kinderen online kunt beschermen.
Deze programma's zijn bijvoorbeeld Windows Live Messenger, Mail,
Writer, Photo Gallery, Family Safety, Toolbar en Movie Maker.
24-3-2013 KB2600217: Update voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Deze update heeft betrekking op de stabiliteit, betrouwbaarheid
en prestaties van Microsoft .NET Framework 4. Nadat u deze update
hebt ge´nstalleerd, moet u de computer opnieuw opstarten.
24-3-2013 KB2632503: Update voor Windows XP
Installeer deze update om problemen in Windows op te lossen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel
voor meer informatie. Wanneer u deze update hebt ge´nstalleerd,
moet u de computer mogelijk opnieuw opstarten.
24-3-2013 KB2468871: Update voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Installeer deze update om problemen in Microsoft .NET Framework
4 op te lossen. Zie voor een complete lijst met problemen die
in deze update zijn opgenomen het bijbehorende Microsoft Knowledge
Base-artikel voor meer informatie. Wanneer u deze update hebt
ge´nstalleerd, moet u de computer mogelijk opnieuw opstarten.
24-3-2013 KB2533523: Update voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Deze update heeft betrekking op de stabiliteit, betrouwbaarheid
en prestaties van Microsoft .NET Framework 4. Nadat u deze update
hebt ge´nstalleerd, moet u de computer opnieuw opstarten.
24-3-2013 KB951847: Microsoft .NET Framework 3.5 Service Pack 1 en .NET Framework 3.5 Family Update x86
Microsoft .NET Framework 3.5 Service Pack 1 is een volledige,
cumulatieve update die veel nieuwe functies bevat, die stuk voor
stuk voortbouwen op .NET Framework 2.0, 3.0 en 3.5. De update
bevat ook cumulatieve serviceupdates voor de subcomponenten van
.NET Framework 2.0 en .NET Framework 3.0. De .NET Framework 3.5
Family Update biedt belangrijke updates voor toepassingscompatibiliteit.
Deze combinatie van servicepack en update is geschikt voor systemen
waarop een versie van .Net voorafgaand aan versie 2.0 is ge´nstalleerd,
of voor systemen waarop niet eerder een versie van .NET is ge´nstalleerd.
24-3-2013 Microsoft .NET Framework versie 1.1 (Nederlands)
Microsoft .NET Framework is een onderdeel van het Windows-besturingssysteem.
Ontwikkelaars kunnen met .NET Framework eenvoudiger en sneller
krachtige software maken waarmee de prestaties, schaalbaarheid,
integratiemogelijkheden, betrouwbaarheid, beveiliging en eindgebruikerservaringen
worden geoptimaliseerd. Tevens kunnen de kosten voor distributie
en beheer tot een minimum worden beperkt.
24-3-2013 KB2789642: Beveiligingsupdate voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2742595: Beveiligingsupdate voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2729449: Beveiligingsupdate voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2737019: Beveiligingsupdate voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2604121: Beveiligingsupdate voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2656351: Beveiligingsupdate voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7 en Windows Server 2008 x86
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB982670: Microsoft .NET Framework 4 Client Profile voor Windows XP x86
Microsoft .NET Framework 4 Client Profile biedt een deelverzameling
van functies van .NET Framework 4. Client Profile is ontworpen
om clienttoepassingen uit te voeren en de installatie voor Windows
Presentation Foundation (WPF) en Windows Forms-technologie zo
snel mogelijk te maken.
24-3-2013 Beveiligingsupdate voor Internet Explorer 8 voor Windows XP (KB2797052)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB890830: Windows-programma voor het verwijderen van schadelijke software - maart 2013
Nadat u dit hulpprogramma hebt gedownload, wordt het ÚÚn keer
uitgevoerd om te controleren of uw computer is ge´nfecteerd met
bepaalde soorten schadelijke software (inclusief Blaster, Sasser
en Mydoom). Eventuele infecties kunt u tevens met dit hulpprogramma
verwijderen. Wanneer een infectie wordt aangetroffen, wordt de
volgende keer dat u uw computer opstart een statusrapport weergegeven.
Er is iedere maand een nieuwe versie van dit hulpprogramma beschikbaar.
Als u het hulpprogramma handmatig op uw computer wilt uitvoeren,
kunt u een exemplaar downloaden via het Microsoft Downloadcentrum
of een onlineversie uitvoeren via microsoft.com. Dit hulpprogramma
is geen vervanging voor antivirussoftware. U moet een antivirusproduct
gebruiken om uw computer hiertegen te beveiligen.
24-3-2013 KB2758857: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2778344: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een geverifieerde
lokale kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2799494: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een geverifieerde
lokale kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2779562: Update voor Windows XP
Installeer deze update om problemen op te lossen die worden veroorzaakt
door in diverse landen gewijzigde wetgeving betreffende tijdzones
en zomertijd. Met deze update wordt de computerklok op de juiste
datum in 2012 automatisch aangepast aan de gewijzigde wetgeving.
Wanneer u deze update hebt ge´nstalleerd, moet u de computer
mogelijk opnieuw opstarten.
24-3-2013 KB2802968: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Bijwerken voor Windows XP en Windows Server 2003 (KB2798897)
Installeer deze update om een probleem met een verplichte update
van het niet-vertrouwde certificaatarchief op Windows-systemen
op te lossen en om uw systeemlijst met certificaten actueel te
houden. Nadat u deze update hebt ge´nstalleerd, moet u de computer
wellicht opnieuw opstarten.
24-3-2013 KB2758694: Beveiligingsupdate voor Microsoft XML Core Services 4.0 Service Pack 3
Er is een beveiligingsprobleem vastgesteld in Microsoft XML Core
Services (MSXML) waardoor een kwaadwillende gebruiker uw Windows-systeem
kan beschadigen en beheer over het systeem kan krijgen. U kunt
uw computer hiertegen beveiligen door deze update van Microsoft
te installeren. Wanneer u deze update hebt ge´nstalleerd, moet
u de computer mogelijk opnieuw opstarten. Deze update kan na
installatie niet worden verwijderd.
24-3-2013 KB2780091: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2753842: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2770660: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 Cumulatieve beveiligingsupdate voor Internet Explorer 8 voor Windows XP (KB2809289)
Er is een beveiligingsprobleem vastgesteld waardoor een kwaadwillende
gebruiker een systeem waarop Microsoft internet Explorer wordt
uitgevoerd, kan beschadigen en controle over het systeem kan
krijgen. Installeer deze update van Microsoft om uw computer
hiertegen te beveiligen. Wanneer u deze update hebt ge´nstalleerd,
moet u de computer mogelijk opnieuw opstarten.
24-3-2013 KB2807986: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een geverifieerde
lokale kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2757638: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2749655: Update voor Windows XP
Installeer deze update om problemen in Windows op te lossen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel
voor meer informatie. Wanneer u deze update hebt ge´nstalleerd,
moet u de computer mogelijk opnieuw opstarten.
24-3-2013 Beveiligingsupdate voor Microsoft Silverlight (KB2814124)
Deze beveiligingsupdate voor Silverlight bevat fixes die worden
beschreven in KB-artikel 2814124. Deze update is achterwaarts
compatibel met webtoepassingen die zijn gemaakt met eerdere versies
van Silverlight.
24-3-2013 KB2727528: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
24-3-2013 KB2661254: Update voor Windows XP
Installeer deze update en verhoog het minimale versleutelingsniveau
op Windows-systemen zodat uw systeem up-to-date blijft. Nadat
u dit onderdeel hebt ge´nstalleerd, moet u de computer wellicht
opnieuw opstarten.
18-9-2012 Update voor basiscertificaten voor Windows XP [april 2012] (KB931125)
Met dit pakket wordt de lijst met basiscertificaten op uw computer
bijgewerkt naar de lijst die door Microsoft wordt geaccepteerd
in het kader van het Microsoft-programma voor basiscertificaten.
Door de installatie van aanvullende basiscertificaten op de computer
kunt u gebruik maken van uitgebreide validatiecertificaten in
Internet Explorer en een groter aantal beveiligde webnavigatie-,
versleutelde e-mail- en beveiligde coderingstoepassingen. Wanneer
u deze update hebt ge´nstalleerd, moet u de computer mogelijk
opnieuw opstarten. Deze update kan na installatie niet worden
verwijderd.
18-9-2012 KB2632503: Update voor Windows XP
Installeer deze update om problemen in Windows op te lossen.
Zie voor een complete lijst met problemen die in deze update
zijn opgenomen het bijbehorende Microsoft Knowledge Base-artikel
voor meer informatie. Wanneer u deze update hebt ge´nstalleerd,
moet u de computer mogelijk opnieuw opstarten.
18-9-2012 KB2598845: Update voor de compatibiliteitsweergavelijst voor Internet Explorer 8 voor Windows XP
Dankzij deze update voor de compatibiliteitsweergavelijst zien
websites die voor oudere browsers zijn ontworpen er beter uit
in Internet Explorer 8. Bij het installeren van Internet Explorer
8 krijgt de gebruiker de optie voor een lijst met websites te
kiezen die moeten worden weergegeven in de compatibiliteitsweergave.
Wanneer u deze update hebt ge´nstalleerd, moet u Internet Explorer
wellicht opnieuw opstarten.
18-9-2012 Beveiligingsupdate voor herdistribueerbaar pakket Microsoft Visual C++ 2010 Service Pack 1 (KB2565063)
Er is een beveiligingsprobleem vastgesteld waardoor MFC-toepassingen
kwetsbaar worden voor DLL-invoeging omdat in MFC niet het volledige
pad naar systeem- en lokalisatie-DLL-bestanden wordt opgegeven.
U kunt uw computer beveiligen door deze update van Microsoft
te installeren. Nadat u dit item hebt ge´nstalleerd, moet u mogelijk
de computer opnieuw opstarten.
18-9-2012 KB2712808: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2707511: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een geverifieerde
lokale kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2731847: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een geverifieerde
lokale kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2659262: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2646524: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een geverifieerde
lokale kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2585542: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
toegang tot gegevens kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2631813: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2691442: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2655992: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
toegang tot gegevens kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2598479: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2736233: Updatepakket voor ActiveX Killbits voor Windows XP
Er zijn beveiligingsproblemen vastgesteld in ActiveX-besturingselementen
waardoor een kwaadwillende gebruiker kan inbreken op een systeem
met Microsoft Internet Explorer en beheer over het systeem kan
krijgen. Installeer deze update van Microsoft om uw systeem hiertegen
te beveiligen. Als u deze update hebt ge´nstalleerd, moet u de
computer wellicht opnieuw opstarten..
18-9-2012 KB2686509: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een geverifieerde
lokale kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB890830: Windows-programma voor het verwijderen van schadelijke software - september 2012
Nadat u dit hulpprogramma hebt gedownload, wordt het ÚÚn keer
uitgevoerd om te controleren of uw computer is ge´nfecteerd met
bepaalde soorten schadelijke software (inclusief Blaster, Sasser
en Mydoom). Eventuele infecties kunt u tevens met dit hulpprogramma
verwijderen. Wanneer een infectie wordt aangetroffen, wordt de
volgende keer dat u uw computer opstart een statusrapport weergegeven.
Er is iedere maand een nieuwe versie van dit hulpprogramma beschikbaar.
Als u het hulpprogramma handmatig op uw computer wilt uitvoeren,
kunt u een exemplaar downloaden via het Microsoft Downloadcentrum
of een onlineversie uitvoeren via microsoft.com. Dit hulpprogramma
is geen vervanging voor antivirussoftware. U moet een antivirusproduct
gebruiken om uw computer hiertegen te beveiligen.
18-9-2012 KB2705219: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2719985: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2718704: Update voor Windows XP
Installeer deze update om een probleem met een verplichte update
van de lijst met ingetrokken certificaten op Windows-systemen
op te lossen en om uw systeemlijst met certificaten actueel te
houden. Nadat u deze update hebt ge´nstalleerd, moet u de computer
wellicht opnieuw opstarten.
18-9-2012 KB2723135: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2603381: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2653956: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2721691: Beveiligingsupdate voor Microsoft XML Core Services 4.0 Service Pack 3
Er is een beveiligingsprobleem vastgesteld in Microsoft XML Core
Services (MSXML) waardoor een kwaadwillende gebruiker uw Windows-systeem
kan beschadigen en beheer over het systeem kan krijgen. U kunt
uw computer hiertegen beveiligen door deze update van Microsoft
te installeren. Wanneer u deze update hebt ge´nstalleerd, moet
u de computer mogelijk opnieuw opstarten. Deze update kan na
installatie niet worden verwijderd.
18-9-2012 KB2698365: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2676562: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 Cumulatieve beveiligingsupdate voor Internet Explorer 8 voor Windows XP (KB2722913)
Er is een beveiligingsprobleem vastgesteld waardoor een kwaadwillende
gebruiker een systeem waarop Microsoft internet Explorer wordt
uitgevoerd, kan beschadigen en controle over het systeem kan
krijgen. Installeer deze update van Microsoft om uw computer
hiertegen te beveiligen. Wanneer u deze update hebt ge´nstalleerd,
moet u de computer mogelijk opnieuw opstarten.
18-9-2012 KB2510531: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 Beveiligingsupdate voor Microsoft Silverlight (KB2690729)
Deze beveiligingsupdate voor Silverlight bevat fixes die worden
beschreven in KB-artikelen 2681578 en 2690729. Deze update is
achterwaarts compatibel met webtoepassingen die zijn gemaakt
met eerdere versies van Silverlight.
18-9-2012 Beveiligingsupdate voor Internet Explorer 8 voor Windows XP (KB2544521)
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 Bijwerken voor Windows XP en Windows Server 2003 (KB2728973)
Installeer deze update om een probleem met een verplichte update
van het niet-vertrouwde certificaatarchief op Windows-systemen
op te lossen en om uw systeemlijst met certificaten actueel te
houden. Nadat u deze update hebt ge´nstalleerd, moet u de computer
wellicht opnieuw opstarten.
18-9-2012 KB2661637: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 KB2584146: Beveiligingsupdate voor Windows XP
Er is een beveiligingsprobleem vastgesteld waardoor een niet-geverifieerde
externe kwaadwillende gebruiker uw systeem kan beschadigen en
beheer over het systeem kan krijgen. Installeer deze update van
Microsoft om uw computer hiertegen te beveiligen. Wanneer u deze
update hebt ge´nstalleerd, moet u de computer mogelijk opnieuw
opstarten.
18-9-2012 Windows Update-agent 7.6.7600.256
Met de Windows Update-agent kunt u met de computer naar updates
van een updateservice zoeken en deze installeren. De agent kan
zonodig automatisch worden bijgewerkt om met de updateservice
te communiceren als Windows naar nieuwe updates zoekt.
System Folders
Path for burning CD C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Microsoft\CD Burning
Application Data C:\Documents and Settings\All Users\Application Data
Public Desktop C:\Documents and Settings\All Users\Bureaublad
Documents C:\Documents and Settings\All Users\Documenten
Global Favorites C:\Documents and Settings\All Users\Favorieten
Music C:\Documents and Settings\All Users\Documenten\Mijn muziek
Pictures C:\Documents and Settings\All Users\Documenten\Mijn afbeeldingen
Start Menu Programs C:\Documents and Settings\All Users\Menu Start\Programma's
Start Menu C:\Documents and Settings\All Users\Menu Start
Startup C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten
Templates C:\Documents and Settings\All Users\Sjablonen
Cookies C:\Documents and Settings\Eigenaar\Cookies
Desktop C:\Documents and Settings\Eigenaar\Bureaublad
Physical Desktop C:\Documents and Settings\Eigenaar\Bureaublad
User Favorites C:\Documents and Settings\Eigenaar\Favorieten
Fonts C:\WINDOWS\Fonts
Internet History C:\Documents and Settings\Eigenaar\Local Settings\Geschiedenis
Temporary Internet Files C:\Documents and Settings\Eigenaar\Local Settings\Temporary Internet Files
Local Application Data C:\Documents and Settings\Eigenaar\Local Settings\Application Data
Windows Directory C:\WINDOWS
Windows/System C:\WINDOWS\system32
Program Files C:\Program Files
Services
Running Apple Mobile Device
Running Application Layer Gateway-service
Running Automatic Updates
Running Avira Planner
Running Avira Real-Time Protection
Running Avira Web Protection
Running Bonjour-service
Running COM+-gebeurtenissysteem
Running Compatibiliteit voor Snelle gebruikerswisseling
Running Computer Browser
Running DCOM Server Process Launcher
Running DHCP Client
Running Distributed Link Tracking Client
Running DNS Client
Running Event Log
Running Help en ondersteuning
Running HTTP SSL
Running IPSEC-services
Running Network Connections
Running Network Location Awareness (NLA)
Running Plug and Play
Running Print Spooler
Running Protected Storage
Running RealNetworks Downloader Resolver Service
Running Remote Procedure Call (RPC)
Running Secondary Logon
Running Security Accounts Manager
Running Security Center
Running Server
Running Service voor het rapporteren van fouten
Running Services voor cryptografie
Running Shell Hardware Detection
Running SSDP Discovery-service
Running System Event Notification
Running System Restore-service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Terminal Services
Running Thema's
Running Universele Plug en Play-apparaathost
Running Verbindingsbeheer voor RAS
Running WebClient
Running Windows Audio
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Firewall (WF) / Internet-verbinding delen (ICS)
Running Windows Management Instrumentation
Running Windows Time
Running Wireless Zero Configuration-service
Running Workstation
Stopped .NET Runtime Optimization Service v2.0.50727_X86
Stopped Adobe Flash Player Update Service
Stopped Alerter
Stopped Apparaattoegang via menselijke interface
Stopped Application Management
Stopped ASP.NET-statusservice
Stopped ClipBook
Stopped COM+-systeemtoepassing
Stopped COM-service voor IMAPI cd-branders
Stopped Delen van Extern bureaublad met NetMeeting
Stopped Distributed Transaction Coordinator
Stopped Extensible Authentication Protocol-service
Stopped Google Update-service (gupdate)
Stopped Google Update-service (gupdatem)
Stopped Health Key and Certificate Management-service
Stopped Helpsessiebeheer voor Extern bureaublad
Stopped Indexing-service
Stopped Intelligente achtergrondsoverdrachtservice
Stopped iPod-service
Stopped Logical Disk Manager
Stopped Logical Disk Manager Administrative-service
Stopped Messenger
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Mozilla Maintenance Service
Stopped MS Software Shadow Copy Provider
Stopped MSIServer
Stopped NAP-agent (Network Access Protection)
Stopped Net Logon
Stopped Net.Tcp Port Sharing Service
Stopped Network DDE
Stopped Network DDE DSDM
Stopped Network Provisioning Service
Stopped NT LM Security Support Provider
Stopped Performance Logs and Alerts
Stopped Portable Media Serial Number Service
Stopped QoS RSVP
Stopped Remote Access Auto Connection Manager
Stopped Remote Procedure Call (RPC) Locator
Stopped Routing and Remote Access
Stopped SiSoftware Deployment Agent Service
Stopped Skype Updater
Stopped Smart Card
Stopped Uninterruptible Power Supply
Stopped Verwisselbare opslag
Stopped Volume Shadow Copy
Stopped Windows CardSpace
Stopped Windows Image Acquisition (WIA)
Stopped Windows Media Player Network Sharing-service
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Presentation Foundation Font Cache 4.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped Wired AutoConfig
Stopped WMI-prestatieadapter
Security Options
@wsecedit.dll,-432 Enabled
@wsecedit.dll,-433 Disabled
@wsecedit.dll,-63 Disabled
@wsecedit.dll,-65 Administrator
@wsecedit.dll,-67 Gast
Accounts: gebruik van lege wachtwoorden beperken tot aanmelden op de console Enabled
Afsluiten: systeem kan zonder aanmelding worden afgesloten Enabled
Afsluiten: wisselbestand voor virtueel geheugen wissen Disabled
Apparaten: cd-rom-toegang beperken tot lokaal aangemelde gebruikers Disabled
Apparaten: diskettetoegang beperken tot lokaal aangemelde gebruikers Disabled
Apparaten: gebruikers mogen geen printerstuurprogramma's installeren Disabled
Apparaten: gedrag bij installatie van niet-ondertekend stuurprogramma Zonder bericht voltooien
Apparaten: Loskoppelen toestaan zonder dat opnieuw hoeft te worden aangemeld Enabled
Controle: de toegang tot globale systeemobjecten controleren Disabled
Controle: het gebruik van de bevoegdheden Back-up en Terugzetten controleren Disabled
Controle: systeem onmiddellijk afsluiten als beveiligingscontroles niet in logboek kunnen worden opgeslagen Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Undefined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Undefined
Domaincontroller: wachtwoord veranderen voor machineaccounts weigeren Undefined
Domeincontroller: serveroperators kunnen taken plannen Undefined
Domeincontroller: vereisten voor handtekening van LDAP-server Undefined
Herstelconsole: automatische aanmelding door beheerder toestaan Disabled
Herstelconsole: kopiŰren vanaf diskette en toegang tot alle stations en mappen toestaan Disabled
Interactief aanmelden: aantal te cachen voorafgaande aanmeldingen (als domeincontroller niet beschikbaar is) 10 aanmeldingen
Interactief aanmelden: berichttekst voor gebruikers die zich willen aanmelden
Interactief aanmelden: berichttitel voor gebruikers die zich willen aanmelden
Interactief aanmelden: CTRL+ALT+DEL voor aanmelden uitschakelen Undefined
Interactief aanmelden: gebruiker vragen om het wachtwoord te wijzigen voordat het verloopt 14 dagen
Interactief aanmelden: gebruikersgegevens weergeven wanneer de sessie vergrendeld is Undefined
Interactief aanmelden: gedrag bij verwijderen van smartcard Geen actie
Interactief aanmelden: laatste gebruikersnaam niet in aanmeldingsvenster weergeven Disabled
Interactief aanmelden: smartcard is vereist Undefined
Interactief aanmelden: voor het ontgrendelen van het werkstation is verificatie door een domeincontroller vereist Disabled
Lid van domein: geen systeemonderhoud van wachtwoord van computeraccount Disabled
Lid van domein: gegevens in beveiligd kanaal digitaal coderen (indien mogelijk) Enabled
Lid van domein: gegevens in beveiligd kanaal digitaal coderen of ondertekenen (altijd) Enabled
Lid van domein: gegevens in beveiligd kanaal digitaal ondertekenen (indien mogelijk) Enabled
Lid van domein: het wachtwoord van het machineaccount heeft de maximale leeftijd bereikt 30 dagen
Lid van domein: sterke sessiesleutel verplicht (Windows 2000 of hoger) Disabled
Microsoft netwerkclient: clientcommunicatie digitaal ondertekenen (altijd) Disabled
Microsoft netwerkclient: niet-gecodeerd wachtwoord verzenden om verbinding te kunnen maken met niet-Microsoft SMB-servers Disabled
Microsoft netwerkclient: servercommunicatie digitaal ondertekenen (altijd) Disabled
Microsoft netwerkclient: servercommunicatie digitaal ondertekenen (indien mogelijk) Disabled
Microsoft netwerkserver: gebruikers automatisch afmelden als aanmeldingstijd verstrijkt (lokaal) Enabled
Microsoft netwerkserver: tijd niet-actief voordat de sessie wordt verbroken 15 minuten
Microsoft networkclient: clientcommunicatie digitaal ondertekenen (indien mogelijk) Enabled
Netwerkbeveiliging: LAN Manager-verificatieniveau &LM- en NTLM-antwoorden verzenden
Netwerkbeveiliging: minimale sessiebeveiliging voor op NTLM SSP-gebaseerde (inclusief beveiligde RPC) clients No minimum
Netwerkbeveiliging: minimale sessiebeveiliging voor op NTLM SSP-gebaseerde (inclusief beveiligde RPC) clients No minimum
Netwerktoegang: geen anonieme inventarisatie van SAM-accounts toestaan Disabled
Netwerktoegang: geen anonieme inventarisatie van SAM-accounts toestaan Enabled
Netwerktoegang: LAN Manager hashwaarde niet bewaren bij de volgende keer wachtwoord veranderen Disabled
Netwerktoegang: model voor delen en beveiliging voor lokale accounts Alleen Gast-account - lokale gebruikers verifiŰren als Gast
Netwerktoegang: Named Pipes waarvoor anoniem toegang kan worden verkregen COMNAP,COMNODE,SQL\QUERY,SPOOLSS,LLSRPC,browser
Netwerktoegang: opslag van referenties of .NET Passports voor netwerkverificatie niet toestaan. Disabled
Netwerktoegang: registerpaden die op afstand toegankelijk zijn System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Control\Server Applications,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
Netwerktoegang: shares die anoniem kunnen worden gebruikt COMCFG,DFS$
Networkbeveiliging: vereisten voor handtekening van LDAP-client Onderhandelen over handtekening
Networktoegang: de permissies voor Iedereen toepassen op anonieme gebruikers Disabled
Systeemcryptographie: gebruik FIPS-compliant algorithmes voor codering, hashing en ondertekening Disabled
Systeemobjecten: de standaardeigenaar van objecten wordt gemaakt door leden van de groep Administrators Maker van het object
Systeemobjecten: negeren van hoofd- en kleine letters is vereist voor niet-Windows onderliggende systemen. Enabled
Systeemobjecten: standaardmachtigingen versterken van globale systeemobjecten (b.v. symbolische koppelingen) Enabled
Verwisselbare media mogen worden geformatteerd en uitgeworpen Administrators

  • 0

#5
Admirgency

Admirgency

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Device Tree
ACPI Uniprocessor-pc
Systeem dat voldoet aan Microsoft ACPI
Intel Celeron CPU 2.70GHz
ACPI-aan/uit-knop
Systeemkaart
Intel 82802 Firmware Hub Device
ACPI-ventilator
ACPI-thermale zone
ACPI-vaste-functieknop
PCI-bus
Intel 82845G/GL/GE/PE/GV Processor to I/O Controller - 2560
Intel 82801DB/DBM SMBus Controller - 24C3
SigmaTel C-Major Audio
Moederbordbronnen
Moederbordbronnen
Programmeerbare interruptcontroller
Controller voor directe geheugentoegang
Systeemtimer
Systeem-CMOS/Real-timeklok
Systeemluidspreker
Numerieke-gegevensprocessor
Communicatiepoort (COM1)
PS/2-compatibele muis
Standaardtoetsenbord (101/102 toetsen) of Microsoft Natural PS/2-toetsenbord
Intel® 82845G/GL/GE/PE/GV Graphics Controller
Intel Graphics Chipset (KCH) Driver
Intel Graphics Platform (SoftBIOS) Driver
Standaardbeeldscherm
Intel® 82801DB/DBM USB Universal Host Controller - 24C2
USB-hoofdhub
Intel® 82801DB/DBM USB Universal Host Controller - 24C4
USB-hoofdhub
Intel® 82801DB/DBM USB 2.0 Enhanced Host Controller - 24CD
USB-hoofdhub
Intel® 82801DB PCI Bridge - 244E
Intel PRO/100 VE Network Connection
Intel® 82801DB LPC Interface Controller - 24C0
ISAPNP Read Data-poort
Intel® 82801DB Ultra ATA Storage Controller - 24CB
Primair IDE-kanaal
Maxtor 6E040L0
Maxtor 6E040L0
Secundair IDE-kanaal
HL-DT-ST CD-ROM GCR-8482B
Standaarddiskettestationcontroller
Diskettestation
Printerpoort (LPT1)
Printer Poort logische interface
CPU
Intel Celeron
Cores 1
Threads 1
Name Intel Celeron
Code Name Northwood
Package Socket 478 mPGA
Technology 0.13um
Specification Intel Celeron CPU 2.70GHz
Family F
Extended Family F
Model 2
Extended Model 2
Stepping 9
Revision D1
Instructions MMX, SSE, SSE2
Virtualization Not supported
Hyperthreading Not supported
Fan Speed 1854 RPM
Bus Speed 99,6 MHz
Rated Bus Speed 398,5 MHz
Stock Core Speed 2700 MHz
Stock Bus Speed 100 MHz
Caches
L1 Data Cache Size 8 KBytes
L1 trace cache 12 KÁops
L2 Unified Cache Size 128 KBytes
Core 0
Core Speed 2690,1 MHz
Multiplier x 27,0
Bus Speed 99,6 MHz
Rated Bus Speed 398,5 MHz
Thread 1
APIC ID 0
RAM
Memory slots
Total memory slots 1
Used memory slots 2
Free memory slots 4294967295
Memory
Type DDR
Size 512 MBytes
DRAM Frequency 132,8 MHz
CAS# Latency (CL) 2.5 clocks
RAS# to CAS# Delay (tRCD) 3 clocks
RAS# Precharge (tRP) 3 clocks
Cycle Time (tRAS) 6 clocks
Physical Memory
Memory Usage 35 %
Total Physical 503 MB
Available Physical 323 MB
Total Virtual 1,20 GB
Available Virtual 716 MB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR
Size 256 MBytes
Manufacturer Micron Technology
Max Bandwidth PC2100 (133 MHz)
Part Number 8VDDT3264AG-265CA
Serial Number 1E1CD983
Week/year 33 / 03
SPD Ext. EPP
JEDEC #2
Frequency 133,3 MHz
CAS# Latency 2,5
RAS# To CAS# 3
RAS# Precharge 3
tRAS 6
Voltage 2,500 V
JEDEC #1
Frequency 100,0 MHz
CAS# Latency 2,0
RAS# To CAS# 2
RAS# Precharge 2
tRAS 5
Voltage 2,500 V
Slot #2
Type DDR
Size 256 MBytes
Manufacturer Micron Technology
Max Bandwidth PC2100 (133 MHz)
Part Number 8VDDT3264AG-265CA
Serial Number 1E1CDA49
Week/year 33 / 03
SPD Ext. EPP
JEDEC #2
Frequency 133,3 MHz
CAS# Latency 2,5
RAS# To CAS# 3
RAS# Precharge 3
tRAS 6
Voltage 2,500 V
JEDEC #1
Frequency 100,0 MHz
CAS# Latency 2,0
RAS# To CAS# 2
RAS# Precharge 2
tRAS 5
Voltage 2,500 V
Motherboard
Manufacturer NEC
Model N4-IBFGL (SOCKET 478 M/B)
Version POWERMATE-VL4
Chipset Vendor Intel
Chipset Model i845G
Chipset Revision B1
Southbridge Vendor Intel
Southbridge Model 82801DB (ICH4)
Southbridge Revision 02
System Temperature 27 ░C
BIOS
Brand Phoenix Technologies, LTD
Version /243A0503
Date 7-6-2004
Voltage
CPU VCore 1,520 V
AUX 1,504 V
+3.3V 3,392 V
+5V 5,161 V
+12V 12,586 V
-12V (11,787) V
-5V 3,550 V
PCI Data
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI 1
Characteristics 5V, 3.3V, PME, SMBus
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI 2
Characteristics 5V, 3.3V, PME, SMBus
Slot Number 1
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI 3
Characteristics 5V, 3.3V, PME, SMBus
Slot Number 2
Slot Other
Slot Type Other
Slot Usage Available
Bus Width Other
Slot Designation CNR 1
Characteristics 5V, 3.3V, Shared
Slot Number 3
Graphics
Monitor
Name Standaardbeeldscherm on Intel 82845G/GL/GE/PE/GV Graphics Controller
Current Resolution 1024x768 pixels
Work Resolution 1024x738 pixels
State Enabled, Primary
Monitor Width 1024
Monitor Height 768
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
Intel 82845G/GL/GE/PE/GV Graphics Controller
Manufacturer Intel
Model 82845G/GL/GE/PE/GV Graphics Controller
Device ID 8086-2562
Revision 4
Subvendor Packard Bell B.V. (1631)
Current Performance Level Level 0
Driver version 6.13.1.3413
Count of performance levels : 1
Level 1
Hard Drives
Maxtor 6E040L0
Manufacturer Maxtor
Heads 16
Cylinders 16.383
Device type Fixed
ATA Standard ATA/ATAPI-7
Serial Number E1RG14FE
LBA Size 28bit LBA
Power On Count 1999 times
Power On Time 855,2 days
Features S.M.A.R.T., APM, AAM
Transfer Mode Ultra DMA/133
Interface ATA
Capacity 38,3 GB
Real size 41.109.061.120 bytes
RAID Type None
S.M.A.R.T
Status Warning
Temperature 41 ░C
Temperature Range OK (less than 50 ░C)
03 Spin-Up Time 219 (219) Data 0000002BD6
04 Start/Stop Count 253 (253) Data 000000078B
05 Reallocated Sectors Count 239 (239) Data 000000004A
06 Read Channel Margin 253 (253) Data 0000000000
07 Seek Error Rate 253 (252) Data 0000000000
08 Seek Time Performance 248 (241) Data 0000008FF3
09 Power-On Hours (POH) 240 (240) Data 000000502C
0A Spin Retry Count 253 (251) Data 0000000000
0B Recalibration Retries 253 (252) Data 0000000000
0C Device Power Cycle Count 248 (248) Data 00000007CF
C0 Power-off Retract Count 252 (252) Data 0000000729
C1 Load/Unload Cycle Count 252 (252) Data 00000015A3
C2 Temperature 253 (253) Data 000000002A
C3 Hardware ECC Recovered 253 (252) Data 000000174A
C4 Reallocation Event Count 252 (252) Data 0000000001
C5 Current Pending Sector Count 253 (253) Data 0000000000
C6 Uncorrectable Sector Count 253 (253) Data 0000000000
C7 UltraDMA CRC Error Count 184 (127) Data 0000000048
C8 Write Error Rate / Multi-Zone Error Rate 253 (252) Data 0000000000
C9 Soft Read Error Rate 253 (252) Data 0000000000
CA Data Address Mark errors 253 (252) Data 0000000000
CB Run Out Cancel 253 (252) Data 0000000000
CC Soft ECC Correction 253 (252) Data 0000000000
CD Thermal Asperity Rate (TAR) 253 (252) Data 0000000000
CF Spin High Current 253 (251) Data 0000000000
D0 Spin Buzz 253 (252) Data 0000000000
D1 Offline Seek Performance 186 (185) Data 0000000000
63 Average Flying Height control 253 (253) Data 0000000000
64 Erase/Program Cycles 253 (253) Data 0000000000
65 Maximum Flying Height control 253 (253) Data 0000000000
Partition 0
Partition ID Disk #0, Partition #0
Disk Letter C:
File System NTFS
Volume Serial Number 3C7E2BFE
Size 38,3 GB
Used Space 24,2 GB (64%)
Free Space 14,1 GB (36%)
Maxtor 6E040L0
Manufacturer Maxtor
Heads 16
Cylinders 16.383
Device type Fixed
ATA Standard ATA/ATAPI-7
Serial Number E1QFDL7E
LBA Size 28bit LBA
Power On Count 2188 times
Power On Time 395,2 days
Features S.M.A.R.T., APM, AAM
Transfer Mode Ultra DMA/133
Interface ATA
Capacity 38,3 GB
Real size 41.109.061.120 bytes
RAID Type None
S.M.A.R.T
Status Warning
Temperature 39 ░C
Temperature Range OK (less than 50 ░C)
03 Spin-Up Time 220 (220) Data 0000003245
04 Start/Stop Count 253 (253) Data 0000000702
05 Reallocated Sectors Count 240 (240) Data 0000000046
06 Read Channel Margin 253 (253) Data 0000000000
07 Seek Error Rate 253 (252) Data 0000000000
08 Seek Time Performance 253 (243) Data 000000F9C6
09 Power-On Hours (POH) 234 (234) Data 000000250D
0A Spin Retry Count 253 (252) Data 0000000000
0B Recalibration Retries 253 (252) Data 0000000000
0C Device Power Cycle Count 248 (248) Data 000000088C
C0 Power-off Retract Count 252 (252) Data 00000006CF
C1 Load/Unload Cycle Count 253 (253) Data 0000000BC2
C2 Temperature 253 (253) Data 000000002A
C3 Hardware ECC Recovered 253 (249) Data 0000008EB7
C4 Reallocation Event Count 245 (245) Data 0000000008
C5 Current Pending Sector Count 253 (251) Data 0000000000
C6 Uncorrectable Sector Count 246 (246) Data 0000000007
C7 UltraDMA CRC Error Count 193 (155) Data 000000002C
C8 Write Error Rate / Multi-Zone Error Rate 253 (252) Data 0000000000
C9 Soft Read Error Rate 253 (252) Data 0000000000
CA Data Address Mark errors 253 (182) Data 0000000000
CB Run Out Cancel 253 (252) Data 0000000003
CC Soft ECC Correction 253 (250) Data 0000000000
CD Thermal Asperity Rate (TAR) 253 (252) Data 0000000000
CF Spin High Current 253 (252) Data 0000000000
D0 Spin Buzz 253 (252) Data 0000000000
D1 Offline Seek Performance 188 (184) Data 0000000000
63 Average Flying Height control 253 (253) Data 0000000000
64 Erase/Program Cycles 253 (253) Data 0000000000
65 Maximum Flying Height control 253 (253) Data 0000000000
Partition 0
Partition ID Disk #1, Partition #0
Disk Letter D:
File System NTFS
Volume Serial Number 549F316F
Size 38,3 GB
Used Space 100 MB (1%)
Free Space 38,2 GB (99%)
Optical Drives
HL-DT-ST CD-ROM GCR-8482B
Media Type CD Reader
Name HL-DT-ST CD-ROM GCR-8482B
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Read capabilities CD-R, CD-RW, CD-ROM
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 1
SCSI Target Id 0
Status OK
Audio
Sound Card
SigmaTel C-Major Audio
Playback Device
SigmaTel Audio
Recording Device
SigmaTel Audio
Peripherals
Standaardtoetsenbord (101/102 toetsen) of Microsoft Natural PS/2-toetsenbord
Device Kind Keyboard
Device Name Standaardtoetsenbord (101/102 toetsen) of Microsoft Natural PS/2-toetsenbord
Vendor (standaardtoetsenbord)
Location Op toetsenbordpoort aangesloten
Driver
Date 7-1-2001
Version 5.1.2600.5512
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
PS/2-compatibele muis
Device Kind Mouse
Device Name PS/2-compatibele muis
Vendor Microsoft
Location Aangesloten op de PS/2-muispoort
Driver
Date 7-1-2001
Version 5.1.2600.0
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\DRIVERS\mouclass.sys
Printers
Foxit Reader PDF Printer
Printer Port FOXIT_Reader:
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 300 * 300 dpi Color
Status Unknown
Driver
Driver Name Foxit Reader PDF Printer Driver (v4.01)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\frdvpr_drv.dll
Microsoft XPS Document Writer (Default Printer)
Printer Port XPSPort:
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\mxdwdrv.dll
Network
You are connected to the internet
Connected through Intel PRO/100 VE Network Connection - Pakketplanner-minipoort
IP Address 192.168.23.103
Subnet mask 255.255.255.0
Gateway server 192.168.23.1
Preferred DNS server 192.168.23.1
DHCP Enabled
DHCP server 192.168.23.1
External IP Address 82.171.58.11
Adapter Type Ethernet
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Unknown node type
Link Speed 0 Bps
Computer Name
NetBIOS Name EIGENAAR-PC
DNS Name eigenaar-pc
Membership Part of workgroup
Workgroup MSHOME
Remote Desktop
Disabled
Console
State Active
Domain EIGENAAR-PC
WinInet Info
LAN-verbinding
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Wi-Fi not enabled
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60.000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30.000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Netwerktoegang: model voor delen en beveiliging voor lokale accounts Alleen Gast-account - lokale gebruikers verifiŰren als Gast
Adapters List
Intel® PRO/100 VE Network Connection - Pakketplanner-minipoort
IP Address 192.168.23.103
Subnet mask 255.255.255.0
Gateway server 192.168.23.1
MAC Address 00-0D-87-F2-D5-AE
Network Shares
No network shares
Current TCP Connections
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (2780)
Local 0.0.0.0:44080 LISTEN
Local 0.0.0.0:44081 LISTEN
C:\Program Files\Bonjour\mDNSResponder.exe (1688)
Local 127.0.0.1:5354 LISTEN
Local 127.0.0.1:5354 ESTABLISHED Remote 127.0.0.1:1028 (Querying... )
Local 127.0.0.1:5354 ESTABLISHED Remote 127.0.0.1:1029 (Querying... )
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1664)
Local 127.0.0.1:27015 LISTEN
Local 127.0.0.1:1028 ESTABLISHED Remote 127.0.0.1:5354 (Querying... )
Local 127.0.0.1:1029 ESTABLISHED Remote 127.0.0.1:5354 (Querying... )
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (400)
Local 192.168.23.103:1039 CLOSE-WAIT Remote 174.35.64.26:80 (Querying... ) (HTTP)
C:\WINDOWS\system32\svchost.exe (1344)
Local 0.0.0.0:2869 LISTEN
svchost.exe (924)
Local 0.0.0.0:135 (DCE) LISTEN
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 192.168.23.103:139 (NetBIOS session service) LISTEN
Generated with Speccy v1.23.569



OTL logfile created on: 16-10-2013 17:36:04 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Eigenaar\Bureaublad
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

503,48 Mb Total Physical Memory | 320,89 Mb Available Physical Memory | 63,73% Memory free
1,20 Gb Paging File | 0,72 Gb Available in Paging File | 60,21% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38,28 Gb Total Space | 14,06 Gb Free Space | 36,73% Space Free | Partition Type: NTFS
Drive D: | 38,28 Gb Total Space | 38,18 Gb Free Space | 99,74% Space Free | Partition Type: NTFS

Computer Name: EIGENAAR-PC | User Name: Eigenaar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-10-16 15:44:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-6-OTL.exe
PRC - [2013-10-13 13:03:52 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013-09-19 18:50:02 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013-09-19 15:14:24 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013-09-19 15:14:07 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013-09-19 15:14:06 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013-09-19 15:14:02 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013-09-19 15:14:01 | 000,347,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013-08-22 06:39:36 | 000,084,576 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2013-08-14 15:19:56 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2013-08-14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013-04-23 13:48:16 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013-04-23 13:48:12 | 001,561,968 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2012-02-15 17:06:07 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013-10-13 13:07:13 | 000,115,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\a632a6ee2d0c2fa63dee385bb7a25f64\DeviceStoryAlbum.ni.dll
MOD - [2013-10-13 13:07:11 | 000,610,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePodcast\4526c5f66f4d58cba3b8f6e8b3483c68\DevicePodcast.ni.dll
MOD - [2013-10-13 13:07:08 | 000,295,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceVideo\c7a355ff12bdc431ceb4c39e608a25dd\DeviceVideo.ni.dll
MOD - [2013-10-13 13:07:05 | 000,351,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePhoto\d4322605567d0ef641d74421a2dc03cb\DevicePhoto.ni.dll
MOD - [2013-10-13 13:07:03 | 000,304,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceMusic\ec2aeec61b291557a7f4323fc14cf1cf\DeviceMusic.ni.dll
MOD - [2013-10-13 13:07:01 | 000,469,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\VideoManager\fef9e0bdc4b01d2470315c86e4d40a3b\VideoManager.ni.dll
MOD - [2013-10-13 13:06:57 | 000,777,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PhotoManager\312a0f8f8fe6c44fbb6f7d3c2a6557f7\PhotoManager.ni.dll
MOD - [2013-10-13 13:06:53 | 001,983,488 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Phonebook\4a5fb68238e344209d8a0217bd40ba3c\Phonebook.ni.dll
MOD - [2013-10-13 13:06:44 | 000,203,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\e1a87c286c4d99a53c257e35741a688c\StoryAlbumManager.ni.dll
MOD - [2013-10-13 13:06:42 | 000,940,544 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MusicManager\51c1f02c4240f88e79c131b92c3df2be\MusicManager.ni.dll
MOD - [2013-10-13 13:06:37 | 000,404,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BATPlugin\d4bb8b896d76bf17f292c605335c443e\BATPlugin.ni.dll
MOD - [2013-10-13 13:06:25 | 000,534,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\e81c5fdd0458721e7e60dbe6466f2e55\Kies.Common.MediaDB.ni.dll
MOD - [2013-10-13 13:06:22 | 000,063,488 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\f689e9242f93f3135698ce84fb9c1b4d\Kies.Common.AllShare.ni.dll
MOD - [2013-10-13 13:06:21 | 000,066,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\943fa57ac751efce3d5155dc0447e2d7\Kies.Common.DBManager.ni.dll
MOD - [2013-10-13 13:06:19 | 001,141,248 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Podcaster\5e0135eaded46791a24d1631def268e4\Podcaster.ni.dll
MOD - [2013-10-13 13:06:14 | 000,283,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\23d7e3863f30312c864562eac90c2a8b\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2013-10-13 13:06:12 | 000,580,096 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\2393f816a9726a97672c9132b70d5090\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2013-10-13 13:06:09 | 001,205,248 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bb3d1a08c445d38d97a9074c0a97fd4d\Kies.Common.DeviceService.ni.dll
MOD - [2013-10-13 13:06:03 | 000,995,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\3e604491264f523924f0089a87190472\DeviceCommonLib.ni.dll
MOD - [2013-10-13 13:05:58 | 000,743,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\deb26ac455c68a38a6887e65d6fa7ec9\Kies.Plugin.ContentsManagerLib.ni.dll
MOD - [2013-10-13 13:05:54 | 000,201,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\339553a6d31ea06708f46a95509459cf\Kies.Common.MainUI.ni.dll
MOD - [2013-10-13 13:05:30 | 000,927,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\90769b2989785042f42c58da8125653a\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2013-10-13 13:05:19 | 002,202,112 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\69bc55613395a04121b0f8de5624b585\Kies.Common.Multimedia.ni.dll
MOD - [2013-10-13 13:05:11 | 000,638,976 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\b0071a5f8af6c00d98e0b1cd6963e057\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2013-10-13 13:04:52 | 007,027,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceHost\5bbb0dcbc6f994227394a2ddb0ff6c79\DeviceHost.ni.dll
MOD - [2013-10-13 13:04:21 | 000,282,624 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\051bbc053f10717a6772c1f1a953cf02\Kies.Common.Util.ni.dll
MOD - [2013-10-13 13:04:14 | 001,892,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.UI\2e5b40e22d54b43afc114be55e432841\Kies.UI.ni.dll
MOD - [2013-10-13 13:04:02 | 000,154,112 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\cfab2e070c415fa349141897f075fb7d\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2013-10-13 13:03:58 | 001,273,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Interface\dfe85b87684e535992467c9a26d1bf91\Kies.Interface.ni.dll
MOD - [2013-10-13 13:02:24 | 002,171,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies\fb7da9c93b51b737375aeb2bffdd59fe\Kies.ni.exe
MOD - [2013-10-11 12:25:13 | 018,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll
MOD - [2013-10-11 12:23:54 | 011,451,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll
MOD - [2013-10-11 12:22:53 | 003,858,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll
MOD - [2013-10-11 12:21:54 | 001,014,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
MOD - [2013-10-11 12:21:36 | 007,070,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll
MOD - [2013-09-25 09:38:04 | 017,554,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Theme\e4751f9b36b2c6508c16b10ce5320e22\Kies.Theme.ni.dll
MOD - [2013-09-25 09:38:01 | 000,307,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\2b32fa32c886281edf5660ded3a3ca3c\DummyStorePlugin.ni.dll
MOD - [2013-09-24 14:47:52 | 000,029,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9874d45458a36056c54a0bf82326a62\Kies.Common.StoreManager.ni.dll
MOD - [2013-09-24 14:47:43 | 000,232,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\6c2268d21092027249488bb1b5b0b75f\ASF_cSharpAPI.ni.dll
MOD - [2013-09-24 14:47:30 | 000,109,568 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\d7401875953f4a9073354d6f675bf9bc\Kies.Common.CRMManager.ni.dll
MOD - [2013-09-24 14:47:16 | 000,043,008 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.FUSCryptLib\f7bd2f216e228003483586f88738ea13\Interop.FUSCryptLib.ni.dll
MOD - [2013-09-24 14:46:59 | 000,189,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\fa231f175f9469261bba3f7a83f791c0\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2013-09-24 14:46:54 | 000,175,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\454db849dfc8d375153b9a20d37199f9\Interop.DevFileServiceLib.ni.dll
MOD - [2013-09-24 14:44:38 | 000,045,568 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a6e94a63e686f47fb77e19d97d5f2045\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2013-09-24 14:44:29 | 000,080,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ZipStore\3a2ea444aa16a449759bd64ef15ee047\ZipStore.ni.dll
MOD - [2013-09-24 14:44:28 | 000,032,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\1bacad5614827f888c2c488e0fdb2625\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2013-09-24 14:44:27 | 000,052,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\b4494a60ab409d1faffed1dc6e083f61\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2013-09-24 14:44:26 | 000,171,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\222d144071a97633b9750cccffaecb8a\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2013-09-24 14:44:26 | 000,030,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\698237a4d8cdffc93832a0b95dfc002e\Interop.PRPLAYERCORELib.ni.dll
MOD - [2013-09-24 14:44:07 | 000,018,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DeviceServi#\c03cbfdf1c9ffdc70c54318f2b05c239\Interop.DeviceServiceModelDBLib.ni.dll
MOD - [2013-09-24 14:44:04 | 000,187,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1921c5cb9941147f2954c22668bd2c81\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2013-09-24 14:42:22 | 000,395,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CabLib\6a94081144d30902c2b577b86b60a372\CabLib.ni.dll
MOD - [2013-09-24 14:42:18 | 000,052,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\3086d141c6ce19b137f2b32ffc4dc2fa\Interop.DeviceSearchLib.ni.dll
MOD - [2013-09-24 14:42:17 | 001,644,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Locale\55d9ef4648cf7bf52dbb5c1133c6905e\Kies.Locale.ni.dll
MOD - [2013-09-24 14:42:15 | 000,079,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\8a7f8d009ea559fc9f3e864e013205c8\Kies.MVVM.ni.dll
MOD - [2013-09-24 14:38:50 | 000,770,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ab934d739a0906bec56492882d935e57\System.Runtime.Remoting.ni.dll
MOD - [2013-09-19 18:37:01 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll
MOD - [2013-09-19 18:12:18 | 001,801,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013-09-19 15:50:10 | 005,628,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013-09-19 15:49:19 | 009,099,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013-08-14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2013-07-10 00:48:18 | 014,416,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013-04-21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013-04-21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013-03-24 13:17:17 | 000,397,704 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013-10-10 15:57:11 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-10-10 10:34:45 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-09-19 15:14:24 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013-09-19 15:14:07 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013-09-19 15:14:02 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013-09-05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-08-14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2008-10-02 11:22:20 | 000,071,832 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe -- (SandraAgentSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Eigenaar\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - [2013-09-19 15:14:33 | 000,136,672 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013-09-19 15:14:33 | 000,088,840 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013-06-24 09:53:59 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013-06-21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2013-06-21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013-06-21 02:07:52 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013-03-24 13:17:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011-06-02 10:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009-08-07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2002-07-07 13:53:32 | 000,296,179 | ---- | M] (SigmaTel Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97na.sys -- (STAC97NA)
DRV - [2002-07-07 13:52:46 | 000,231,983 | ---- | M] (SigmaTel Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97nh.sys -- (STAC97NH)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 88 1D 78 FF 7D 95 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\InprocServer32 File not found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{B16C97B2-33E0-42CA-96F9-E7A70567AA27}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\CEB4644C31D947E0B8F1DB4980F8D9D4: "URL" = http://websearch.ask...1E-B2E6F28D5F18
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Wikipedia (nl)"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (nl)"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1
FF - prefs.js..extensions.enabledAddons: %7BDF153AFF-6948-45d7-AC98-4FC4AF8A08E2%7D:1.3.3
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130924
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-09-19 18:53:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-09-19 18:50:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2013-03-24 17:48:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Extensions
[2013-10-16 16:30:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions
[2013-10-13 14:40:47 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013-09-19 17:01:48 | 000,128,676 | ---- | M] () (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\[email protected]
[2013-09-19 17:01:48 | 001,314,979 | ---- | M] () (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\[email protected]
[2013-10-13 13:51:12 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-03-24 17:56:32 | 000,138,614 | ---- | M] () (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013-09-19 16:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-09-19 17:00:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013-09-19 18:53:37 | 000,000,000 | ---D | M] (RealDownloader) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2013-09-19 18:50:25 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/...q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/...=UP97DF&PC=UP97,
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Google Documenten = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Zoeken = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealDownloader = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: Adblock Pro = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\2.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2004-08-04 14:00:00 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1364126438671 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.13.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.23.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBBB6759-C7E8-4871-BD0D-F6CF94A8EA25}: DhcpNameServer = 192.168.23.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Ierland.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Ierland.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-09-18 10:23:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {168F8BAC-A269-48E9-BB7A-A51B594CF6FF} - .NET Framework
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamische HTML met gegevensbinding voor Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Geavanceerd bewerken
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9A1027CE-83F6-3CB2-B9BA-9DA38D0907D0} - .NET Framework
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0} - Microsoft .NET Framework 1.1 Security Update (KB2833941)
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taakplanner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013-10-16 17:29:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Menu Start\Programma's\Speccy
[2013-10-16 17:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013-10-16 16:36:39 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-4b-aswmbr.exe
[2013-10-16 16:19:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013-10-16 15:57:25 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013-10-16 15:46:48 | 001,087,213 | ---- | C] (Farbar) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-7-FRST.exe
[2013-10-16 15:44:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-6-OTL.exe
[2013-10-16 15:40:00 | 005,552,488 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-5-spsetup123.exe
[2013-10-16 15:35:17 | 002,659,680 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-4-aswmbr.exe
[2013-10-16 15:30:51 | 001,033,335 | ---- | C] (Thisisu) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-3-JRT.exe
[2013-10-13 17:36:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013OTL.exe
[2013-10-13 14:52:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Menu Start\Programma's\Revo Uninstaller
[2013-10-13 14:52:03 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013-10-13 14:51:29 | 002,623,656 | ---- | C] (VS Revo Group Ltd.) -- C:\Documents and Settings\Eigenaar\Bureaublad\revosetup.exe
[2013-10-13 13:51:13 | 022,143,816 | ---- | C] (Mozilla) -- C:\Documents and Settings\Eigenaar\Bureaublad\Thunderbird Setup 24.0.1.exe
[2013-10-13 12:34:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013-10-11 10:00:11 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidparse.sys
[2013-10-11 10:00:10 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2013-10-11 09:56:41 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbd.sys
[2013-10-11 09:56:37 | 000,030,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbehci.sys
[2013-10-06 14:53:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Foxit Reader
[2013-10-06 13:18:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\iTunes
[2013-10-06 13:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013-10-06 13:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013-10-06 13:15:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013-09-24 14:35:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documenten\NativeFus_Log
[2013-09-24 14:35:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documenten\CrashDump
[2013-09-24 14:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Samsung
[2013-09-24 14:34:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Application Data\Samsung
[2013-09-24 14:33:13 | 000,000,000 | ---D | C] -- D:\Gebruikers\Eigenaar\Mijn Documenten\samsung
[2013-09-24 14:31:27 | 000,181,912 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\System32\drivers\ssudserd.sys
[2013-09-24 14:31:24 | 000,181,912 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\System32\drivers\ssudmdm.sys
[2013-09-24 14:31:21 | 000,084,248 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\System32\drivers\ssudbus.sys
[2013-09-24 14:25:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Samsung
[2013-09-24 14:25:40 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll
[2013-09-24 14:24:57 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll
[2013-09-24 14:24:57 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DIFxAPI.dll
[2013-09-24 14:24:57 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys
[2013-09-24 14:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2013-09-24 14:23:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2013-09-24 14:22:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Downloaded Installations
[2013-09-24 13:41:27 | 000,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2013-09-19 18:55:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Application Data\RealNetworks
[2013-09-19 18:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013-09-19 18:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks
[2013-09-19 18:51:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2013-09-19 16:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-10-16 17:45:00 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D00FDB6F-8963-405A-804E-BB510CC46110}.job
[2013-10-16 17:34:08 | 000,000,550 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Bureaublad\Snelkoppeling naar aReebok Maintenance.lnk
[2013-10-16 17:33:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-10-16 17:09:05 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-10-16 16:37:53 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-4b-aswmbr.exe
[2013-10-16 16:17:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1614895754-879983540-1606980848-1003.job
[2013-10-16 16:17:02 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1614895754-879983540-1606980848-1003.job
[2013-10-16 16:10:48 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-10-16 16:10:44 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-10-16 16:10:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-10-16 15:46:49 | 001,087,213 | ---- | M] (Farbar) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-7-FRST.exe
[2013-10-16 15:44:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-6-OTL.exe
[2013-10-16 15:40:04 | 005,552,488 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-5-spsetup123.exe
[2013-10-16 15:35:18 | 002,659,680 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-4-aswmbr.exe
[2013-10-16 15:30:52 | 001,033,335 | ---- | M] (Thisisu) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-3-JRT.exe
[2013-10-16 15:28:37 | 001,048,960 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-2-AdwCleaner.exe
[2013-10-13 17:36:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013OTL.exe
[2013-10-13 14:52:04 | 000,000,924 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Bureaublad\Revo Uninstaller.lnk
[2013-10-13 14:51:25 | 002,623,656 | ---- | M] (VS Revo Group Ltd.) -- C:\Documents and Settings\Eigenaar\Bureaublad\revosetup.exe
[2013-10-13 14:27:18 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013-10-13 13:53:46 | 000,001,675 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Mozilla Thunderbird.lnk
[2013-10-13 13:51:43 | 022,143,816 | ---- | M] (Mozilla) -- C:\Documents and Settings\Eigenaar\Bureaublad\Thunderbird Setup 24.0.1.exe
[2013-10-13 12:30:39 | 000,124,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-10-11 13:11:52 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013-10-11 13:01:17 | 000,552,774 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat
[2013-10-11 13:01:17 | 000,481,188 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-10-11 13:01:17 | 000,100,822 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat
[2013-10-11 13:01:17 | 000,079,644 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-10-10 10:34:36 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013-10-10 10:34:34 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013-10-06 14:53:53 | 000,001,710 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Foxit Reader.lnk
[2013-10-06 13:49:19 | 000,001,029 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\SiSoftware Sandra Lite 2013.SP6.lnk
[2013-09-24 14:34:16 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2013-09-24 14:32:33 | 000,001,650 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Samsung Kies (Lite).lnk
[2013-09-24 14:32:33 | 000,001,640 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Samsung Kies.lnk
[2013-09-24 14:25:45 | 000,001,668 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk
[2013-09-24 14:25:45 | 000,001,658 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2013-09-23 23:55:12 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013-09-23 20:25:15 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013-09-23 20:25:14 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013-09-23 20:25:14 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013-09-23 20:25:14 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013-09-23 20:25:14 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013-09-23 20:25:14 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013-09-23 20:25:14 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013-09-23 20:25:14 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013-09-23 20:25:14 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013-09-23 20:25:14 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013-09-23 20:25:12 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013-09-23 20:25:12 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2013-09-23 20:25:12 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013-09-23 20:25:12 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013-09-23 20:25:12 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013-09-23 20:25:12 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013-09-23 20:25:12 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2013-09-23 20:25:12 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013-09-23 20:25:12 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2013-09-23 20:25:12 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013-09-23 20:25:12 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013-09-23 20:25:12 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013-09-23 20:25:11 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013-09-23 20:25:11 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013-09-23 20:25:08 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013-09-23 20:25:08 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2013-09-23 20:25:08 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013-09-23 20:25:08 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2013-09-23 20:25:08 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2013-09-23 20:07:19 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2013-09-23 20:07:19 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013-09-23 20:07:19 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013-09-19 18:50:52 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013-09-19 18:50:18 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013-09-19 18:50:18 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013-09-19 18:50:09 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013-09-19 18:00:54 | 000,001,838 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013-09-19 15:14:33 | 000,136,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013-09-19 15:14:33 | 000,088,840 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-10-16 17:34:08 | 000,000,550 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Bureaublad\Snelkoppeling naar aReebok Maintenance.lnk
[2013-10-16 15:28:33 | 001,048,960 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-2-AdwCleaner.exe
[2013-10-13 14:52:04 | 000,000,924 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Bureaublad\Revo Uninstaller.lnk
[2013-10-13 13:53:46 | 000,001,675 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Mozilla Thunderbird.lnk
[2013-10-06 14:53:53 | 000,001,710 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Foxit Reader.lnk
[2013-10-06 14:53:51 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\gcapi_dll.dll
[2013-10-06 13:49:19 | 000,001,029 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\SiSoftware Sandra Lite 2013.SP6.lnk
[2013-09-24 14:48:32 | 000,131,222 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013-09-24 14:32:33 | 000,001,650 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Samsung Kies (Lite).lnk
[2013-09-24 14:32:33 | 000,001,640 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Samsung Kies.lnk
[2013-09-24 14:25:45 | 000,001,668 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk
[2013-09-24 14:25:45 | 000,001,658 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2013-06-25 11:33:41 | 000,124,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-06-24 13:55:54 | 013,709,312 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Application Data\Sandra.mdb
[2013-04-18 19:07:00 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2013-04-18 19:06:46 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2013-04-18 19:06:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2013-04-18 19:06:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2013-04-18 19:06:46 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2013-03-24 16:06:58 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Local Settings\Application Data\fusioncache.dat
[2012-09-18 12:13:39 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-09-18 11:12:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-09-18 10:31:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-09-18 10:19:50 | 000,021,748 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-02-15 17:16:19 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

========== ZeroAccess Check ==========

[2013-03-24 15:09:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012-02-15 17:06:50 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2012-02-15 17:06:07 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 23:32:46 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: Maxtor 6E040L0
Partitions: 1
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: Maxtor 6E040L0
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 38,00GB
Starting Offset: 32256
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 38,00GB
Starting Offset: 32256
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012-09-18 13:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Adobe
[2013-06-24 13:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Apple Computer
[2013-03-24 13:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Avira
[2013-10-16 15:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\CallingID
[2013-06-25 09:42:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Foxit Software
[2012-09-18 10:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Identities
[2012-09-20 08:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Macromedia
[2013-06-24 13:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Malwarebytes
[2013-06-24 09:19:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Eigenaar\Application Data\Microsoft
[2013-03-24 17:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla
[2012-09-18 12:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\OpenOffice.org
[2013-09-19 15:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Real
[2013-09-19 18:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\RealNetworks
[2013-09-24 14:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Samsung
[2013-10-06 15:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Skype
[2012-09-18 12:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Sun
[2013-07-09 09:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Thunderbird
[2013-07-23 09:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\Winamp
[2012-09-18 10:49:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eigenaar\Application Data\WinRAR

< MD5 for: ATAPI.SYS >
[2012-02-15 17:09:19 | 008,677,978 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: CSRSS.EXE >
[2008-04-14 23:32:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=56332B8FB030700E276E0EA5314B1BA6 -- C:\WINDOWS\system32\csrss.exe
[2008-04-14 23:32:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=56332B8FB030700E276E0EA5314B1BA6 -- C:\WINDOWS\system32\dllcache\csrss.exe

< MD5 for: EXPLORER.EXE >
[2012-02-15 17:06:07 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=36F3CC7AE034B88E1770CDA56D082B4F -- C:\WINDOWS\explorer.exe
[2012-02-15 17:06:07 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=36F3CC7AE034B88E1770CDA56D082B4F -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2012-02-15 17:06:38 | 000,247,296 | ---- | M] (Microsoft Corporation) MD5=18740E8EC5BE4B6D66FA0E4CBFD3B9C6 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2012-02-15 17:06:38 | 000,247,296 | ---- | M] (Microsoft Corporation) MD5=18740E8EC5BE4B6D66FA0E4CBFD3B9C6 -- C:\WINDOWS\system32\mswsock.dll

< MD5 for: NWPROVAU.DLL >
[2008-04-14 23:32:36 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=9B4818E388EE441E9E9B0910767C8F14 -- C:\WINDOWS\system32\dllcache\nwprovau.dll
[2008-04-14 23:32:36 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=9B4818E388EE441E9E9B0910767C8F14 -- C:\WINDOWS\system32\nwprovau.dll

< MD5 for: PNRPNSP.DLL >
[2008-04-14 23:32:40 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=235D0662BAACFD093ADCA7866AB22253 -- C:\WINDOWS\system32\dllcache\pnrpnsp.dll
[2008-04-14 23:32:40 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=235D0662BAACFD093ADCA7866AB22253 -- C:\WINDOWS\system32\pnrpnsp.dll

< MD5 for: RSVPSP.DLL >
[2008-04-14 23:32:40 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=41284F1A376ABAA7638BA19098B436FA -- C:\WINDOWS\system32\dllcache\rsvpsp.dll
[2008-04-14 23:32:40 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=41284F1A376ABAA7638BA19098B436FA -- C:\WINDOWS\system32\rsvpsp.dll

< MD5 for: SERVICES.EXE >
[2012-02-15 17:06:48 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=D98A222A707FFE40043E533FE7A6BA24 -- C:\WINDOWS\system32\dllcache\services.exe
[2012-02-15 17:06:48 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=D98A222A707FFE40043E533FE7A6BA24 -- C:\WINDOWS\system32\services.exe

< MD5 for: SVCHOST.EXE >
[2013-04-04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008-04-14 23:33:16 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E410EC73E2BE2A41D923B006F51C8427 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008-04-14 23:33:16 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E410EC73E2BE2A41D923B006F51C8427 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USER32.DLL >
[2008-04-14 23:32:46 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=4CF588D2F2363B73EB4AF57967D46DFF -- C:\WINDOWS\system32\dllcache\user32.dll
[2008-04-14 23:32:46 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=4CF588D2F2363B73EB4AF57967D46DFF -- C:\WINDOWS\system32\user32.dll

< MD5 for: USERINIT.EXE >
[2008-04-14 23:33:18 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6818A533ED3B2FA9936DF3DAF45352DF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008-04-14 23:33:18 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6818A533ED3B2FA9936DF3DAF45352DF -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008-04-14 23:33:20 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=1247D4D5444E28519BBE31BE8AB4C029 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 23:33:20 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=1247D4D5444E28519BBE31BE8AB4C029 -- C:\WINDOWS\system32\winlogon.exe
[2013-04-04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< MD5 for: WINRNR.DLL >
[2008-04-14 23:32:46 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=4E3657569690067C4D12D135FA93B7E8 -- C:\WINDOWS\system32\dllcache\winrnr.dll
[2008-04-14 23:32:46 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=4E3657569690067C4D12D135FA93B7E8 -- C:\WINDOWS\system32\winrnr.dll

< dir C:\ /S /A:L /C >
De volumenaam van station C is Windows
Het volumenummer is 3C7E-2BFE
Map van C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices
11-10-2013 13:59 <KOPPELING> 2.0.0.0__b03f5f7f11d50a3a
0 bestand(en) 0 bytes
Map van C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote
11-10-2013 14:00 <KOPPELING> 2.0.0.0__b03f5f7f11d50a3a
0 bestand(en) 0 bytes
Map van C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices
11-10-2013 13:01 <KOPPELING> v4.0_4.0.0.0__b03f5f7f11d50a3a
0 bestand(en) 0 bytes
Totaal aantal weergegeven bestanden:
0 bestand(en) 0 bytes
3 map(pen) 15.074.672.640 bytes beschikbaar

< C:\Windows\assembly\tmp\U\*.* /s >

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013-09-19 17:00:27 | 000,873,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013-09-19 17:00:27 | 000,873,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013-09-19 17:00:27 | 000,873,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" [2013-09-19 17:00:34 | 000,274,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013-09-19 17:00:34 | 000,274,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013-09-19 17:00:34 | 000,274,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2013-10-03 08:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2013-10-03 08:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2013-10-03 08:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2013-10-03 08:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013-09-23 20:07:19 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013-09-23 20:07:19 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013-09-23 20:07:19 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009-03-08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009-03-08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013-09-19 17:00:27 | 000,873,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013-09-19 17:00:27 | 000,873,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013-09-19 17:00:27 | 000,873,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" [2013-09-19 17:00:34 | 000,274,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2013-09-19 17:00:34 | 000,274,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2013-09-19 17:00:34 | 000,274,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2013-10-03 08:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2013-10-03 08:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2013-10-03 08:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2013-10-03 08:03:07 | 000,844,752 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013-09-23 20:07:19 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013-09-23 20:07:19 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013-09-23 20:07:19 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009-03-08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009-03-08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %ProgramFiles%\WINDOWS NT\*.* /s >
[2008-04-14 23:32:56 | 000,545,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\dialer.exe
[2004-08-04 14:00:00 | 000,013,312 | ---- | M] (Hilgraeve, Inc.) -- C:\Program Files\WINDOWS NT\htrn_jis.dll
[2004-08-04 14:00:00 | 000,028,160 | ---- | M] (Hilgraeve, Inc.) -- C:\Program Files\WINDOWS NT\hypertrm.exe
[2012-02-15 17:06:37 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Bureau-accessoires\mswrd6.wpc
[2012-02-15 17:06:38 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Bureau-accessoires\mswrd8.wpc
[2012-02-15 17:07:18 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Bureau-accessoires\wordpad.exe
[2012-02-15 17:07:18 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Bureau-accessoires\write.wpc
[2004-08-04 14:00:00 | 000,003,947 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\FONT.DAT
[2004-08-04 14:00:00 | 000,928,700 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL.DAT
[2008-04-14 23:33:12 | 000,282,624 | ---- | M] (Cinematronics) -- C:\Program Files\WINDOWS NT\Pinball\PINBALL.EXE
[2004-08-04 14:00:00 | 000,108,607 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL.MID
[2004-08-04 14:00:00 | 000,028,888 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL2.MID
[2004-08-04 14:00:00 | 000,055,490 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND1.WAV
[2004-08-04 14:00:00 | 000,001,226 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND104.WAV
[2004-08-04 14:00:00 | 000,001,968 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND105.WAV
[2004-08-04 14:00:00 | 000,007,754 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND108.WAV
[2004-08-04 14:00:00 | 000,000,890 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND111.WAV
[2004-08-04 14:00:00 | 000,000,824 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND112.WAV
[2004-08-04 14:00:00 | 000,004,296 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND12.WAV
[2004-08-04 14:00:00 | 000,008,034 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND13.WAV
[2004-08-04 14:00:00 | 000,001,290 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND131.WAV
[2004-08-04 14:00:00 | 000,019,282 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND136.WAV
[2004-08-04 14:00:00 | 000,003,002 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND14.WAV
[2004-08-04 14:00:00 | 000,001,046 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND16.WAV
[2004-08-04 14:00:00 | 000,002,090 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND17.WAV
[2004-08-04 14:00:00 | 000,003,986 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND18.WAV
[2004-08-04 14:00:00 | 000,027,472 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND181.WAV
[2004-08-04 14:00:00 | 000,005,230 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND19.WAV
[2004-08-04 14:00:00 | 000,008,650 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND20.WAV
[2004-08-04 14:00:00 | 000,009,194 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND21.WAV
[2004-08-04 14:00:00 | 000,007,376 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND22.WAV
[2004-08-04 14:00:00 | 000,012,106 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND24.WAV
[2004-08-04 14:00:00 | 000,014,600 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND240.WAV
[2004-08-04 14:00:00 | 000,020,712 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND243.WAV
[2004-08-04 14:00:00 | 000,025,704 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND25.WAV
[2004-08-04 14:00:00 | 000,007,306 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND26.WAV
[2004-08-04 14:00:00 | 000,020,242 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND27.WAV
[2004-08-04 14:00:00 | 000,008,650 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND28.WAV
[2004-08-04 14:00:00 | 000,010,364 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND29.WAV
[2004-08-04 14:00:00 | 000,022,858 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND3.WAV
[2004-08-04 14:00:00 | 000,022,570 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND30.WAV
[2004-08-04 14:00:00 | 000,001,520 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND34.WAV
[2004-08-04 14:00:00 | 000,019,498 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND35.WAV
[2004-08-04 14:00:00 | 000,033,848 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND36.WAV
[2004-08-04 14:00:00 | 000,013,024 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND38.WAV
[2004-08-04 14:00:00 | 000,028,282 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND39.WAV
[2004-08-04 14:00:00 | 000,016,626 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND4.WAV
[2004-08-04 14:00:00 | 000,029,140 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND42.WAV
[2004-08-04 14:00:00 | 000,022,796 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND43.WAV
[2004-08-04 14:00:00 | 000,009,770 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND45.WAV
[2004-08-04 14:00:00 | 000,001,876 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND49.WAV
[2004-08-04 14:00:00 | 000,003,330 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND49D.WAV
[2004-08-04 14:00:00 | 000,003,180 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND5.WAV
[2004-08-04 14:00:00 | 000,012,074 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND50.WAV
[2004-08-04 14:00:00 | 000,008,932 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND528.WAV
[2004-08-04 14:00:00 | 000,009,022 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND53.WAV
[2004-08-04 14:00:00 | 000,018,250 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND54.WAV
[2004-08-04 14:00:00 | 000,021,890 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND55.WAV
[2004-08-04 14:00:00 | 000,029,004 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND560.WAV
[2004-08-04 14:00:00 | 000,024,192 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND563.WAV
[2004-08-04 14:00:00 | 000,030,502 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND57.WAV
[2004-08-04 14:00:00 | 000,003,408 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND58.WAV
[2004-08-04 14:00:00 | 000,004,376 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND6.WAV
[2004-08-04 14:00:00 | 000,017,676 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND65.WAV
[2004-08-04 14:00:00 | 000,032,402 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND68.WAV
[2004-08-04 14:00:00 | 000,026,442 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND7.WAV
[2004-08-04 14:00:00 | 000,014,592 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND713.WAV
[2004-08-04 14:00:00 | 000,027,268 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND735.WAV
[2004-08-04 14:00:00 | 000,002,102 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND8.WAV
[2004-08-04 14:00:00 | 000,047,230 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND827.WAV
[2004-08-04 14:00:00 | 000,020,098 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND9.WAV
[2004-08-04 14:00:00 | 000,006,742 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND999.WAV
[2004-08-04 14:00:00 | 000,375,886 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\table.bmp
[2004-08-04 14:00:00 | 000,002,687 | R--- | M] () -- C:\Program Files\WINDOWS NT\Pinball\wavemix.inf

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< >

========== Files - Unicode (All) ==========
[2013-10-14 11:41:23 | 100,838,232 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ಣ並召6
[2013-10-14 11:41:23 | 100,838,232 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ಣ並召6
[2013-10-11 09:57:55 | 100,446,413 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᙈ⬨召6
[2013-10-11 09:57:55 | 100,446,413 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᙈ⬨召6
[2013-10-10 09:43:44 | 100,221,909 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\丷ꞛ召6
[2013-10-10 09:43:44 | 100,221,909 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\丷ꞛ召6
[2013-10-09 09:57:56 | 100,120,694 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䘠凹召6
[2013-10-09 09:57:56 | 100,120,694 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䘠凹召6
[2013-10-08 15:14:16 | 099,859,239 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\顶隱召6
[2013-10-08 15:14:16 | 099,859,239 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\顶隱召6
[2013-10-06 12:51:53 | 099,399,748 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\뎔淅召6
[2013-10-06 12:51:53 | 099,399,748 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\뎔淅召6
[2013-09-26 07:38:25 | 097,892,804 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\偕召6
[2013-09-26 07:38:25 | 097,892,804 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\偕召6
[2013-09-25 09:36:53 | 097,673,008 | ---- | M] ()(C:\WINDOWS\System32\O??6) -- C:\WINDOWS\System32\O↫召6
[2013-09-25 09:36:53 | 097,673,008 | ---- | C] ()(C:\WINDOWS\System32\O??6) -- C:\WINDOWS\System32\O↫召6
[2013-09-24 10:16:35 | 098,852,061 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ꅓ먔召6
[2013-09-24 10:16:35 | 098,852,061 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ꅓ먔召6
[2013-09-23 10:47:51 | 098,615,842 | ---- | M] ()(C:\WINDOWS\System32\?s?6) -- C:\WINDOWS\System32\s召6
[2013-09-23 10:47:51 | 098,615,842 | ---- | C] ()(C:\WINDOWS\System32\?s?6) -- C:\WINDOWS\System32\s召6

< End of report >
  • 0

#6
Admirgency

Admirgency

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by Eigenaar (administrator) on EIGENAAR-PC on 16-10-2013 18:07:23
Running from C:\Documents and Settings\Eigenaar\Bureaublad
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Dutch Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(RealNetworks, Inc.) C:\program files\real\realplayer\update\realsched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Farbar) C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-7-FRST.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [] - [x]
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [84576 2013-08-22] (Nullsoft, Inc.)
HKLM\...\Run: [TkBellExe] - C:\program files\real\realplayer\update\realsched.exe [295512 2013-09-19] (RealNetworks, Inc.)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxsrvc.dll (Intel Corporation)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-07-18] (Samsung Electronics)
HKU\Bezoekers\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [ 2013-05-01] (Apple Inc.)
HKU\Default User\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x881D78FF7D95CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn...st/srchasst.htm
URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - CEB4644C31D947E0B8F1DB4980F8D9D4 URL = http://websearch.ask...1E-B2E6F28D5F18
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {B16C97B2-33E0-42CA-96F9-E7A70567AA27} URL = http://www.bing.com/...rc=IE-SearchBox
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKCU -WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.13.0.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 14 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.23.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default
FF DefaultSearchEngine: Wikipedia (nl)
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Wikipedia (nl)
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 - C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\bolcom-nl.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\marktplaats-nl.xml
FF Extension: WOT - C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: adblockpopups - C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\Extensions\[email protected]
FF Extension: firefox - C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\Extensions\[email protected]
FF Extension: No Name - C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "https://www.google.nl/"
CHR DefaultSearchURL: (Bing) - http://www.bing.com/...q={searchTerms}
CHR DefaultSuggestURL: (Bing) - http://api.bing.com/...=UP97DF&PC=UP97
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\DOCUME~1\Eigenaar\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\DOCUME~1\Eigenaar\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\DOCUME~1\Eigenaar\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\Eigenaar\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\DOCUME~1\Eigenaar\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0
CHR Extension: (Adblock Pro) - C:\DOCUME~1\Eigenaar\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\2.1_0
CHR Extension: (Gmail) - C:\DOCUME~1\Eigenaar\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-19] (Avira Operations GmbH & Co. KG)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe [71832 2008-10-02] (SiSoftware)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-06-24] (Avira Operations GmbH & Co. KG)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [87579 2002-12-30] (Intel Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-24] (Avira GmbH)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181912 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 STAC97NA; C:\Windows\System32\drivers\stac97na.sys [296179 2002-07-07] (SigmaTel Inc.)
R3 STAC97NH; C:\Windows\System32\drivers\stac97nh.sys [231983 2002-07-07] (SigmaTel Inc.)
R3 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\Windows\System32\drivers\ialmsbw.sys [108480 2002-12-30] (Intel Corporation)
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\Windows\System32\drivers\ialmkchw.sys [78144 2002-12-30] (Intel Corporation)
U1 WS2IFSL;
U3 aswMBR; \??\C:\DOCUME~1\Eigenaar\LOCALS~1\Temp\aswMBR.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-16 18:07 - 2013-10-16 18:07 - 00000000 ____D C:\FRST
2013-10-16 17:56 - 2013-10-16 17:56 - 00179282 _____ C:\Documents and Settings\Eigenaar\Bureaublad\6okt2013-6-OTL.Txt
2013-10-16 17:34 - 2013-10-16 17:34 - 00000550 _____ C:\Documents and Settings\Eigenaar\Bureaublad\Snelkoppeling naar aReebok Maintenance.lnk
2013-10-16 17:29 - 2013-10-16 17:29 - 00000000 ____D C:\Program Files\Speccy
2013-10-16 17:29 - 2013-10-16 17:29 - 00000000 ____D C:\Documents and Settings\Eigenaar\Menu Start\Programma's\Speccy
2013-10-16 16:36 - 2013-10-16 16:37 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-4b-aswmbr.exe
2013-10-16 16:19 - 2013-10-16 16:19 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-16 15:57 - 2013-10-16 16:07 - 00000000 ____D C:\AdwCleaner
2013-10-16 15:52 - 2013-10-16 15:52 - 00000933 _____ C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-OTLfix.txt
2013-10-16 15:46 - 2013-10-16 15:46 - 01087213 _____ (Farbar) C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-7-FRST.exe
2013-10-16 15:44 - 2013-10-16 15:44 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-6-OTL.exe
2013-10-16 15:40 - 2013-10-16 15:40 - 05552488 _____ (Piriform Ltd) C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-5-spsetup123.exe
2013-10-16 15:35 - 2013-10-16 15:35 - 02659680 _____ (AVAST Software) C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-4-aswmbr.exe
2013-10-16 15:30 - 2013-10-16 15:30 - 01033335 _____ (Thisisu) C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-3-JRT.exe
2013-10-16 15:28 - 2013-10-16 15:28 - 01048960 _____ C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-2-AdwCleaner.exe
2013-10-14 11:41 - 2013-10-14 11:41 - 100838232 _____ C:\WINDOWS\system32\ಣ並召6
2013-10-13 18:03 - 2013-10-13 18:03 - 00035486 _____ C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013ExtrasQuick.Txt
2013-10-13 18:02 - 2013-10-13 18:02 - 00108658 _____ C:\Documents and Settings\Eigenaar\Bureaublad\13oktOTLquick.Txt
2013-10-13 17:50 - 2013-10-13 17:50 - 00035464 _____ C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013Extrasfull.Txt
2013-10-13 17:49 - 2013-10-13 17:49 - 00115110 _____ C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013OTLFull.Txt
2013-10-13 17:36 - 2013-10-13 17:36 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013OTL.exe
2013-10-13 14:52 - 2013-10-13 14:52 - 00000924 _____ C:\Documents and Settings\Eigenaar\Bureaublad\Revo Uninstaller.lnk
2013-10-13 14:52 - 2013-10-13 14:52 - 00000000 ____D C:\Program Files\VS Revo Group
2013-10-13 14:51 - 2013-10-13 14:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Documents and Settings\Eigenaar\Bureaublad\revosetup.exe
2013-10-13 13:53 - 2013-10-13 13:53 - 00001675 _____ C:\Documents and Settings\All Users\Bureaublad\Mozilla Thunderbird.lnk
2013-10-13 13:51 - 2013-10-13 13:51 - 22143816 _____ (Mozilla) C:\Documents and Settings\Eigenaar\Bureaublad\Thunderbird Setup 24.0.1.exe
2013-10-13 12:34 - 2013-10-13 14:04 - 00000000 ____D C:\WINDOWS\pss
2013-10-11 13:12 - 2013-10-11 13:14 - 00135456 _____ C:\WINDOWS\KB2847311.log
2013-10-11 13:12 - 2013-10-11 13:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 13:10 - 2013-10-11 13:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 13:09 - 2013-10-11 13:11 - 00136563 _____ C:\WINDOWS\KB2862335.log
2013-10-11 12:32 - 2013-10-11 12:34 - 00016904 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-11 12:31 - 2013-10-11 12:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 12:30 - 2013-10-11 12:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-11 10:00 - 2013-07-03 04:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2013-10-11 10:00 - 2013-07-03 03:59 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2013-10-11 09:57 - 2013-10-11 09:57 - 100446413 _____ C:\WINDOWS\system32\ᙈ⬨召6
2013-10-11 09:56 - 2013-08-09 02:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2013-10-11 09:56 - 2009-03-18 13:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2013-10-10 09:43 - 2013-10-10 09:43 - 100221909 _____ C:\WINDOWS\system32\丷ꞛ召6
2013-10-09 09:57 - 2013-10-09 09:57 - 100120694 _____ C:\WINDOWS\system32\䘠凹召6
2013-10-08 15:14 - 2013-10-08 15:14 - 99859239 _____ C:\WINDOWS\system32\顶隱召6
2013-10-06 14:53 - 2013-10-06 14:53 - 00001710 _____ C:\Documents and Settings\All Users\Bureaublad\Foxit Reader.lnk
2013-10-06 14:53 - 2013-10-06 14:53 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programma's\Foxit Reader
2013-10-06 14:53 - 2013-06-09 21:59 - 00216064 _____ C:\WINDOWS\system32\gcapi_dll.dll
2013-10-06 13:49 - 2013-10-06 13:49 - 00001029 _____ C:\Documents and Settings\All Users\Bureaublad\SiSoftware Sandra Lite 2013.SP6.lnk
2013-10-06 13:18 - 2013-10-06 13:18 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programma's\iTunes
2013-10-06 13:16 - 2013-10-06 13:16 - 00000000 ____D C:\Program Files\iPod
2013-10-06 13:15 - 2013-10-06 13:18 - 00000000 ____D C:\Program Files\iTunes
2013-10-06 13:15 - 2013-10-06 13:18 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-10-06 12:51 - 2013-10-06 12:51 - 99399748 _____ C:\WINDOWS\system32\뎔淅召6
2013-09-26 07:38 - 2013-09-26 07:38 - 97892804 _____ C:\WINDOWS\system32\偕召6
2013-09-25 13:23 - 2013-09-25 13:23 - 00000000 ____D C:\Documents and Settings\Bezoekers\Application Data\WinRAR
2013-09-25 13:15 - 2013-09-25 13:15 - 00001673 _____ C:\Documents and Settings\Bezoekers\Bureaublad\iPumper.lnk
2013-09-25 13:15 - 2013-09-25 13:15 - 00000000 ____D C:\Documents and Settings\Bezoekers\Menu Start\Programma's\iPumper
2013-09-25 13:14 - 2013-09-25 13:15 - 00000000 ____D C:\Documents and Settings\Bezoekers\Application Data\iPumper
2013-09-25 13:14 - 2013-09-25 13:14 - 00002271 _____ C:\Documents and Settings\Bezoekers\Bureaublad\Continue roller coaster tycoon 2 full pc download.lnk
2013-09-25 09:36 - 2013-09-25 09:36 - 97673008 _____ C:\WINDOWS\system32\O↫召6
2013-09-24 14:48 - 2013-09-24 14:48 - 00131222 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2013-09-24 14:35 - 2013-09-24 14:35 - 00000000 ____D C:\Documents and Settings\All Users\Documenten\NativeFus_Log
2013-09-24 14:35 - 2013-09-24 14:35 - 00000000 ____D C:\Documents and Settings\All Users\Documenten\CrashDump
2013-09-24 14:34 - 2013-09-24 14:34 - 00000000 ____D C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Samsung
2013-09-24 14:34 - 2013-09-24 14:34 - 00000000 ____D C:\Documents and Settings\Eigenaar\Application Data\Samsung
2013-09-24 14:32 - 2013-09-24 14:32 - 00001650 _____ C:\Documents and Settings\All Users\Bureaublad\Samsung Kies (Lite).lnk
2013-09-24 14:32 - 2013-09-24 14:32 - 00001640 _____ C:\Documents and Settings\All Users\Bureaublad\Samsung Kies.lnk
2013-09-24 14:31 - 2013-06-21 02:07 - 00181912 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudserd.sys
2013-09-24 14:31 - 2013-06-21 02:07 - 00181912 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2013-09-24 14:31 - 2013-06-21 02:07 - 00084248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2013-09-24 14:25 - 2013-09-24 14:25 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programma's\Samsung
2013-09-24 14:25 - 2013-04-18 19:08 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\system32\Redemption.dll
2013-09-24 14:24 - 2013-04-18 19:06 - 00821824 _____ (Devguru Co., Ltd.) C:\WINDOWS\system32\dgderapi.dll
2013-09-24 14:24 - 2013-04-18 19:06 - 00319456 _____ (Microsoft Corporation) C:\WINDOWS\system32\DIFxAPI.dll
2013-09-24 14:24 - 2013-04-18 19:06 - 00020032 _____ (Devguru Co., Ltd) C:\WINDOWS\system32\Drivers\dgderdrv.sys
2013-09-24 14:23 - 2013-09-24 14:29 - 00000000 ____D C:\Program Files\Samsung
2013-09-24 14:23 - 2013-09-24 14:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Samsung
2013-09-24 14:22 - 2013-09-24 14:22 - 00000000 ____D C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Downloaded Installations
2013-09-24 13:41 - 2013-08-09 02:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2013-09-24 13:41 - 2013-08-09 02:55 - 00032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-09-24 13:29 - 2013-09-24 13:29 - 00000000 ___RD C:\Documents and Settings\Bezoekers\Menu Start\Programma's\Systeembeheer
2013-09-24 10:16 - 2013-09-24 10:16 - 98852061 _____ C:\WINDOWS\system32\ꅓ먔召6
2013-09-23 10:47 - 2013-09-23 10:47 - 98615842 _____ C:\WINDOWS\system32\s召6
2013-09-19 18:55 - 2013-09-19 18:55 - 00000000 ____D C:\Documents and Settings\Eigenaar\Application Data\RealNetworks
2013-09-19 18:53 - 2013-09-19 18:53 - 00000000 ____D C:\Program Files\RealNetworks
2013-09-19 18:53 - 2013-09-19 18:53 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RealNetworks
2013-09-19 18:51 - 2013-09-19 18:51 - 00000000 ____D C:\Program Files\Common Files\xing shared
2013-09-19 16:59 - 2013-09-19 17:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-19 16:07 - 2013-09-19 16:07 - 00028267 _____ C:\WINDOWS\KB2864063.log
2013-09-19 16:07 - 2013-09-19 16:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-19 16:00 - 2013-09-19 16:01 - 00030207 _____ C:\WINDOWS\KB2870699-IE8.log
2013-09-19 16:00 - 2013-09-19 16:00 - 00021507 _____ C:\WINDOWS\KB2876217.log
2013-09-19 16:00 - 2013-09-19 16:00 - 00021084 _____ C:\WINDOWS\KB2876315.log
2013-09-19 16:00 - 2013-09-19 16:00 - 00017800 _____ C:\WINDOWS\KB2834904-v2.log
2013-09-19 16:00 - 2013-09-19 16:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-19 16:00 - 2013-09-19 16:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-19 16:00 - 2013-09-19 16:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-09-19 16:00 - 2013-09-19 16:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-09-19 15:59 - 2013-09-19 16:00 - 00020781 _____ C:\WINDOWS\KB2850869.log
2013-09-19 15:44 - 2013-09-19 15:44 - 00021041 _____ C:\WINDOWS\KB2859537.log
2013-09-19 15:44 - 2013-09-19 15:44 - 00020092 _____ C:\WINDOWS\KB2863058.log
2013-09-19 15:44 - 2013-09-19 15:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-09-19 15:44 - 2013-09-19 15:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-09-19 15:44 - 2013-09-19 15:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$

==================== One Month Modified Files and Folders =======

2013-10-16 18:09 - 2013-03-24 18:03 - 00001048 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-16 18:07 - 2013-10-16 18:07 - 00000000 ____D C:\FRST
2013-10-16 18:05 - 2013-07-24 11:12 - 00000462 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{D00FDB6F-8963-405A-804E-BB510CC46110}.job
2013-10-16 18:05 - 2013-06-25 10:56 - 00000000 __RHD C:\Documents and Settings\Eigenaar\Onlangs geopend
2013-10-16 18:05 - 2012-09-18 10:34 - 00000000 ____D C:\Documents and Settings\Eigenaar\Bureaublad
2013-10-16 17:56 - 2013-10-16 17:56 - 00179282 _____ C:\Documents and Settings\Eigenaar\Bureaublad\6okt2013-6-OTL.Txt
2013-10-16 17:34 - 2013-10-16 17:34 - 00000550 _____ C:\Documents and Settings\Eigenaar\Bureaublad\Snelkoppeling naar aReebok Maintenance.lnk
2013-10-16 17:33 - 2012-09-18 12:38 - 00000940 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-16 17:29 - 2013-10-16 17:29 - 00000000 ____D C:\Program Files\Speccy
2013-10-16 17:29 - 2013-10-16 17:29 - 00000000 ____D C:\Documents and Settings\Eigenaar\Menu Start\Programma's\Speccy
2013-10-16 17:29 - 2013-07-10 01:34 - 00079270 _____ C:\WINDOWS\setupapi.log
2013-10-16 17:29 - 2012-09-18 10:34 - 00000000 ___RD C:\Documents and Settings\Eigenaar\Menu Start\Programma's
2013-10-16 16:37 - 2013-10-16 16:36 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-4b-aswmbr.exe
2013-10-16 16:19 - 2013-10-16 16:19 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-16 16:17 - 2013-06-24 12:54 - 00000292 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1614895754-879983540-1606980848-1003.job
2013-10-16 16:17 - 2013-06-24 12:54 - 00000284 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1614895754-879983540-1606980848-1003.job
2013-10-16 16:11 - 2012-09-18 10:21 - 01428495 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-16 16:10 - 2013-03-24 18:03 - 00001044 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-16 16:10 - 2012-09-18 10:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-16 16:10 - 2004-08-04 14:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-16 16:08 - 2012-09-18 10:34 - 00000188 ___SH C:\Documents and Settings\Eigenaar\ntuser.ini
2013-10-16 16:08 - 2012-09-18 10:32 - 00032458 _____ C:\WINDOWS\SchedLgU.Txt
2013-10-16 16:07 - 2013-10-16 15:57 - 00000000 ____D C:\AdwCleaner
2013-10-16 15:52 - 2013-10-16 15:52 - 00000933 _____ C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-OTLfix.txt
2013-10-16 15:46 - 2013-10-16 15:46 - 01087213 _____ (Farbar) C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-7-FRST.exe
2013-10-16 15:44 - 2013-10-16 15:44 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-6-OTL.exe
2013-10-16 15:40 - 2013-10-16 15:40 - 05552488 _____ (Piriform Ltd) C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-5-spsetup123.exe
2013-10-16 15:35 - 2013-10-16 15:35 - 02659680 _____ (AVAST Software) C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-4-aswmbr.exe
2013-10-16 15:35 - 2013-03-24 15:47 - 00000000 ____D C:\Documents and Settings\Eigenaar\Application Data\CallingID
2013-10-16 15:30 - 2013-10-16 15:30 - 01033335 _____ (Thisisu) C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-3-JRT.exe
2013-10-16 15:28 - 2013-10-16 15:28 - 01048960 _____ C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-2-AdwCleaner.exe
2013-10-16 15:21 - 2013-03-24 15:37 - 00000000 ____D C:\Documents and Settings\Eigenaar\Local Settings\Application Data\DoNotTrackPlus
2013-10-16 13:46 - 2013-06-26 14:39 - 00000188 ___SH C:\Documents and Settings\Bezoekers\ntuser.ini
2013-10-16 13:46 - 2013-06-26 14:39 - 00000000 ____D C:\Documents and Settings\Bezoekers
2013-10-16 13:40 - 2013-06-28 10:20 - 00000000 ____D C:\Documents and Settings\Bezoekers\Local Settings\Application Data\DoNotTrackPlus
2013-10-16 13:40 - 2013-06-28 10:19 - 00000000 ____D C:\Documents and Settings\Bezoekers\Application Data\CallingID
2013-10-14 11:41 - 2013-10-14 11:41 - 100838232 _____ C:\WINDOWS\system32\ಣ並召6
2013-10-13 21:05 - 2012-09-18 10:34 - 00000000 ____D C:\Documents and Settings\Eigenaar
2013-10-13 20:24 - 2013-07-14 18:46 - 00000000 ____D C:\Documents and Settings\All Users\Documenten\aReebok Maintenance
2013-10-13 18:03 - 2013-10-13 18:03 - 00035486 _____ C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013ExtrasQuick.Txt
2013-10-13 18:02 - 2013-10-13 18:02 - 00108658 _____ C:\Documents and Settings\Eigenaar\Bureaublad\13oktOTLquick.Txt
2013-10-13 17:50 - 2013-10-13 17:50 - 00035464 _____ C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013Extrasfull.Txt
2013-10-13 17:49 - 2013-10-13 17:49 - 00115110 _____ C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013OTLFull.Txt
2013-10-13 17:36 - 2013-10-13 17:36 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013OTL.exe
2013-10-13 17:21 - 2012-09-18 12:08 - 00000000 ____D C:\WINDOWS\Media
2013-10-13 17:20 - 2013-06-09 20:49 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-10-13 17:20 - 2013-03-24 19:49 - 00000216 _____ C:\WINDOWS\wiadebug.log
2013-10-13 17:20 - 2013-03-24 19:49 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-10-13 16:27 - 2013-03-24 14:07 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-13 15:17 - 2012-09-18 10:19 - 00000000 ____D C:\WINDOWS\Registration
2013-10-13 14:52 - 2013-10-13 14:52 - 00000924 _____ C:\Documents and Settings\Eigenaar\Bureaublad\Revo Uninstaller.lnk
2013-10-13 14:52 - 2013-10-13 14:52 - 00000000 ____D C:\Program Files\VS Revo Group
2013-10-13 14:51 - 2013-10-13 14:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Documents and Settings\Eigenaar\Bureaublad\revosetup.exe
2013-10-13 14:49 - 2012-09-18 12:13 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programma's
2013-10-13 14:37 - 2013-06-24 13:15 - 00002265 _____ C:\Documents and Settings\All Users\Menu Start\Programma's\Apple Software Update.lnk
2013-10-13 14:27 - 2012-09-18 12:11 - 00000211 ___SH C:\boot.ini
2013-10-13 14:27 - 2004-08-04 14:00 - 00000507 _____ C:\WINDOWS\win.ini
2013-10-13 14:27 - 2004-08-04 14:00 - 00000227 _____ C:\WINDOWS\system.ini
2013-10-13 14:04 - 2013-10-13 12:34 - 00000000 ____D C:\WINDOWS\pss
2013-10-13 13:53 - 2013-10-13 13:53 - 00001675 _____ C:\Documents and Settings\All Users\Bureaublad\Mozilla Thunderbird.lnk
2013-10-13 13:53 - 2013-07-09 09:53 - 00001681 _____ C:\Documents and Settings\All Users\Menu Start\Programma's\Mozilla Thunderbird.lnk
2013-10-13 13:53 - 2013-07-09 09:53 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-10-13 13:53 - 2013-03-24 17:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-13 13:53 - 2012-09-18 12:13 - 00000000 ____D C:\Documents and Settings\All Users\Bureaublad
2013-10-13 13:51 - 2013-10-13 13:51 - 22143816 _____ (Mozilla) C:\Documents and Settings\Eigenaar\Bureaublad\Thunderbird Setup 24.0.1.exe
2013-10-13 12:30 - 2013-06-25 11:33 - 00124520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-13 12:30 - 2012-09-18 10:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 13:14 - 2013-10-11 13:12 - 00135456 _____ C:\WINDOWS\KB2847311.log
2013-10-11 13:14 - 2013-07-10 01:34 - 00117477 _____ C:\WINDOWS\FaxSetup.log
2013-10-11 13:14 - 2013-07-10 01:34 - 00069084 _____ C:\WINDOWS\ocgen.log
2013-10-11 13:14 - 2013-07-10 01:34 - 00044824 _____ C:\WINDOWS\tsoc.log
2013-10-11 13:14 - 2013-07-10 01:34 - 00038862 _____ C:\WINDOWS\comsetup.log
2013-10-11 13:14 - 2013-07-10 01:34 - 00023578 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-11 13:14 - 2013-07-10 01:34 - 00018711 _____ C:\WINDOWS\iis6.log
2013-10-11 13:14 - 2013-07-10 01:34 - 00007334 _____ C:\WINDOWS\ocmsn.log
2013-10-11 13:14 - 2013-07-10 01:34 - 00005757 _____ C:\WINDOWS\msgsocm.log
2013-10-11 13:14 - 2013-07-10 01:34 - 00001393 _____ C:\WINDOWS\imsins.log
2013-10-11 13:12 - 2013-10-11 13:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 13:12 - 2013-07-10 01:53 - 00015377 _____ C:\WINDOWS\updspapi.log
2013-10-11 13:11 - 2013-10-11 13:09 - 00136563 _____ C:\WINDOWS\KB2862335.log
2013-10-11 13:11 - 2013-07-10 01:34 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-10-11 13:10 - 2013-10-11 13:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 13:01 - 2012-09-18 12:13 - 01225840 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-11 13:01 - 2004-08-04 14:00 - 00552774 _____ C:\WINDOWS\system32\perfh013.dat
2013-10-11 13:01 - 2004-08-04 14:00 - 00100822 _____ C:\WINDOWS\system32\perfc013.dat
2013-10-11 12:53 - 2013-07-10 02:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-11 12:41 - 2012-02-15 17:07 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt.exe
2013-10-11 12:40 - 2012-09-18 10:25 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Silverlight
2013-10-11 12:34 - 2013-10-11 12:32 - 00016904 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-11 12:33 - 2012-09-18 11:16 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-11 12:31 - 2013-10-11 12:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 12:30 - 2013-10-11 12:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-11 09:57 - 2013-10-11 09:57 - 100446413 _____ C:\WINDOWS\system32\ᙈ⬨召6
2013-10-10 10:34 - 2012-09-18 12:38 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-10 10:34 - 2012-02-15 17:07 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-10 10:17 - 2013-06-26 14:39 - 00000000 ____D C:\Documents and Settings\Bezoekers\Bureaublad
2013-10-10 09:43 - 2013-10-10 09:43 - 100221909 _____ C:\WINDOWS\system32\丷ꞛ召6
2013-10-09 09:57 - 2013-10-09 09:57 - 100120694 _____ C:\WINDOWS\system32\䘠凹召6
2013-10-08 15:14 - 2013-10-08 15:14 - 99859239 _____ C:\WINDOWS\system32\顶隱召6
2013-10-06 15:24 - 2013-06-24 12:32 - 00000000 ____D C:\Documents and Settings\Eigenaar\Application Data\Skype
2013-10-06 15:23 - 2013-06-24 12:32 - 00000000 ___RD C:\Program Files\Skype
2013-10-06 15:23 - 2013-06-24 12:31 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-10-06 14:53 - 2013-10-06 14:53 - 00001710 _____ C:\Documents and Settings\All Users\Bureaublad\Foxit Reader.lnk
2013-10-06 14:53 - 2013-10-06 14:53 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programma's\Foxit Reader
2013-10-06 14:50 - 2012-09-18 12:36 - 00000000 ____D C:\Program Files\Defraggler
2013-10-06 13:49 - 2013-10-06 13:49 - 00001029 _____ C:\Documents and Settings\All Users\Bureaublad\SiSoftware Sandra Lite 2013.SP6.lnk
2013-10-06 13:49 - 2013-06-24 12:39 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programma's\SiSoftware
2013-10-06 13:18 - 2013-10-06 13:18 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programma's\iTunes
2013-10-06 13:18 - 2013-10-06 13:15 - 00000000 ____D C:\Program Files\iTunes
2013-10-06 13:18 - 2013-10-06 13:15 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-10-06 13:16 - 2013-10-06 13:16 - 00000000 ____D C:\Program Files\iPod
2013-10-06 13:16 - 2013-06-24 13:13 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-10-06 12:51 - 2013-10-06 12:51 - 99399748 _____ C:\WINDOWS\system32\뎔淅召6
2013-09-26 07:53 - 2013-06-25 10:37 - 00000000 ____D C:\Program Files\CCleaner
2013-09-26 07:38 - 2013-09-26 07:38 - 97892804 _____ C:\WINDOWS\system32\偕召6
2013-09-25 13:56 - 2013-06-26 14:39 - 00000000 __RHD C:\Documents and Settings\Bezoekers\Onlangs geopend
2013-09-25 13:23 - 2013-09-25 13:23 - 00000000 ____D C:\Documents and Settings\Bezoekers\Application Data\WinRAR
2013-09-25 13:15 - 2013-09-25 13:15 - 00001673 _____ C:\Documents and Settings\Bezoekers\Bureaublad\iPumper.lnk
2013-09-25 13:15 - 2013-09-25 13:15 - 00000000 ____D C:\Documents and Settings\Bezoekers\Menu Start\Programma's\iPumper
2013-09-25 13:15 - 2013-09-25 13:14 - 00000000 ____D C:\Documents and Settings\Bezoekers\Application Data\iPumper
2013-09-25 13:15 - 2013-06-26 14:39 - 00000000 ___RD C:\Documents and Settings\Bezoekers\Menu Start\Programma's
2013-09-25 13:14 - 2013-09-25 13:14 - 00002271 _____ C:\Documents and Settings\Bezoekers\Bureaublad\Continue roller coaster tycoon 2 full pc download.lnk
2013-09-25 13:08 - 2013-06-26 14:40 - 00000000 ____D C:\Documents and Settings\Bezoekers\Application Data\Real
2013-09-25 09:36 - 2013-09-25 09:36 - 97673008 _____ C:\WINDOWS\system32\O↫召6
2013-09-24 14:48 - 2013-09-24 14:48 - 00131222 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2013-09-24 14:35 - 2013-09-24 14:35 - 00000000 ____D C:\Documents and Settings\All Users\Documenten\NativeFus_Log
2013-09-24 14:35 - 2013-09-24 14:35 - 00000000 ____D C:\Documents and Settings\All Users\Documenten\CrashDump
2013-09-24 14:34 - 2013-09-24 14:34 - 00000000 ____D C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Samsung
2013-09-24 14:34 - 2013-09-24 14:34 - 00000000 ____D C:\Documents and Settings\Eigenaar\Application Data\Samsung
2013-09-24 14:34 - 2013-07-10 01:34 - 00001125 _____ C:\WINDOWS\setupact.log
2013-09-24 14:32 - 2013-09-24 14:32 - 00001650 _____ C:\Documents and Settings\All Users\Bureaublad\Samsung Kies (Lite).lnk
2013-09-24 14:32 - 2013-09-24 14:32 - 00001640 _____ C:\Documents and Settings\All Users\Bureaublad\Samsung Kies.lnk
2013-09-24 14:29 - 2013-09-24 14:23 - 00000000 ____D C:\Program Files\Samsung
2013-09-24 14:28 - 2013-09-24 14:23 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Samsung
2013-09-24 14:25 - 2013-09-24 14:25 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programma's\Samsung
2013-09-24 14:24 - 2012-09-18 10:53 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-24 14:22 - 2013-09-24 14:22 - 00000000 ____D C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Downloaded Installations
2013-09-24 13:29 - 2013-09-24 13:29 - 00000000 ___RD C:\Documents and Settings\Bezoekers\Menu Start\Programma's\Systeembeheer
2013-09-24 10:16 - 2013-09-24 10:16 - 98852061 _____ C:\WINDOWS\system32\ꅓ먔召6
2013-09-23 23:55 - 2012-09-18 11:13 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2013-09-23 23:55 - 2012-09-18 10:25 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-09-23 20:25 - 2012-09-18 11:13 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2013-09-23 20:25 - 2012-09-18 11:13 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2013-09-23 20:25 - 2012-09-18 11:13 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2013-09-23 20:25 - 2012-09-18 11:13 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2013-09-23 20:25 - 2012-09-18 11:13 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2013-09-23 20:25 - 2012-09-18 11:13 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2013-09-23 20:25 - 2012-09-18 11:13 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2013-09-23 20:25 - 2012-09-18 10:25 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-09-23 20:25 - 2012-09-18 10:25 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-09-23 20:25 - 2012-09-18 10:25 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2013-09-23 20:25 - 2012-09-18 10:20 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2013-09-23 20:25 - 2012-02-15 17:07 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2013-09-23 20:25 - 2012-02-15 17:07 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-09-23 20:25 - 2012-02-15 17:06 - 06017536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2013-09-23 20:25 - 2012-02-15 17:06 - 06017536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-09-23 20:25 - 2012-02-15 17:06 - 01215488 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2013-09-23 20:25 - 2012-02-15 17:06 - 01215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-09-23 20:25 - 2012-02-15 17:06 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2013-09-23 20:25 - 2012-02-15 17:06 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2013-09-23 20:25 - 2012-02-15 17:06 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2013-09-23 20:25 - 2012-02-15 17:06 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2013-09-23 20:25 - 2012-02-15 17:06 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2013-09-23 20:25 - 2012-02-15 17:06 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2013-09-23 20:25 - 2012-02-15 17:06 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2013-09-23 20:25 - 2012-02-15 17:06 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2013-09-23 20:25 - 2008-04-14 23:33 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2013-09-23 20:25 - 2008-04-14 23:33 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-09-23 20:25 - 2008-04-14 23:32 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2013-09-23 20:25 - 2008-04-14 23:32 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2013-09-23 20:25 - 2008-04-14 23:32 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2013-09-23 20:25 - 2008-04-14 23:32 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2013-09-23 20:25 - 2008-04-14 23:32 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2013-09-23 20:25 - 2008-04-14 23:32 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2013-09-23 20:25 - 2008-04-14 23:32 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2013-09-23 20:25 - 2008-04-14 23:32 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-09-23 20:25 - 2008-04-14 23:32 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2013-09-23 20:25 - 2008-04-14 23:32 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2013-09-23 20:07 - 2012-02-15 17:06 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2013-09-23 20:07 - 2008-04-14 23:33 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2013-09-23 20:07 - 2008-04-14 23:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-09-23 10:47 - 2013-09-23 10:47 - 98615842 _____ C:\WINDOWS\system32\s召6
2013-09-19 18:55 - 2013-09-19 18:55 - 00000000 ____D C:\Documents and Settings\Eigenaar\Application Data\RealNetworks
2013-09-19 18:53 - 2013-09-19 18:53 - 00000000 ____D C:\Program Files\RealNetworks
2013-09-19 18:53 - 2013-09-19 18:53 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RealNetworks
2013-09-19 18:53 - 2013-06-24 12:52 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programma's\RealNetworks
2013-09-19 18:51 - 2013-09-19 18:51 - 00000000 ____D C:\Program Files\Common Files\xing shared
2013-09-19 18:51 - 2013-06-24 12:51 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Real
2013-09-19 18:50 - 2013-06-24 12:52 - 00272896 _____ (Progressive Networks) C:\WINDOWS\system32\pncrt.dll
2013-09-19 18:50 - 2013-06-24 12:52 - 00201872 _____ (RealNetworks, Inc.) C:\WINDOWS\system32\rmoc3260.dll
2013-09-19 18:50 - 2013-06-24 12:52 - 00006656 _____ (RealNetworks, Inc.) C:\WINDOWS\system32\pndx5016.dll
2013-09-19 18:50 - 2013-06-24 12:52 - 00005632 _____ (RealNetworks, Inc.) C:\WINDOWS\system32\pndx5032.dll
2013-09-19 18:49 - 2013-06-24 12:51 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp71.dll
2013-09-19 18:49 - 2013-06-24 12:51 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll
2013-09-19 18:42 - 2013-06-24 13:50 - 00000000 ____D C:\Program Files\Winamp
2013-09-19 17:01 - 2013-09-19 16:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-19 16:07 - 2013-09-19 16:07 - 00028267 _____ C:\WINDOWS\KB2864063.log
2013-09-19 16:07 - 2013-09-19 16:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-19 16:01 - 2013-09-19 16:00 - 00030207 _____ C:\WINDOWS\KB2870699-IE8.log
2013-09-19 16:00 - 2013-09-19 16:00 - 00021507 _____ C:\WINDOWS\KB2876217.log
2013-09-19 16:00 - 2013-09-19 16:00 - 00021084 _____ C:\WINDOWS\KB2876315.log
2013-09-19 16:00 - 2013-09-19 16:00 - 00017800 _____ C:\WINDOWS\KB2834904-v2.log
2013-09-19 16:00 - 2013-09-19 16:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-19 16:00 - 2013-09-19 16:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-19 16:00 - 2013-09-19 16:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-09-19 16:00 - 2013-09-19 16:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-09-19 16:00 - 2013-09-19 15:59 - 00020781 _____ C:\WINDOWS\KB2850869.log
2013-09-19 15:44 - 2013-09-19 15:44 - 00021041 _____ C:\WINDOWS\KB2859537.log
2013-09-19 15:44 - 2013-09-19 15:44 - 00020092 _____ C:\WINDOWS\KB2863058.log
2013-09-19 15:44 - 2013-09-19 15:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-09-19 15:44 - 2013-09-19 15:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-09-19 15:44 - 2013-09-19 15:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-09-19 15:44 - 2012-09-18 10:23 - 00248978 _____ C:\WINDOWS\system32\TZLog.log
2013-09-19 15:41 - 2013-06-24 12:49 - 00000000 ____D C:\Documents and Settings\Eigenaar\Application Data\Real
2013-09-19 15:14 - 2013-03-24 13:26 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-09-19 15:14 - 2013-03-24 13:26 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys

Some content of TEMP:
====================
C:\Documents and Settings\Bezoekers\Local Settings\Temp\htmlayout.dll
C:\Documents and Settings\Bezoekers\Local Settings\Temp\tmpB6.exe
C:\Documents and Settings\Bezoekers\Local Settings\Temp\tmpBA.exe
C:\Documents and Settings\Bezoekers\Local Settings\Temp\tmpC7.exe
C:\Documents and Settings\Bezoekers\Local Settings\Temp\tmpCC.exe
C:\Documents and Settings\Bezoekers\Local Settings\Temp\tmpD2.exe
C:\Documents and Settings\Bezoekers\Local Settings\Temp\tmpD7.exe
C:\Documents and Settings\Eigenaar\Local Settings\Temp\Checkupdate.exe
C:\Documents and Settings\Eigenaar\Local Settings\Temp\Foxit Reader Updater.exe
C:\Documents and Settings\Eigenaar\Local Settings\Temp\gcapi_dll.dll
C:\Documents and Settings\Eigenaar\Local Settings\Temp\gtapi_signed.dll
C:\Documents and Settings\Eigenaar\Local Settings\Temp\lowproc.exe
C:\Documents and Settings\Eigenaar\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Eigenaar\Local Settings\Temp\stubhelper.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2012-02-15 17:06] - [2012-02-15 17:06] - 1037312 ____A (Microsoft Corporation) 36f3cc7ae034b88e1770cda56d082b4f

C:\Windows\System32\winlogon.exe
[2008-04-14 23:33] - [2008-04-14 23:33] - 0510464 ____A (Microsoft Corporation) 1247d4d5444e28519bbe31be8ab4c029

C:\Windows\System32\svchost.exe
[2008-04-14 23:33] - [2008-04-14 23:33] - 0014336 ____A (Microsoft Corporation) e410ec73e2be2a41d923b006f51c8427

C:\Windows\System32\services.exe
[2012-02-15 17:06] - [2012-02-15 17:06] - 0111104 ____A (Microsoft Corporation) d98a222a707ffe40043e533fe7a6ba24

C:\Windows\System32\User32.dll
[2008-04-14 23:32] - [2008-04-14 23:32] - 0580096 ____A (Microsoft Corporation) 4cf588d2f2363b73eb4af57967d46dff

C:\Windows\System32\userinit.exe
[2008-04-14 23:33] - [2008-04-14 23:33] - 0026112 ____A (Microsoft Corporation) 6818a533ed3b2fa9936df3daf45352df

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 23:03] - [2008-04-14 23:03] - 0053504 ____A (Microsoft Corporation) 8ab662b3c4691e6ddf61c96bb5b7d103


==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2013
Ran by Eigenaar at 2013-10-16 18:09:23
Running from C:\Documents and Settings\Eigenaar\Bureaublad
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Avira Free Antivirus (Version: 13.0.0.4042)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2722913) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2797052) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2809289) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2829530) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2838727) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2846071) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2847204) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2870699) (Version: 1)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2879017) (Version: 1)
Beveiligingsupdate voor Windows Media Player (KB2834904)
Beveiligingsupdate voor Windows Media Player (KB2834904-v2)
Beveiligingsupdate voor Windows XP (KB2727528) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2753842-v2) (Version: 2)
Beveiligingsupdate voor Windows XP (KB2757638) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2758857) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2770660) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2778344) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2780091) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2799494) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2802968) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2807986) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2813170) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2820197) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2820917) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2829361) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2834886) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2839229) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2845187) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2847311) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2849470) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2850851) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2850869) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2859537) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2862330) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2862335) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2864063) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2876217) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2876315) (Version: 1)
Beveiligingsupdate voor Windows XP (KB2883150) (Version: 1)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.06)
Defraggler (Version: 2.15)
FileHippo.com Update Checker
Foxit Reader (Version: 6.0.6.722)
Google Chrome (Version: 30.0.1599.69)
Hotfix voor Windows XP (KB2779562) (Version: 1)
Intel® Extreme Graphics Driver
Intel® PRO Ethernet Adapter and Software
iTunes (Version: 11.1.1.11)
Junk Mail filter update (Version: 14.0.8117.416)
Malwarebytes Anti-Malware versie 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Dutch Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - NLD (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - NLD (Version: 3.2.30729)
Microsoft .NET Framework 3.5 Language Pack SP1 - nld (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile NLD Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 24.0 (x86 nl) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0.1)
Mozilla Thunderbird 24.0.1 (x86 en-US) (Version: 24.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
QuickTime (Version: 7.74.80.86)
RealDownloader (Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.3)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.95 (Version: 1.95)
Samsung Kies (Version: 2.5.3.13043_14)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
Segoe UI (Version: 14.0.4327.805)
SigmaTel C-Major Audio
SiSoftware Sandra Lite 2013.SP6 (Version: 19.66.2013.10)
SkypeÖ 6.9 (Version: 6.9.106)
Speccy (Version: 1.23)
System Requirements Lab for Intel (Version: 4.5.13.0)
Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (Version: 4.0.30319)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update voor Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update voor Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update voor Windows XP (KB2661254-v2) (Version: 2)
Update voor Windows XP (KB2749655) (Version: 1)
Update voor Windows XP (KB2808679) (Version: 1)
Update voor Windows XP (KB2863058) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Winamp (Version: 5.7 Beta)
Winamp Applicatie Detect (HKCU Version: 1.0.0.1)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live - Hulpprogramma voor uploaden (Version: 14.0.8014.1029)
Windows Live aanmeldhulp (Version: 5.000.818.5)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Management Framework Core
WinRAR 4.20 (32-bit) (Version: 4.20.0)
WOT for Internet Explorer (Version: 12.8.2.0)
XML Paper Specification Shared Components Language Pack 1.0

==================== Restore Points =========================

22-07-2013 10:13:38 Controlepunt van systeem
23-07-2013 11:31:56 Controlepunt van systeem
24-07-2013 11:52:37 Controlepunt van systeem
26-07-2013 07:40:59 Controlepunt van systeem
29-07-2013 08:00:55 Controlepunt van systeem
30-07-2013 11:27:01 Controlepunt van systeem
31-07-2013 12:02:34 Controlepunt van systeem
24-08-2013 23:07:23 Controlepunt van systeem
19-09-2013 13:43:53 Software Distribution Service 3.0
19-09-2013 14:31:52 Software Distribution Service 3.0
23-09-2013 09:01:46 Controlepunt van systeem
24-09-2013 09:26:08 Controlepunt van systeem
24-09-2013 12:23:14 Installed Samsung Kies
25-09-2013 12:25:05 Controlepunt van systeem
06-10-2013 12:10:10 Controlepunt van systeem
06-10-2013 12:54:38 Printerstuurprogramma Foxit Reader PDF Printer is ge´nstalleerd
08-10-2013 07:27:57 Controlepunt van systeem
09-10-2013 08:18:26 Controlepunt van systeem
10-10-2013 10:23:14 Controlepunt van systeem
11-10-2013 10:01:02 Software Distribution Service 3.0
13-10-2013 11:20:35 Software Distribution Service 3.0
16-10-2013 07:20:14 Controlepunt van systeem
16-10-2013 15:39:16 OTL Restore Point - 16-10-2013 17:39:07

==================== Hosts content: ==========================

2004-08-04 14:00 - 2004-08-04 14:00 - 00000776 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1614895754-879983540-1606980848-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1614895754-879983540-1606980848-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{D00FDB6F-8963-405A-804E-BB510CC46110}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2013-03-24 13:26 - 2013-03-24 13:17 - 00397704 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-13 13:04 - 2013-10-13 13:04 - 01892352 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.UI\2e5b40e22d54b43afc114be55e432841\Kies.UI.ni.dll
2013-09-24 14:42 - 2013-09-24 14:42 - 00079360 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\8a7f8d009ea559fc9f3e864e013205c8\Kies.MVVM.ni.dll
2013-09-24 14:44 - 2013-09-24 14:44 - 00080896 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ZipStore\3a2ea444aa16a449759bd64ef15ee047\ZipStore.ni.dll
2013-09-24 14:44 - 2013-09-24 14:44 - 00187904 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1921c5cb9941147f2954c22668bd2c81\Kies.Common.DeviceServiceLib.Interface.ni.dll
2013-10-13 13:07 - 2013-10-13 13:07 - 00351232 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePhoto\d4322605567d0ef641d74421a2dc03cb\DevicePhoto.ni.dll
2013-10-13 13:07 - 2013-10-13 13:07 - 00295936 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceVideo\c7a355ff12bdc431ceb4c39e608a25dd\DeviceVideo.ni.dll
2013-10-13 13:07 - 2013-10-13 13:07 - 00610816 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePodcast\4526c5f66f4d58cba3b8f6e8b3483c68\DevicePodcast.ni.dll
2013-09-25 09:38 - 2013-09-25 09:38 - 00307200 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\2b32fa32c886281edf5660ded3a3ca3c\DummyStorePlugin.ni.dll
2013-09-25 09:38 - 2013-09-25 09:38 - 17554944 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Theme\e4751f9b36b2c6508c16b10ce5320e22\Kies.Theme.ni.dll
2013-10-13 13:06 - 2013-10-13 13:06 - 00580096 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\2393f816a9726a97672c9132b70d5090\Kies.Common.DeviceServiceLib.FileService.ni.dll
2013-09-24 14:44 - 2013-09-24 14:44 - 00045568 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a6e94a63e686f47fb77e19d97d5f2045\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
2013-10-13 13:06 - 2013-10-13 13:06 - 00995328 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\3e604491264f523924f0089a87190472\DeviceCommonLib.ni.dll
2013-09-24 14:47 - 2013-09-24 14:47 - 00232960 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\6c2268d21092027249488bb1b5b0b75f\ASF_cSharpAPI.ni.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/16/2013 04:19:10 PM) (Source: Application Hang) (User: )
Description: Fout-bucket -1107784495.

Error: (10/16/2013 04:17:37 PM) (Source: Application Hang) (User: )
Description: Vastgelopen toepassing: KiesAirMessage.exe, versie: 1.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

Error: (10/16/2013 10:51:00 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17875

Error: (10/16/2013 10:51:00 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17875

Error: (10/16/2013 10:51:00 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/15/2013 11:10:38 AM) (Source: Application Hang) (User: )
Description: Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

Error: (10/15/2013 11:10:37 AM) (Source: Application Hang) (User: )
Description: Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

Error: (10/15/2013 11:09:05 AM) (Source: Application Hang) (User: )
Description: Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

Error: (10/15/2013 11:09:05 AM) (Source: Application Hang) (User: )
Description: Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

Error: (10/15/2013 11:09:05 AM) (Source: Application Hang) (User: )
Description: Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.


System errors:
=============
Error: (10/16/2013 04:16:30 PM) (Source: Service Control Manager) (User: )
Description: De iPod-service-service kan vanwege de volgende fout niet worden gestart:
%%1053

Error: (10/16/2013 04:16:29 PM) (Source: Service Control Manager) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: iPod-service.

Error: (10/16/2013 04:15:59 PM) (Source: DCOM) (User: EIGENAAR-PC)
Description: DCOM kreeg foutmelding '%%1053' bij het starten van de iPod Service-service met de argumenten ''
om de server
{063D34A4-BF84-4B8D-B699-E8CA06504DDE} te starten

Error: (10/15/2013 11:27:48 AM) (Source: Service Control Manager) (User: )
Description: De Avira Web Protection-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 0 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (10/15/2013 10:06:03 AM) (Source: Service Control Manager) (User: )
Description: De COM-service voor IMAPI cd-branders-service kan vanwege de volgende fout niet worden gestart:
%%1053

Error: (10/15/2013 10:06:02 AM) (Source: Service Control Manager) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: COM-service voor IMAPI cd-branders.

Error: (10/14/2013 00:59:17 PM) (Source: Service Control Manager) (User: )
Description: De Avira Web Protection-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 0 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (10/13/2013 05:22:48 PM) (Source: Service Control Manager) (User: )
Description: De volgende opstartstuurprogramma's zijn niet geladen:
IntelIde

Error: (10/13/2013 05:21:52 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (10/13/2013 02:04:30 PM) (Source: Service Control Manager) (User: )
Description: De Avira Web Protection-service is afhankelijk van de Avira Real-Time Protection-service, die vanwege de volgende fout niet kan worden gestart:
%%1070


Microsoft Office Sessions:
=========================
Error: (10/16/2013 04:19:10 PM) (Source: Application Hang)(User: )
Description: -1107784495

Error: (10/16/2013 04:17:37 PM) (Source: Application Hang)(User: )
Description: KiesAirMessage.exe1.0.0.0hungapp0.0.0.000000000

Error: (10/16/2013 10:51:00 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17875

Error: (10/16/2013 10:51:00 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17875

Error: (10/16/2013 10:51:00 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/15/2013 11:10:38 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (10/15/2013 11:10:37 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (10/15/2013 11:09:05 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (10/15/2013 11:09:05 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (10/15/2013 11:09:05 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


==================== Memory info ===========================

Percentage of memory in use: 48%
Total physical RAM: 503.48 MB
Available physical RAM: 258.94 MB
Total Pagefile: 1230.27 MB
Available Pagefile: 729.56 MB
Total Virtual: 2047.88 MB
Available Virtual: 1951.06 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:38.28 GB) (Free:14.01 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Data) (Fixed) (Total:38.28 GB) (Free:38.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 38 GB) (Disk ID: 310C4F55)
Partition 1: (Active) - (Size=38 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 38 GB) (Disk ID: E3643620)
Partition 1: (Active) - (Size=38 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Better order two hard drives. This one is worse than the other one tho I don't see that it is complaining about the file system like the other one.

S.M.A.R.T
Status Warning

03 Spin-Up Time 219 (219) Data 0000002BD6
04 Start/Stop Count 253 (253) Data 000000078B
05 Reallocated Sectors Count 239 (239) Data 000000004A

08 Seek Time Performance 248 (241) Data 0000008FF3

C0 Power-off Retract Count 252 (252) Data 0000000729
C1 Load/Unload Cycle Count 252 (252) Data 00000015A3

C3 Hardware ECC Recovered 253 (252) Data 000000174A
C4 Reallocation Event Count 252 (252) Data 0000000001

C7 UltraDMA CRC Error Count 184 (127) Data 0000000048

Just to make sure let's run a chkdsk on this one too:

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.

The disk check will run and will probably take an hour or more to finish.


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Since Avira is having problems let's run Combofix and TDSSKiller:

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Double click on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe and to start the program.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.
  • 0

#8
Admirgency

Admirgency

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts

Better order two hard drives. This one is worse than the other one tho I don't see that it is complaining about the file system like the other one.

That's not gonna happen. Would it be worth it 5 months before XP retires? Maybe i can use HD's from a battery of old computers we have lingering around (becouse i didn't have time to check them - they need to be checked here at GeeksToGo as well), or otherwise the project where we recieved all those computers from might have some extra.

Maybe the State Secretary can get you a new hard drive? ;)

Well, back in the late 80's and early 90's, when i was boardmember for a project for psychiatrical patients, i did manage to get new computers and software + old tekstprocessors from resp. the Ministers of Healthcare and Finance. Backthen our single project was an example for our country. But now our complete city was example, together with various other cities. Between all Big Bobo's there was no time to ask such a personal question, despite "meaningless" me getting a lot more speach-time then my boss had planned. Tried to warn him but he would not listen, he may outline a plan but in the end it's the State Secratary herself who plans her agenda. Pitty becouse now his wife didn't get an invitation at all while she is the next best after the death of our towns "Grandmother of leftwing politics" and our towns "Grandfather of social projects".

To get back to this computer :
All downloads and scans went well. Should i also run chkdsk for D:\partition (ment for Data-back-up but never used)?
TDSS-killer-link was an old version that needed an update with a zipped file, i don't think that posed a problem but i am not entirely sure. TDSS-killer didn't find any threat.

Vino's Event Viewer v01c run on Windows XP in Dutch
Report run at 21/10/2013 10:36:15

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Fout Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Waarschuwing Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 21/10/2013 10:29:00
Type: Waarschuwing Category: 0
Event: 18 Source: avgntflt
TIMEOUT<svchost.exe> C:\WINDOWS\system32\wuapi.dll

Log: 'System' Date/Time: 21/10/2013 10:28:28
Type: Waarschuwing Category: 0
Event: 18 Source: avgntflt
TIMEOUT<Kies.exe> C:\...iceProcess.resources.dll



Vino's Event Viewer v01c run on Windows XP in Dutch
Report run at 21/10/2013 10:37:45

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Fout Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Waarschuwing Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 21/10/2013 9:50:35
Type: Waarschuwing Category: 0
Event: 1517 Source: Userenv
Windows heeft het register van gebruiker EIGENAAR-PC\Eigenaar opgeslagen hoewel een toepassing of service tijdens de afmelding van het register gebruikmaakte. Het geheugen voor het register is niet volledig beschikbaar. Het register wordt uit het register verwijderd wanneer het niet langer in gebruik is. Dit wordt mogelijk veroorzaakt door services die als een gebruikersaccount actief zijn. Probeer om de services zodanig te configureren dat deze als LocalService- of NetworkService-account worden gestart.




ComboFix 13-10-19.02 - Eigenaar 21-10-2013 10:52:12.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.503.334 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\21okt2013-9-ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-09-21 to 2013-10-21 ))))))))))))))))))))))))))))))
.
.
2013-10-16 16:07 . 2013-10-16 16:07 -------- d-----w- C:\FRST
2013-10-16 15:29 . 2013-10-16 15:29 -------- d-----w- c:\program files\Speccy
2013-10-16 14:19 . 2013-10-16 14:19 -------- d-----w- c:\windows\ERUNT
2013-10-16 13:57 . 2013-10-16 14:07 -------- d-----w- C:\AdwCleaner
2013-10-13 12:52 . 2013-10-13 12:52 -------- d-----w- c:\program files\VS Revo Group
2013-10-11 08:00 . 2013-07-03 02:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2013-10-11 08:00 . 2013-07-03 01:59 14976 -c----w- c:\windows\system32\dllcache\usbscan.sys
2013-10-11 07:56 . 2013-08-09 00:55 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2013-10-11 07:56 . 2009-03-18 11:02 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2013-10-06 12:53 . 2013-06-09 19:59 216064 ----a-w- c:\windows\system32\gcapi_dll.dll
2013-10-06 11:16 . 2013-10-06 11:16 -------- d-----w- c:\program files\iPod
2013-10-06 11:15 . 2013-10-06 11:18 -------- d-----w- c:\documents and settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-10-06 11:15 . 2013-10-06 11:18 -------- d-----w- c:\program files\iTunes
2013-09-24 12:34 . 2013-09-24 12:34 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\Samsung
2013-09-24 12:34 . 2013-09-24 12:34 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Samsung
2013-09-24 12:33 . 2008-04-14 21:32 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2013-09-24 12:31 . 2013-06-21 00:07 181912 ----a-w- c:\windows\system32\drivers\ssudserd.sys
2013-09-24 12:31 . 2013-06-21 00:07 181912 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-09-24 12:31 . 2013-06-21 00:07 84248 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-09-24 12:25 . 2013-04-18 17:08 4659712 ----a-w- c:\windows\system32\Redemption.dll
2013-09-24 12:24 . 2013-04-18 17:06 821824 ----a-w- c:\windows\system32\dgderapi.dll
2013-09-24 12:24 . 2013-04-18 17:06 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2013-09-24 12:24 . 2013-04-18 17:06 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2013-09-24 12:23 . 2013-09-24 12:29 -------- d-----w- c:\program files\Samsung
2013-09-24 12:23 . 2013-09-24 12:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Samsung
2013-09-24 12:22 . 2013-09-24 12:22 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\Downloaded Installations
2013-09-24 11:41 . 2013-08-09 00:55 32384 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2013-09-24 11:41 . 2013-08-09 00:55 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-10 08:34 . 2012-09-18 10:38 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-10 08:34 . 2012-02-15 15:07 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-23 18:25 . 2012-02-15 15:07 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:25 . 2008-04-14 21:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:25 . 2008-04-14 21:32 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-09-23 18:25 . 2008-04-14 21:32 18944 ----a-w- c:\windows\system32\corpol.dll
2013-09-23 18:07 . 2012-02-15 15:06 385024 ----a-w- c:\windows\system32\html.iec
2013-09-19 16:49 . 2013-06-24 10:51 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-09-19 16:49 . 2013-06-24 10:51 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-09-19 13:14 . 2013-03-24 11:26 88840 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-09-19 13:14 . 2013-03-24 11:26 136672 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-08-29 07:01 . 2012-02-15 15:07 1878784 ----a-w- c:\windows\system32\win32k.sys
2013-08-09 01:56 . 2008-04-14 21:32 391168 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55 . 2012-02-15 15:06 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55 . 2004-08-04 12:00 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-05 13:30 . 2012-02-15 15:06 1289216 ----a-w- c:\windows\system32\ole32.dll
2013-08-02 23:48 . 2012-02-15 15:07 1543680 ----a-w- c:\windows\system32\wmvdecod.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-12-09 . 9011D64E9090247C04EE767ED6C7B4BE . 739328 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll
.
[-] 2012-02-15 . 660868E1371697C652CFC9C1CB98B371 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-04-23 1561968]
"KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2013-07-18 578560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2002-12-13 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2002-12-13 114688]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-09-19 347192]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-10-01 152392]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2013-08-22 84576]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-09-19 295512]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2013.SP4\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2013.SP4\\RpcAgentSrv.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [24-3-2013 13:26 37352]
R2 AntiVirSchedulerService;Avira Planner;c:\program files\Avira\AntiVir Desktop\sched.exe [24-3-2013 13:26 84024]
R2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [24-3-2013 13:26 815160]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [14-8-2013 15:19 39056]
R3 STAC97NA;SigmaTel 3D Environmental Audio;c:\windows\system32\drivers\stac97na.sys [7-7-2002 13:53 296179]
R3 STAC97NH;STAC97NH;c:\windows\system32\drivers\stac97nh.sys [7-7-2002 13:52 231983]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5-9-2013 10:34 171680]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2-6-2011 10:08 11336]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [24-9-2013 14:31 84248]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe [24-6-2013 12:38 71832]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [24-9-2013 14:31 181912]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudserd.sys [24-9-2013 14:31 181912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-20 09:12 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-10-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-18 08:34]
.
2013-07-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2013-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-24 16:03]
.
2013-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-24 16:03]
.
2013-10-21 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1614895754-879983540-1606980848-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2013-10-16 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1614895754-879983540-1606980848-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2013-10-21 c:\windows\Tasks\User_Feed_Synchronization-{D00FDB6F-8963-405A-804E-BB510CC46110}.job
- c:\windows\system32\msfeedssync.exe [2012-09-18 02:31]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.bing.com/
uInternet Settings,ProxyOverride = *.local
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.23.1
FF - ProfilePath - c:\documents and settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl)
FF - ExtSQL: 2013-09-19 18:53; {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}; c:\documents and settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
.
- - - - ORPHANS VERWIJDERD - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\Ask.com\GenericAskToolbar.dll
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-10-21 11:05
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5b,73,fc,14,5c,80,d8,45,a7,b0,41,\
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5b,73,fc,14,5c,80,d8,45,a7,b0,41,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'lsass.exe'(688)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
- - - - - - - > 'explorer.exe'(3992)
c:\windows\system32\msi.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
Voltooingstijd: 2013-10-21 11:08:33
ComboFix-quarantined-files.txt 2013-10-21 09:08
.
Pre-Run: 16.400.355.328 bytes beschikbaar
Post-Run: 17.729.323.008 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - E087CD7B692414A7FE1AE6151756CC49
3051207086651214E435112E51817DC5



ComboFix 13-10-19.02 - Eigenaar 21-10-2013 10:52:12.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.503.334 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\21okt2013-9-ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-09-21 to 2013-10-21 ))))))))))))))))))))))))))))))
.
.
2013-10-16 16:07 . 2013-10-16 16:07 -------- d-----w- C:\FRST
2013-10-16 15:29 . 2013-10-16 15:29 -------- d-----w- c:\program files\Speccy
2013-10-16 14:19 . 2013-10-16 14:19 -------- d-----w- c:\windows\ERUNT
2013-10-16 13:57 . 2013-10-16 14:07 -------- d-----w- C:\AdwCleaner
2013-10-13 12:52 . 2013-10-13 12:52 -------- d-----w- c:\program files\VS Revo Group
2013-10-11 08:00 . 2013-07-03 02:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2013-10-11 08:00 . 2013-07-03 01:59 14976 -c----w- c:\windows\system32\dllcache\usbscan.sys
2013-10-11 07:56 . 2013-08-09 00:55 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2013-10-11 07:56 . 2009-03-18 11:02 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2013-10-06 12:53 . 2013-06-09 19:59 216064 ----a-w- c:\windows\system32\gcapi_dll.dll
2013-10-06 11:16 . 2013-10-06 11:16 -------- d-----w- c:\program files\iPod
2013-10-06 11:15 . 2013-10-06 11:18 -------- d-----w- c:\documents and settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-10-06 11:15 . 2013-10-06 11:18 -------- d-----w- c:\program files\iTunes
2013-09-24 12:34 . 2013-09-24 12:34 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\Samsung
2013-09-24 12:34 . 2013-09-24 12:34 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Samsung
2013-09-24 12:33 . 2008-04-14 21:32 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2013-09-24 12:31 . 2013-06-21 00:07 181912 ----a-w- c:\windows\system32\drivers\ssudserd.sys
2013-09-24 12:31 . 2013-06-21 00:07 181912 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-09-24 12:31 . 2013-06-21 00:07 84248 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-09-24 12:25 . 2013-04-18 17:08 4659712 ----a-w- c:\windows\system32\Redemption.dll
2013-09-24 12:24 . 2013-04-18 17:06 821824 ----a-w- c:\windows\system32\dgderapi.dll
2013-09-24 12:24 . 2013-04-18 17:06 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2013-09-24 12:24 . 2013-04-18 17:06 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2013-09-24 12:23 . 2013-09-24 12:29 -------- d-----w- c:\program files\Samsung
2013-09-24 12:23 . 2013-09-24 12:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Samsung
2013-09-24 12:22 . 2013-09-24 12:22 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\Downloaded Installations
2013-09-24 11:41 . 2013-08-09 00:55 32384 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2013-09-24 11:41 . 2013-08-09 00:55 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-10 08:34 . 2012-09-18 10:38 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-10 08:34 . 2012-02-15 15:07 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-23 18:25 . 2012-02-15 15:07 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:25 . 2008-04-14 21:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:25 . 2008-04-14 21:32 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-09-23 18:25 . 2008-04-14 21:32 18944 ----a-w- c:\windows\system32\corpol.dll
2013-09-23 18:07 . 2012-02-15 15:06 385024 ----a-w- c:\windows\system32\html.iec
2013-09-19 16:49 . 2013-06-24 10:51 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-09-19 16:49 . 2013-06-24 10:51 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-09-19 13:14 . 2013-03-24 11:26 88840 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-09-19 13:14 . 2013-03-24 11:26 136672 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-08-29 07:01 . 2012-02-15 15:07 1878784 ----a-w- c:\windows\system32\win32k.sys
2013-08-09 01:56 . 2008-04-14 21:32 391168 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55 . 2012-02-15 15:06 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55 . 2004-08-04 12:00 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-05 13:30 . 2012-02-15 15:06 1289216 ----a-w- c:\windows\system32\ole32.dll
2013-08-02 23:48 . 2012-02-15 15:07 1543680 ----a-w- c:\windows\system32\wmvdecod.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-12-09 . 9011D64E9090247C04EE767ED6C7B4BE . 739328 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll
.
[-] 2012-02-15 . 660868E1371697C652CFC9C1CB98B371 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-04-23 1561968]
"KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2013-07-18 578560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2002-12-13 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2002-12-13 114688]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-09-19 347192]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-10-01 152392]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2013-08-22 84576]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-09-19 295512]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2013.SP4\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2013.SP4\\RpcAgentSrv.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [24-3-2013 13:26 37352]
R2 AntiVirSchedulerService;Avira Planner;c:\program files\Avira\AntiVir Desktop\sched.exe [24-3-2013 13:26 84024]
R2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [24-3-2013 13:26 815160]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [14-8-2013 15:19 39056]
R3 STAC97NA;SigmaTel 3D Environmental Audio;c:\windows\system32\drivers\stac97na.sys [7-7-2002 13:53 296179]
R3 STAC97NH;STAC97NH;c:\windows\system32\drivers\stac97nh.sys [7-7-2002 13:52 231983]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5-9-2013 10:34 171680]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2-6-2011 10:08 11336]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [24-9-2013 14:31 84248]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe [24-6-2013 12:38 71832]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [24-9-2013 14:31 181912]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudserd.sys [24-9-2013 14:31 181912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-20 09:12 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-10-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-18 08:34]
.
2013-07-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2013-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-24 16:03]
.
2013-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-24 16:03]
.
2013-10-21 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1614895754-879983540-1606980848-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2013-10-16 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1614895754-879983540-1606980848-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]
.
2013-10-21 c:\windows\Tasks\User_Feed_Synchronization-{D00FDB6F-8963-405A-804E-BB510CC46110}.job
- c:\windows\system32\msfeedssync.exe [2012-09-18 02:31]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.bing.com/
uInternet Settings,ProxyOverride = *.local
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.23.1
FF - ProfilePath - c:\documents and settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl)
FF - ExtSQL: 2013-09-19 18:53; {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}; c:\documents and settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
.
- - - - ORPHANS VERWIJDERD - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\Ask.com\GenericAskToolbar.dll
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-10-21 11:05
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5b,73,fc,14,5c,80,d8,45,a7,b0,41,\
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5b,73,fc,14,5c,80,d8,45,a7,b0,41,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'lsass.exe'(688)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
- - - - - - - > 'explorer.exe'(3992)
c:\windows\system32\msi.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
Voltooingstijd: 2013-10-21 11:08:33
ComboFix-quarantined-files.txt 2013-10-21 09:08
.
Pre-Run: 16.400.355.328 bytes beschikbaar
Post-Run: 17.729.323.008 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - E087CD7B692414A7FE1AE6151756CC49
3051207086651214E435112E51817DC5




11:14:01.0071 0x0c68 TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
11:14:08.0071 0x0c68 ============================================================
11:14:08.0071 0x0c68 Current date / time: 2013/10/21 11:14:08.0071
11:14:08.0071 0x0c68 SystemInfo:
11:14:08.0071 0x0c68
11:14:08.0071 0x0c68 OS Version: 5.1.2600 ServicePack: 3.0
11:14:08.0071 0x0c68 Product type: Workstation
11:14:08.0071 0x0c68 ComputerName: EIGENAAR-PC
11:14:08.0071 0x0c68 UserName: Eigenaar
11:14:08.0071 0x0c68 Windows directory: C:\WINDOWS
11:14:08.0071 0x0c68 System windows directory: C:\WINDOWS
11:14:08.0071 0x0c68 Processor architecture: Intel x86
11:14:08.0071 0x0c68 Number of processors: 1
11:14:08.0071 0x0c68 Page size: 0x1000
11:14:08.0071 0x0c68 Boot type: Normal boot
11:14:08.0071 0x0c68 ============================================================
11:14:12.0321 0x0c68 System UUID: {77951915-F645-20AC-BC98-643446366373}
11:14:13.0243 0x0c68 Drive \Device\Harddisk0\DR0 - Size: 0x9924A7E00 (38.29 Gb), SectorSize: 0x200, Cylinders: 0x1385, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:14:13.0258 0x0c68 Drive \Device\Harddisk1\DR1 - Size: 0x9924A7E00 (38.29 Gb), SectorSize: 0x200, Cylinders: 0x1385, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:14:13.0258 0x0c68 ============================================================
11:14:13.0258 0x0c68 \Device\Harddisk0\DR0:
11:14:13.0258 0x0c68 MBR partitions:
11:14:13.0258 0x0c68 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4C8ED06
11:14:13.0258 0x0c68 \Device\Harddisk1\DR1:
11:14:13.0258 0x0c68 MBR partitions:
11:14:13.0258 0x0c68 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4C8ED06
11:14:13.0258 0x0c68 ============================================================
11:14:13.0290 0x0c68 C: <-> \Device\Harddisk0\DR0\Partition1
11:14:13.0305 0x0c68 D: <-> \Device\Harddisk1\DR1\Partition1
11:14:13.0305 0x0c68 ============================================================
11:14:13.0305 0x0c68 Initialize success
11:14:13.0305 0x0c68 ============================================================
11:14:20.0211 0x0950 ============================================================
11:14:20.0211 0x0950 Scan started
11:14:20.0211 0x0950 Mode: Manual;
11:14:20.0211 0x0950 ============================================================
11:14:20.0211 0x0950 KSN ping started
11:14:23.0211 0x0950 KSN ping finished: true
11:14:24.0024 0x0950 ================ Scan system memory ========================
11:14:24.0024 0x0950 System memory - ok
11:14:24.0040 0x0950 ================ Scan services =============================
11:14:24.0336 0x0950 Abiosdsk - ok
11:14:24.0430 0x0950 [ 02273A448BA21A7D447DAEB47810D40C, 1CB409BE2648ECA04A128230C6DADEA3ADA0720E24BA3BA9267D09751972E519 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:14:24.0430 0x0950 ACPI - ok
11:14:24.0618 0x0950 [ 63F517B1A87DABF3F5ACB8A7952FC1D1, 9A08759B9E02509D47FDCEF47C3B8E9081E687D7931D56672A6285E8C3520185 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:14:24.0618 0x0950 ACPIEC - ok
11:14:24.0727 0x0950 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:14:24.0743 0x0950 AdobeFlashPlayerUpdateSvc - ok
11:14:24.0821 0x0950 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:14:24.0821 0x0950 aec - ok
11:14:24.0899 0x0950 [ F6B7B1ECD7B41736BDB6FF4B092BCB79, B892C7303E08238C025409D602CB2F58D273B19B81CF04E26EA52A27EE7706DB ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:14:24.0899 0x0950 AFD - ok
11:14:24.0946 0x0950 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49, ED4EE32A51C7650FB20D10765ADB01B8743228B6BC712D4509571947BAC3AC58 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:14:24.0946 0x0950 Alerter - ok
11:14:24.0993 0x0950 [ DAB2A89FDE5CF791161200D90C1BCB12, 7F14CE7C85CDD5944134CC97A9B3AA0E7A0724D6D7A3DB3E0F68A4E9A1FE1446 ] ALG C:\WINDOWS\System32\alg.exe
11:14:24.0993 0x0950 ALG - ok
11:14:25.0024 0x0950 AliIde - ok
11:14:25.0180 0x0950 [ 27C31F89693EFA9BAEFA0F1A38538BA5, 6DF0497A3A3508B513F02349D345C90D03ECE98FCD6E484E17F15043AFFF2D10 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:14:25.0180 0x0950 AntiVirSchedulerService - ok
11:14:25.0243 0x0950 [ A6E8FEE22D8A9162D1A93EB90407DC82, 370CC9405E11D4777ACFE9B44A983F96C59A0D8946E17C0D10AEA5F2A57AB441 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:14:25.0243 0x0950 AntiVirService - ok
11:14:25.0352 0x0950 [ 404BB7290836DBD9A3BD3ACD6145FF34, 23CA441A096666183337B2A4828A0C0C59F95D8E2DBF99F75FECBCA7D00356B0 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
11:14:25.0383 0x0950 AntiVirWebService - ok
11:14:25.0524 0x0950 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:14:25.0524 0x0950 Apple Mobile Device - ok
11:14:25.0555 0x0950 AppMgmt - ok
11:14:25.0711 0x0950 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:14:25.0711 0x0950 aspnet_state - ok
11:14:25.0774 0x0950 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:14:25.0774 0x0950 AsyncMac - ok
11:14:25.0836 0x0950 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:14:25.0836 0x0950 atapi - ok
11:14:25.0852 0x0950 Atdisk - ok
11:14:25.0883 0x0950 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:14:25.0883 0x0950 Atmarpc - ok
11:14:25.0915 0x0950 [ F10745ED3195360E69AA4A6E7768C0E0, 0D8F285AA9AAB23EBF6BFCCDD631134BBFC479790984B8A728D3B1C988AD3F15 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:14:25.0915 0x0950 AudioSrv - ok
11:14:25.0977 0x0950 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:14:25.0977 0x0950 audstub - ok
11:14:26.0055 0x0950 [ 40A34E457431625086F7E161E59A0528, ACB271F16F457173590E0563BEC6EE88A1154E8D369BB18C94D01AF492B99CC5 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
11:14:26.0055 0x0950 avgntflt - ok
11:14:26.0102 0x0950 [ F260F2EE3D21D00BEC0B08068E27BADB, 5E7BC4E54013AFB57FFF8B002B16CE7DC3F2CAB090D72D0C8EB6A403853AD180 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
11:14:26.0102 0x0950 avipbb - ok
11:14:26.0133 0x0950 [ CB8741CD7B126499FED40C9B197F6AC5, F682820A20CED26CD2E6A2531C721DB8985BCC1A03582BC54A706E9AA1A8B615 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
11:14:26.0133 0x0950 avkmgr - ok
11:14:26.0196 0x0950 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:14:26.0211 0x0950 Beep - ok
11:14:26.0290 0x0950 [ 5C0073A51C4873430FA8B262E92183FF, DE035B8F5BDCA347CBB753FE5B731CE41D4C1C49E7091BD90548B8A9C0A1D073 ] BITS C:\WINDOWS\system32\qmgr.dll
11:14:26.0305 0x0950 BITS - ok
11:14:26.0446 0x0950 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:14:26.0461 0x0950 Bonjour Service - ok
11:14:26.0555 0x0950 [ 307DC67231986A9552FA515F1233C1AB, 66B80F1AB210313607829DDB04A0B30EF91159CB0BD50E81ED26C0A5CB22E38C ] Browser C:\WINDOWS\System32\browser.dll
11:14:26.0555 0x0950 Browser - ok
11:14:26.0727 0x0950 catchme - ok
11:14:26.0774 0x0950 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:14:26.0774 0x0950 Cdaudio - ok
11:14:26.0836 0x0950 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:14:26.0852 0x0950 Cdfs - ok
11:14:26.0915 0x0950 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:14:26.0930 0x0950 Cdrom - ok
11:14:26.0946 0x0950 Changer - ok
11:14:26.0977 0x0950 [ BD85400700B80FBE3D4A3412BCE74861, 78419D94EEDD5C6C82A09425DADA30347D47897D40090E65970DB54F106E014F ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:14:26.0977 0x0950 CiSvc - ok
11:14:27.0008 0x0950 [ 4FB6108130829666C8FE96B442FEAD94, 9811037E2A195C05B442F928C4E95FDD1AF249461527269ED8508116A18DBF28 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:14:27.0024 0x0950 ClipSrv - ok
11:14:27.0102 0x0950 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:14:27.0102 0x0950 clr_optimization_v2.0.50727_32 - ok
11:14:27.0211 0x0950 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:14:27.0227 0x0950 clr_optimization_v4.0.30319_32 - ok
11:14:27.0243 0x0950 CmdIde - ok
11:14:27.0258 0x0950 COMSysApp - ok
11:14:27.0321 0x0950 [ D01F685F8B4598D144B0CCE9FF95D8D5, A68EF814CDBD7291DEF4745FE14D5080041BD3275AB12629C7811506AF2B8E17 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
11:14:27.0321 0x0950 cpudrv - ok
11:14:27.0368 0x0950 [ 0A9CF5D3CF63A8699F28C814EF821C7E, D6F09CABB25E557023312EE9921CCC35096B7B36C6A95A520D7514C33F70FCB2 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:14:27.0368 0x0950 CryptSvc - ok
11:14:27.0461 0x0950 [ D8D28F6CABEC7D42B8E487E290563B9A, 620FC20797581CDF4BF3ADF6D13F0904F4EA4C118510815F740E0B6E3ED6FE93 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:14:27.0477 0x0950 DcomLaunch - ok
11:14:27.0540 0x0950 [ 54D0B8343CE8C22412A5F29D32EFD211, D78BF09680FF19523C84E862593B45637D91A079C79CAB63A13726E7ACA8ABBF ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
11:14:27.0555 0x0950 dg_ssudbus - ok
11:14:27.0618 0x0950 [ 99F2C23ED213C7E0C10A778CB8E98C3B, 4EA22C7660860618FD84811F406FA044B8781D120546E4452CC6BF1B846D6699 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:14:27.0618 0x0950 Dhcp - ok
11:14:27.0649 0x0950 [ 47B6AAEC570F2C11D8BAD80A064D8ED1, 83AAFD7D2E44BAD967430AF72ABEC3E8F2985BAF71D06ADFC2B92EC4CD644012 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:14:27.0649 0x0950 Disk - ok
11:14:27.0680 0x0950 dmadmin - ok
11:14:27.0758 0x0950 [ DEC123E0C75971D0CC7A6C6A75E28429, 7520BD43B0CCCC2F17A9BC7E5330341283BAF6DD10828B1CEBD8634C8EBFAA4F ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:14:27.0790 0x0950 dmboot - ok
11:14:27.0836 0x0950 [ 7268E66259722F6228C730685B201092, 3B8A38FA33D7C7A523490639B35CF165D512DB6BA64E5F606A54E2C2F12FD121 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:14:27.0836 0x0950 dmio - ok
11:14:27.0883 0x0950 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:14:27.0883 0x0950 dmload - ok
11:14:27.0915 0x0950 [ 127DB74184E2D3D31655DA525A5EFDE1, 9A632E97AE3C6CD05E36640DFE23420CA1164B5D33E2D849E31CB7BEF104C44C ] dmserver C:\WINDOWS\System32\dmserver.dll
11:14:27.0915 0x0950 dmserver - ok
11:14:27.0961 0x0950 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:14:27.0961 0x0950 DMusic - ok
11:14:27.0993 0x0950 [ F41AE23847F084F92E283D86C2A9EFCC, 79813051F215CDE3761FFA039771EA52E9178B2C336BCBF057C0A989492CAB7E ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:14:27.0993 0x0950 Dnscache - ok
11:14:28.0040 0x0950 [ 90EE765E1A598B578852901F74F914F1, 6A262A9234E1E9A19AF948A5E362F4B43CBC6EF2CCE796D4602D303A519CD545 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:14:28.0040 0x0950 Dot3svc - ok
11:14:28.0086 0x0950 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:14:28.0086 0x0950 drmkaud - ok
11:14:28.0149 0x0950 [ FE9CB643A034285031502D3369E5A869, 999704A1BDDD391F928901DCE970C48CE5101DA2D9EDFF7EA6DB29A558DEE723 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:14:28.0149 0x0950 E100B - ok
11:14:28.0211 0x0950 [ E6BBDEBF7081899D161C773E8D84D015, BD0059A3B9A154F2140F35CBF7402F8BB62260087917DA9DE817DEC161D73B8C ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:14:28.0211 0x0950 EapHost - ok
11:14:28.0243 0x0950 [ 2F5C7F650B7AF178988946EE4B0D9C01, 3FF2BAAB10A26A3E7A8DA28BE4689623E603403E4B11191BC66E9E4BA8E3988A ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:14:28.0243 0x0950 ERSvc - ok
11:14:28.0305 0x0950 [ D98A222A707FFE40043E533FE7A6BA24, D5609A1744061C1943F4ACEAD0278706FF6CF3D16AB206A38B0FC9B86B1387C2 ] Eventlog C:\WINDOWS\system32\services.exe
11:14:28.0321 0x0950 Eventlog - ok
11:14:28.0352 0x0950 [ F6C37073A269C163A5FDAE5BFF47F367, DA88F3336EEF727330B394AF3F039CC906783F00CA51B791CE99DDAC1D0F31F3 ] EventSystem C:\WINDOWS\system32\es.dll
11:14:28.0352 0x0950 EventSystem - ok
11:14:28.0399 0x0950 [ 4D893323DAE445E34A4C9038B0551BC9, 39EE6D1EA496568368F7E8167EFE444CAEDD34A760EC9107EC383D8D17485EFD ] exFat C:\WINDOWS\system32\drivers\exFat.sys
11:14:28.0415 0x0950 exFat - ok
11:14:28.0477 0x0950 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:14:28.0477 0x0950 Fastfat - ok
11:14:28.0555 0x0950 [ C28A9E9D28ACDAF8097BE4578C49559B, 6FAEEC5F6A2484052EB8DA537F0BA842A7D600AE654A55A8142CD6B7C50C97D1 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:14:28.0571 0x0950 FastUserSwitchingCompatibility - ok
11:14:28.0602 0x0950 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:14:28.0602 0x0950 Fdc - ok
11:14:28.0649 0x0950 [ 8BFFFB5AC954E19DFDB96D56512AA518, D4C2502B8B6A1B79711B817AEB671CBA23FBF8CE77743BD892ABFEB7201963D7 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:14:28.0665 0x0950 Fips - ok
11:14:28.0680 0x0950 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:14:28.0680 0x0950 Flpydisk - ok
11:14:28.0758 0x0950 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:14:28.0758 0x0950 FltMgr - ok
11:14:28.0868 0x0950 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:14:28.0883 0x0950 FontCache3.0.0.0 - ok
11:14:28.0930 0x0950 [ 30D42943A54704EF13E2562911DBFCEA, 6E0904E60A2F8B62BD34E5EDA2DA2240DFBCE1288C58CB4D819F0025ECF76763 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:14:28.0930 0x0950 Fs_Rec - ok
11:14:28.0961 0x0950 [ FA8CA22E70245C81FF29C36AF56292FC, 29BE006A4F5B125D1D3A556199690CCF0B537917DD004033659141E72CF3AD49 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:14:28.0977 0x0950 Ftdisk - ok
11:14:29.0040 0x0950 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:14:29.0040 0x0950 GEARAspiWDM - ok
11:14:29.0102 0x0950 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:14:29.0102 0x0950 Gpc - ok
11:14:29.0211 0x0950 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:14:29.0227 0x0950 gupdate - ok
11:14:29.0243 0x0950 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:14:29.0258 0x0950 gupdatem - ok
11:14:29.0352 0x0950 [ 5327BAD9B35C33D2A64B64E4CF282ECD, 766F9BDE4CAAA058F023C35605E3BD0C267F5D1B6A98A0809F33D89708BA9506 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:14:29.0352 0x0950 helpsvc - ok
11:14:29.0368 0x0950 HidServ - ok
11:14:29.0430 0x0950 [ 1FF903FFA2DA1704E5A5443D37D8E49E, AB8B43B8869A3CDDA6931BB670CC8D38B89F95B29F39A5DE92DC7BF75D7891CA ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:14:29.0430 0x0950 hkmsvc - ok
11:14:29.0555 0x0950 [ 937031C085718C1C04A9C0864625EC6B, B812A70063750090202D646F466BD7F0377413F74AD109F8097CB2A1FB42466B ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:14:29.0555 0x0950 HTTP - ok
11:14:29.0618 0x0950 [ 2529C7BA05242BEED0027F554D0513BB, 5110D3D7A604B1F9606C6E1A6029263943B005E0BFEEC49EFB9E7D31A83B2744 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:14:29.0618 0x0950 HTTPFilter - ok
11:14:29.0680 0x0950 [ C43372D0682F8E32E4EC21117E089EC0, 06C546CA6D75D5C660941957163DF1F2109DFDF8F26C3DCE70DAEFF985ABCF97 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:14:29.0680 0x0950 i8042prt - ok
11:14:29.0743 0x0950 [ B652FB9DF6345131112BA9351C875B6F, 849ABEAB7FBCBB203D35C36BBAAAE8B7E237E1AF0FED7F08F262C2B3BAA8330D ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
11:14:29.0743 0x0950 ialm - ok
11:14:29.0868 0x0950 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:14:29.0899 0x0950 idsvc - ok
11:14:29.0961 0x0950 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:14:29.0961 0x0950 Imapi - ok
11:14:29.0993 0x0950 [ A117772F94C854DE5D1BBC1F1962B192, 420FB45771FF2E068A9D28B290117E94741D8323F90156B5E3E17C1C35AD05F4 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:14:30.0008 0x0950 ImapiService - ok
11:14:30.0102 0x0950 [ 72C63AD984D427D34BD5B9DB838D88EB, 01EC4AB4E705B7DE34CDA438FBA6268FC261F1D87E749D1C300841FD9CB0F3E0 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
11:14:30.0102 0x0950 IntelIde - ok
11:14:30.0149 0x0950 [ 2D2254FAC267E6B1C7865E8EBEF60C6D, 0037A5673E8F1CED478BA23BF3C90B08DBCF2FCC291558D2487FF373F5A00B8F ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:14:30.0149 0x0950 intelppm - ok
11:14:30.0196 0x0950 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:14:30.0196 0x0950 Ip6Fw - ok
11:14:30.0258 0x0950 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:14:30.0258 0x0950 IpFilterDriver - ok
11:14:30.0274 0x0950 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:14:30.0274 0x0950 IpInIp - ok
11:14:30.0336 0x0950 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:14:30.0336 0x0950 IpNat - ok
11:14:30.0430 0x0950 [ 061614179585BE398A73B9B3AF111310, BE715790531CBF3E038C6C2083A0802FA492D1DCAB3ACFE035DF72E3D6A4B83B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:14:30.0446 0x0950 iPod Service - ok
11:14:30.0508 0x0950 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:14:30.0508 0x0950 IPSec - ok
11:14:30.0571 0x0950 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:14:30.0571 0x0950 IRENUM - ok
11:14:30.0649 0x0950 [ 0B78E1A31340E1FB1E389D5633F7C3A0, A6BCA5940E5F89602BBB127481CF48E39E7834375D13947A047336E136ADFDA7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:14:30.0649 0x0950 isapnp - ok
11:14:30.0711 0x0950 [ 380397621E94B32C744E7B2CC1330390, 6215E8F881642E798D6F2ABC01605D78696B1AA0D3A50C243BB061BFF9AC7BC3 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:14:30.0711 0x0950 Kbdclass - ok
11:14:30.0743 0x0950 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:14:30.0758 0x0950 kmixer - ok
11:14:30.0821 0x0950 [ C6EBF1D6AD71DF30DB49B8D3287E1368, 09A8F5BCE774BA8881195AB390692048C3B05EDC8C0BF3ACBC673FD391A29D72 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:14:30.0821 0x0950 KSecDD - ok
11:14:30.0883 0x0950 [ AB3C73CFC4D21540C51671EDF6E2C989, EA2B83DA23AC3169DA3682AA45E9A215AEDBF9C24A908C1A3BC24DAA16042174 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
11:14:30.0899 0x0950 LanmanServer - ok
11:14:30.0961 0x0950 [ F2BB3D20CD27EE6ED1FD5954DE629441, 2D72EB11E82281806AA0592A6A93C8448401B56A1D7EA2882CE697734A19B02B ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:14:30.0977 0x0950 lanmanworkstation - ok
11:14:30.0993 0x0950 lbrtfdc - ok
11:14:31.0086 0x0950 [ 91AE20C5C2776C511994AA1308C05283, BF085E2F5974404336475CC2E159F4524015AA01B0C76C176AC398DD30AD90A6 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:14:31.0086 0x0950 LmHosts - ok
11:14:31.0133 0x0950 [ C56A45A03DCA11712DE9FDF98224230B, A1D1F5B12736A9A4300E554930FC11DAFFD901C8ACFC0994BA6FF4A304BCF2CA ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:14:31.0133 0x0950 Messenger - ok
11:14:31.0180 0x0950 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:14:31.0180 0x0950 mnmdd - ok
11:14:31.0227 0x0950 [ 5B1D994DCF1895AFA27600E46A2F0FEA, C43E8CEC5865C0EC4BD4E48980C85D6BA7E80A9F702B6E559FE4DCCC16F655C3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:14:31.0227 0x0950 mnmsrvc - ok
11:14:31.0290 0x0950 [ 8114EEAC353F549331AB73E9AF4219ED, 60B2FC56A2CF6335CFAA62154743863716CBAFEF38A716C755FAC74790C22C56 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:14:31.0290 0x0950 Modem - ok
11:14:31.0336 0x0950 [ 1A4E2214DD63E4A876463D3427EE8261, E3C137E1A05F46170538D1A2FC23F146A75FA556ADCC1CD48CE6FE412B41DBC5 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:14:31.0336 0x0950 Mouclass - ok
11:14:31.0368 0x0950 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:14:31.0368 0x0950 MountMgr - ok
11:14:31.0446 0x0950 [ 3121304FEBE28A90AF199DBF1AFD4518, 95B5188B71ADB8934183828C2AEEF16620CB5C97C7141DF4A7140D72B79210D9 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:14:31.0446 0x0950 MozillaMaintenance - ok
11:14:31.0508 0x0950 [ 4FEFD389D71126EE581B9F9CB2918BE4, 64C527DEFF0F8B6CB0318B14BC7F34F8221D8FF6D5A128F9C2C4779537245F7B ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:14:31.0508 0x0950 MRxDAV - ok
11:14:31.0602 0x0950 [ FB2FCCC70F7174C7BF64F48E96D3ADF4, 484B4DF0A500CAE8AFA4F3A6393615A3963D91C95939025DF1A172C9A67D951D ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:14:31.0618 0x0950 MRxSmb - ok
11:14:31.0680 0x0950 [ 21EA21984D7D1AD50DB2E627020AB14C, 5F0BA1973B30CCEE1FED562BA47B2F5E03A7F0EDB1A24200F2B14FE562D021A3 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:14:31.0680 0x0950 MSDTC - ok
11:14:31.0774 0x0950 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:14:31.0774 0x0950 Msfs - ok
11:14:31.0790 0x0950 MSIServer - ok
11:14:31.0852 0x0950 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:14:31.0852 0x0950 MSKSSRV - ok
11:14:31.0899 0x0950 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:14:31.0899 0x0950 MSPCLOCK - ok
11:14:31.0930 0x0950 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:14:31.0930 0x0950 MSPQM - ok
11:14:31.0993 0x0950 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:14:31.0993 0x0950 mssmbios - ok
11:14:32.0040 0x0950 [ F7B1AD991491F02AF6DA70B00B8BF114, 4EF6B2FF3138CB461D631EB9395C52DE4075B58E8A3C13847A3AFF591536CA72 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:14:32.0040 0x0950 Mup - ok
11:14:32.0118 0x0950 [ 87E394C810794D3C70CF22E8316CB23E, D8CDEB692AA52FC647059F268E075092A213DC1AE70F406589728EF9C7BD28D8 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:14:32.0133 0x0950 napagent - ok
11:14:32.0196 0x0950 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:14:32.0211 0x0950 NDIS - ok
11:14:32.0243 0x0950 [ 091735A5F20ACB1DC147383A905AE002, 71F5EA1B762B304AE46284F80F9AABF5EAB890C9CC5F257AC84D3ABF4268B3D3 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:14:32.0243 0x0950 NdisTapi - ok
11:14:32.0258 0x0950 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:14:32.0274 0x0950 Ndisuio - ok
11:14:32.0290 0x0950 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:14:32.0290 0x0950 NdisWan - ok
11:14:32.0321 0x0950 [ 816460BD4B4ACD27937D1D0813E2E9E9, 71574BC38CF392E8BB158C6B61430F0472DF1926BF71481D72E380D1D7B94B64 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:14:32.0321 0x0950 NDProxy - ok
11:14:32.0368 0x0950 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:14:32.0368 0x0950 NetBIOS - ok
11:14:32.0415 0x0950 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:14:32.0415 0x0950 NetBT - ok
11:14:32.0461 0x0950 [ DC6BAE085E9B3C2F3A963ED46791FEAB, BC9B8C4C3E9EB70C8A15125ACE8A0CE9B8455337334860BB02815AE8A4669469 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:14:32.0477 0x0950 NetDDE - ok
11:14:32.0493 0x0950 [ DC6BAE085E9B3C2F3A963ED46791FEAB, BC9B8C4C3E9EB70C8A15125ACE8A0CE9B8455337334860BB02815AE8A4669469 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:14:32.0508 0x0950 NetDDEdsdm - ok
11:14:32.0555 0x0950 [ 8754210A3399D19610CE2D71E0C3E5D9, B10B28B559B447CC9DF317F222BB7641A7317001DA631371E6E6A928D67276A9 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:14:32.0555 0x0950 Netlogon - ok
11:14:32.0649 0x0950 [ 5431FB616ECAE0D587C5B97D0B86CBD8, 81B79A2C37118794C8D466084287F4DB7216A1BDD9D65901B3C5E9EA91A134EB ] Netman C:\WINDOWS\System32\netman.dll
11:14:32.0649 0x0950 Netman - ok
11:14:32.0727 0x0950 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:14:32.0727 0x0950 NetTcpPortSharing - ok
11:14:32.0805 0x0950 [ 18740E8EC5BE4B6D66FA0E4CBFD3B9C6, 073952B1668964BE9ADE6BC2BDFBF30C847038BB9DA1BC031B0B6E7728E53440 ] Nla C:\WINDOWS\System32\mswsock.dll
11:14:32.0821 0x0950 Nla - ok
11:14:32.0852 0x0950 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:14:32.0852 0x0950 Npfs - ok
11:14:32.0946 0x0950 [ A0857C97770034FD2AF17DC4014B5ABD, 3A325399DD8A384F1EEB2340FB5CA54FCE7360C9A02E8ADB6DE2EF3CFD805A92 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:14:32.0977 0x0950 Ntfs - ok
11:14:33.0008 0x0950 [ 8754210A3399D19610CE2D71E0C3E5D9, B10B28B559B447CC9DF317F222BB7641A7317001DA631371E6E6A928D67276A9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:14:33.0008 0x0950 NtLmSsp - ok
11:14:33.0086 0x0950 [ AC1A78237B53044735693633F8235468, 9F5168E92C4897DD0F6744653FB22DEDC8EC83ACE32F3C50D20CF114FA992E01 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:14:33.0102 0x0950 NtmsSvc - ok
11:14:33.0149 0x0950 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
11:14:33.0149 0x0950 Null - ok
11:14:33.0196 0x0950 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:14:33.0196 0x0950 NwlnkFlt - ok
11:14:33.0196 0x0950 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:14:33.0211 0x0950 NwlnkFwd - ok
11:14:33.0258 0x0950 [ E3934CCC20A4D24F1924E13D36D2A5BD, 6681AB6061A5DD28C0DFDDBBF5967A936E67765DD5A77B3F109FE07C6AF5E186 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:14:33.0274 0x0950 Parport - ok
11:14:33.0290 0x0950 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:14:33.0290 0x0950 PartMgr - ok
11:14:33.0336 0x0950 [ 1EADE28746A64C21E0A808BB12A63326, 88A2E7101B9582DCCF310F128536C24856727A0DE3E5D4D7404CBE79BCC36CF9 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:14:33.0336 0x0950 ParVdm - ok
11:14:33.0383 0x0950 [ 3B166F9F753C21AEDAA9A6BD76B49655, DD6F13D856890D9CAD83C21BA5C7EEC0D8FBA2EE3678C5F07FE15DDDD5EA4926 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:14:33.0399 0x0950 PCI - ok
11:14:33.0415 0x0950 PCIDump - ok
11:14:33.0430 0x0950 [ B31EDEBA4DA28283F6B8DC4756FB9585, 3B296A4A5DFD6A11D6A99A96D84E0DDEA4737C4B09595B82D256CAB4EC1BFC1B ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:14:33.0430 0x0950 PCIIde - ok
11:14:33.0477 0x0950 [ 2137FFD65F8E609A3A5ACD487C56CCE0, D754BED7C3B13662AC95BE0F234AFB6565BC7EC69DFECF03DA65469DBA974D2D ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:14:33.0493 0x0950 Pcmcia - ok
11:14:33.0508 0x0950 PDCOMP - ok
11:14:33.0540 0x0950 PDFRAME - ok
11:14:33.0555 0x0950 PDRELI - ok
11:14:33.0571 0x0950 PDRFRAME - ok
11:14:33.0665 0x0950 [ D98A222A707FFE40043E533FE7A6BA24, D5609A1744061C1943F4ACEAD0278706FF6CF3D16AB206A38B0FC9B86B1387C2 ] PlugPlay C:\WINDOWS\system32\services.exe
11:14:33.0665 0x0950 PlugPlay - ok
11:14:33.0680 0x0950 [ 8754210A3399D19610CE2D71E0C3E5D9, B10B28B559B447CC9DF317F222BB7641A7317001DA631371E6E6A928D67276A9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:14:33.0696 0x0950 PolicyAgent - ok
11:14:33.0711 0x0950 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:14:33.0711 0x0950 PptpMiniport - ok
11:14:33.0743 0x0950 [ 8754210A3399D19610CE2D71E0C3E5D9, B10B28B559B447CC9DF317F222BB7641A7317001DA631371E6E6A928D67276A9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:14:33.0743 0x0950 ProtectedStorage - ok
11:14:33.0758 0x0950 [ D8E11D311785F89F1D70A28B0E879127, 8DC3BB4C2238960A47D601CC0B6E2D07EE6C8B5D3852A9908803F89B01F715FB ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:14:33.0774 0x0950 PSched - ok
11:14:33.0821 0x0950 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:14:33.0821 0x0950 Ptilink - ok
11:14:33.0883 0x0950 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:14:33.0883 0x0950 PxHelp20 - ok
11:14:33.0899 0x0950 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:14:33.0899 0x0950 RasAcd - ok
11:14:33.0961 0x0950 [ 0575D034B1292CA3A9BB9F67A8EE289C, 85F9964CEC39F4FFA704C995ECB18995A20FDFB110841867486F9EF3164A8775 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:14:33.0977 0x0950 RasAuto - ok
11:14:34.0024 0x0950 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:14:34.0024 0x0950 Rasl2tp - ok
11:14:34.0071 0x0950 [ 9E7E2DF6971A5F00102BE3F901CC3BDC, AFD5ECDAF59228A2F51E8F195F4E96C7C1D26740DA7EA4B1F6E491C16EF8B34B ] RasMan C:\WINDOWS\System32\rasmans.dll
11:14:34.0086 0x0950 RasMan - ok
11:14:34.0118 0x0950 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:14:34.0118 0x0950 RasPppoe - ok
11:14:34.0165 0x0950 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:14:34.0165 0x0950 Raspti - ok
11:14:34.0227 0x0950 [ 9629383F70DB691CB6AA5BBD828CD9A9, 972D3355CE74DFBD9B0C8749EE5B456CBDB1EC5D625858A602AED798E0C8D358 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:14:34.0227 0x0950 Rdbss - ok
11:14:34.0290 0x0950 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:14:34.0290 0x0950 RDPCDD - ok
11:14:34.0415 0x0950 [ C7D9BC54354B8C706ABF172D48313F1B, 48065B6914F29AAA3010CCBC78A3ED4ADC25C98D2E6778559DCCF986FA36E21E ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:14:34.0415 0x0950 RDPWD - ok
11:14:34.0477 0x0950 [ EA9FDF71D696B532BDC44C8BFF03A737, 2D2FFC96F2A88327142EF817AA8D7F62DD9E94555E82292D8933786AF332FA33 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:14:34.0477 0x0950 RDSessMgr - ok
11:14:34.0586 0x0950 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
11:14:34.0586 0x0950 RealNetworks Downloader Resolver Service - ok
11:14:34.0649 0x0950 [ 4173BC66E485FD77A03C4819F60BD0DA, FDC4C5ACA5305CCDB1B665D1711A57BB16A9B373913E4B36F32AA159A0A069E3 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:14:34.0649 0x0950 redbook - ok
11:14:34.0680 0x0950 [ 4007ABF5D9BF0E55451D775443D1F985, EC3BCFCC9629BC6E809A025A0589F2FD96F628CD6B4ED7AC8A1A007832D418DD ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:14:34.0696 0x0950 RemoteAccess - ok
11:14:34.0743 0x0950 [ BE078F8F7EC2491EFDD79A53353A060F, AC4630E5AC360D0A5C7EE92AA1FEE2F91F5B4FC59CF1F96F03F6EF09D65C9623 ] RpcLocator C:\WINDOWS\system32\locator.exe
11:14:34.0758 0x0950 RpcLocator - ok
11:14:34.0805 0x0950 [ D8D28F6CABEC7D42B8E487E290563B9A, 620FC20797581CDF4BF3ADF6D13F0904F4EA4C118510815F740E0B6E3ED6FE93 ] RpcSs C:\WINDOWS\System32\rpcss.dll
11:14:34.0821 0x0950 RpcSs - ok
11:14:34.0899 0x0950 [ 743D7D59767073A617B1DCC6C546F234, DE08EEC475F97F616BACF125B441B3542CEA3B017E2E98D94BE9FB1E13D13C99 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
11:14:34.0915 0x0950 rspndr - ok
11:14:34.0977 0x0950 [ AD1B5F1B99FFF08C99F443D784711A81, 1BE13FE1E1E45F6D3C4E73BB85D7DD509BCA384B36FC07498A0C5F4BD93B8B20 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:14:34.0977 0x0950 RSVP - ok
11:14:35.0008 0x0950 [ 8754210A3399D19610CE2D71E0C3E5D9, B10B28B559B447CC9DF317F222BB7641A7317001DA631371E6E6A928D67276A9 ] SamSs C:\WINDOWS\system32\lsass.exe
11:14:35.0008 0x0950 SamSs - ok
11:14:35.0165 0x0950 [ 230FD3749904CA045EA5EC0AA14006E9, D7C79238F862B471740AFF4CC3982658D1339795E9EC884A8921EFE2E547D7C3 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\WNt500x86\Sandra.sys
11:14:35.0165 0x0950 SANDRA - ok
11:14:35.0227 0x0950 [ CD23C3C62D0C20CC272BD421F2A3D002, 6A5982B385335850AF558EB7F1C9A6F66C7F1981BE5B1D27B9B579C87E16FA65 ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe
11:14:35.0243 0x0950 SandraAgentSrv - ok
11:14:35.0305 0x0950 [ 1B4CD62174E907C7EF8EC5D4D0A2A616, 9BC82E5FB7A1604CE6FB7DBFF8AF58ABDCD7A8AE01EC62CBAC9996D838CC36AB ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:14:35.0305 0x0950 SCardSvr - ok
11:14:35.0383 0x0950 [ 7C288AE0F75CB18CFF1DF6179A67AD8F, D4B7A1B7BD5B239A7B1E6AF1AA28116FB337765EACEA5357A0EF76AAC53216E1 ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:14:35.0399 0x0950 Schedule - ok
11:14:35.0446 0x0950 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:14:35.0446 0x0950 Secdrv - ok
11:14:35.0477 0x0950 [ 6983665BEA867125B1DA5757CD8B2F9D, EDAE386791F5B390EB1705ED0EE7F67259BC6C0EC8785C0E1161E7C0984EDE64 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:14:35.0493 0x0950 seclogon - ok
11:14:35.0508 0x0950 [ F6EC8F1E50E40237BDDEE1CB7FE20B42, 9DAD21F8B052F189F411DB5BD3DE19E3788D5D4ACEF320AC7E188A7A48A77FCA ] SENS C:\WINDOWS\system32\sens.dll
11:14:35.0524 0x0950 SENS - ok
11:14:35.0571 0x0950 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:14:35.0571 0x0950 Serenum - ok
11:14:35.0602 0x0950 [ 92C21762653BB2CE51147EB8A9AA654F, F8B7C7053D66C3ED8F891F5CEF1D8B208A95805CD74CFD1740B4A2F794808B1D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:14:35.0602 0x0950 Serial - ok
11:14:35.0711 0x0950 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:14:35.0711 0x0950 Sfloppy - ok
11:14:35.0790 0x0950 [ FB728CFE87FF4A3ABA0AA526B553D877, A1ABDAC01307C459198E409A3DBB4D918A9CBD746CF8FD5C22E48EEBE0E436F3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:14:35.0805 0x0950 SharedAccess - ok
11:14:35.0836 0x0950 [ C28A9E9D28ACDAF8097BE4578C49559B, 6FAEEC5F6A2484052EB8DA537F0BA842A7D600AE654A55A8142CD6B7C50C97D1 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:14:35.0852 0x0950 ShellHWDetection - ok
11:14:35.0868 0x0950 Simbad - ok
11:14:35.0946 0x0950 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
11:14:35.0961 0x0950 SkypeUpdate - ok
11:14:36.0024 0x0950 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:14:36.0040 0x0950 splitter - ok
11:14:36.0086 0x0950 [ 258DD5D4283FD9F9A7166BE9AE45CE73, 05369C6943ADFF081B06400ADC4D26FEC81972B53F11AD079F51412AD07C2978 ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:14:36.0102 0x0950 Spooler - ok
11:14:36.0165 0x0950 [ 64D2A7640E0767ECD3BCB38D3200E7CE, B1F5662A2A4F0587CBD5058358B3C0E30E258C995FB2E902165FAB76571E66C9 ] Sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:14:36.0165 0x0950 Sr - ok
11:14:36.0211 0x0950 [ 81CBF363C414620CAA61BD6843D8FDB9, AA1552BF9D7B21DB7B1D9AF9D53FE1DC90150F03035F21999715F95BE0E2EE6A ] srservice C:\WINDOWS\system32\srsvc.dll
11:14:36.0227 0x0950 srservice - ok
11:14:36.0274 0x0950 [ 9B390283569EA58D43D2586032B892F5, FADC0AD9D8F715290F02A6A59B284A6AD53C5BD13933B1D3ECC03C558C9D5885 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:14:36.0290 0x0950 Srv - ok
11:14:36.0352 0x0950 [ 5B9D0DE64BE96A806819516440FD211C, 5C632D05A83F8C4BCD3E412F4ECDBA1D00B48F0A162B305940E6396D765F27F0 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:14:36.0352 0x0950 SSDPSRV - ok
11:14:36.0430 0x0950 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
11:14:36.0446 0x0950 ssmdrv - ok
11:14:36.0508 0x0950 [ D2C02234E3E87EA5FE420F045068099B, A5BFB342FFF50E6EAF5586A72BCBE56E9DA4F7AE612EDE7D20D77DB59472D3FE ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
11:14:36.0508 0x0950 ssudmdm - ok
11:14:36.0571 0x0950 [ E97F09A7EC9C45B7060FE45BC620766C, 176C8BAE7CB69A2174F5BBF01A04B214DCE1EF01B83C547F6C3F71CAC94E63B4 ] ssudserd C:\WINDOWS\system32\DRIVERS\ssudserd.sys
11:14:36.0571 0x0950 ssudserd - ok
11:14:36.0665 0x0950 [ 88E96A39A11B0EDE2876926EE5B2564B, 3F49A28F53788DA6FC9F97C98F2B9031AEB09C6795D3EA2A8F5C668F532C0F35 ] STAC97NA C:\WINDOWS\system32\drivers\stac97na.sys
11:14:36.0665 0x0950 STAC97NA - ok
11:14:36.0743 0x0950 [ 0383587C1597BB1D1B79485BE8F12177, 6D0313933BFC343986F7829EBBDEFCFBCCF4FF14F72E3BBA04B2D7D7238FC84D ] STAC97NH C:\WINDOWS\system32\drivers\stac97nh.sys
11:14:36.0758 0x0950 STAC97NH - ok
11:14:36.0821 0x0950 [ 5AE996186D2DC694FEF88F14A3FC9242, 496C74364C750DA0851647B08DF731DFED2E2CD0BDB795C0E48821F457D2DD9A ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:14:36.0836 0x0950 stisvc - ok
11:14:36.0899 0x0950 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:14:36.0899 0x0950 swenum - ok
11:14:36.0930 0x0950 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:14:36.0930 0x0950 swmidi - ok
11:14:36.0946 0x0950 SwPrv - ok
11:14:36.0977 0x0950 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:14:36.0977 0x0950 sysaudio - ok
11:14:37.0055 0x0950 [ 251EAE7C56C6AB9490311A3C9757E18D, C79FE215747798A82E1719453DE67CF9DBB09C524667E229AFE9FA16638FDB05 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:14:37.0055 0x0950 SysmonLog - ok
11:14:37.0118 0x0950 [ ABAEC91155E18BE1215B9170EE6B2F13, EE24F9B07760D3737B5E019A65EC27537D4D5E9677B2856FA5CEFF30681C578F ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:14:37.0133 0x0950 TapiSrv - ok
11:14:37.0180 0x0950 [ AD978A1B783B5719720CFF204B666C8E, FA50A3664522C58E1637C06731B9CB9D56FF14F0A5F8AB496A1945585E8A2C16 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:14:37.0196 0x0950 Tcpip - ok
11:14:37.0258 0x0950 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:14:37.0258 0x0950 TDPIPE - ok
11:14:37.0290 0x0950 [ C0578456F29E5F26285F81B7B71FE57D, D1744D3C242E014EBB242FFA2F21AE9398D7568A23E443855A94DF14D1A72885 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:14:37.0290 0x0950 TDTCP - ok
11:14:37.0336 0x0950 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:14:37.0336 0x0950 TermDD - ok
11:14:37.0430 0x0950 [ E0AEF86A594C9990D6321C5CA239C5B7, 30C45E48F0A3A2D5D3518AEBFB99D3AD4426BD358FC9239E93FD8481BFBB03BF ] TermService C:\WINDOWS\System32\termsrv.dll
11:14:37.0446 0x0950 TermService - ok
11:14:37.0477 0x0950 [ C28A9E9D28ACDAF8097BE4578C49559B, 6FAEEC5F6A2484052EB8DA537F0BA842A7D600AE654A55A8142CD6B7C50C97D1 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:14:37.0493 0x0950 Themes - ok
11:14:37.0524 0x0950 TosIde - ok
11:14:37.0586 0x0950 [ 20655E8CA1C78BC7088B18E93806D21B, 91B6B9058C1933972484210DB9BEAA3EA74F359494B7286EFDA6370BCEA913A4 ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:14:37.0586 0x0950 TrkWks - ok
11:14:37.0649 0x0950 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:14:37.0649 0x0950 Udfs - ok
11:14:37.0727 0x0950 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:14:37.0743 0x0950 Update - ok
11:14:37.0805 0x0950 [ 01653D6C9604F1FB31A76EC94E08954F, C778076DBBFD38FFEFA7D2113D92A394CC1E7AAEA1530E488A8AB055BE5BEAC7 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:14:37.0805 0x0950 upnphost - ok
11:14:37.0836 0x0950 [ A89796DD0DE24CF03B3A39407E1F46A3, 3866F5C649591F1630EE414B0FC6661DF9F2B0DF71821CB4C711D1728205CC82 ] UPS C:\WINDOWS\System32\ups.exe
11:14:37.0852 0x0950 UPS - ok
11:14:37.0899 0x0950 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:14:37.0899 0x0950 usbccgp - ok
11:14:37.0946 0x0950 [ 52674B5DBEE499342A599C7771ABECAA, A8F3FB78DAB0E7187FD07CB7CEA72862DB4BC115F347ABEB9E155BB4CF34A671 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:14:37.0946 0x0950 usbehci - ok
11:14:38.0008 0x0950 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:14:38.0024 0x0950 usbhub - ok
11:14:38.0071 0x0950 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:14:38.0071 0x0950 USBSTOR - ok
11:14:38.0118 0x0950 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:14:38.0118 0x0950 usbuhci - ok
11:14:38.0180 0x0950 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:14:38.0180 0x0950 VgaSave - ok
11:14:38.0211 0x0950 ViaIde - ok
11:14:38.0227 0x0950 [ 8AB662B3C4691E6DDF61C96BB5B7D103, 362142C9684A3FDA7DDBE1B2FACD7BD0FC403BF30BB549D173F6805A42C932E7 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:14:38.0243 0x0950 VolSnap - ok
11:14:38.0290 0x0950 [ A585EDD6965B301DE8A45C6768C7C215, A506F4C1333CDB4C48CE3571A75F3751081FBC422AEE61C927C3E9796568F249 ] VSS C:\WINDOWS\System32\vssvc.exe
11:14:38.0305 0x0950 VSS - ok
11:14:38.0352 0x0950 [ 99BDD2DFF6F04482B738A90D74688212, AC98F4A73DA1DB63A6DC97324CE5511B3B06E878703CEBB3FF1FB48089987C50 ] W32Time C:\WINDOWS\system32\w32time.dll
11:14:38.0352 0x0950 W32Time - ok
11:14:38.0399 0x0950 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:14:38.0399 0x0950 Wanarp - ok
11:14:38.0430 0x0950 WDICA - ok
11:14:38.0508 0x0950 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:14:38.0508 0x0950 wdmaud - ok
11:14:38.0555 0x0950 [ 33D8E2812054D97A0AEC9B8F04277927, B30A5CB97B14DF9B9F94C6C9FC7A415458EDD85C46B085E0A51F304795CCF698 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:14:38.0555 0x0950 WebClient - ok
11:14:38.0680 0x0950 [ F9E105F369C18E4001E0C05AAF600D73, EDA4AE346832CA7D3A0AC18DFE6470B57F33C7235252E0C3D2DF2418236F443B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:14:38.0680 0x0950 winmgmt - ok
11:14:38.0805 0x0950 [ 250F8D15406269CB3A690B4A4859D92D, 69A60906D65680B91A907727D99794C809E00CA2C9D4C1FB3CD78CD68CE6CFA0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
11:14:38.0852 0x0950 WinRM - ok
11:14:38.0930 0x0950 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
11:14:38.0930 0x0950 WmdmPmSN - ok
11:14:39.0008 0x0950 [ 87F11D161207C7063EDABAC0AADC33C3, 60BD9AC3EE591DDCAEACFD085937779732A7D36513059DFB01941C98DC296504 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:14:39.0008 0x0950 WmiApSrv - ok
11:14:39.0133 0x0950 [ 79A01ACD485687EE602411A06B63A9A5, 60B39E95BA8389F29CEEF2A5F118ADF16E2CEE66B63A094E18A4F00C51EB3838 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:14:39.0165 0x0950 WMPNetworkSvc - ok
11:14:39.0227 0x0950 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:14:39.0227 0x0950 WpdUsb - ok
11:14:39.0336 0x0950 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:14:39.0368 0x0950 WPFFontCache_v0400 - ok
11:14:39.0430 0x0950 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:14:39.0430 0x0950 WS2IFSL - ok
11:14:39.0477 0x0950 [ 843F7FA8EA38E6A4262976DCC994C81A, E3429581BA18910CC658449EA763CE7A2EE949BD65D43B177B0402A6037C4A46 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:14:39.0493 0x0950 wscsvc - ok
11:14:39.0555 0x0950 [ 02E4055488047729B333F99D93877038, DE0C57AE8B828537B57D9EADEDEE3AAEBE5484A6C5A3FBE827F80987CDC0C5B2 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:14:39.0571 0x0950 wuauserv - ok
11:14:39.0618 0x0950 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:14:39.0618 0x0950 WudfPf - ok
11:14:39.0665 0x0950 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:14:39.0665 0x0950 WudfRd - ok
11:14:39.0711 0x0950 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:14:39.0727 0x0950 WudfSvc - ok
11:14:39.0805 0x0950 [ 991E417C2D3D07260757F165A8F40589, 218E373959E7865A883E22D45662F7A06C82EA6194A71C9588806A8BF38EA8CE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:14:39.0821 0x0950 WZCSVC - ok
11:14:39.0868 0x0950 [ FD3C38635808920F8235BF2FED642F54, 1A9218967EE6E30F6DABE026E22478067B72E59FEE2EA9CD142859F138A42CF8 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:14:39.0868 0x0950 xmlprov - ok
11:14:39.0930 0x0950 [ 9595EE81566A9EC4A96A6D5E2533E4F3, 175805B9A2A9F9ED60E28C6701F1F2BD933E8E38FD0A363F8B55E0666BE80FFD ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys
11:14:39.0946 0x0950 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
11:14:39.0961 0x0950 [ 5CC069889A922ED647145FCA8371E545, D54DC22258E5A3E7AD1F475E5AAECEFD37AB581CA760CC60B32CFD6A53E9FE8C ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys
11:14:39.0961 0x0950 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
11:14:39.0977 0x0950 ================ Scan global ===============================
11:14:40.0040 0x0950 [ 953AD498333B03F7CE547151F96EF241, 15717B634AE15981714A7ACF02417A4EF80C72EEF355FC728E41B3DA36553434 ] C:\WINDOWS\system32\basesrv.dll
11:14:40.0102 0x0950 [ 67F101FCFF1F46DFA9F41AD1B968509D, BDC495406582BCF5EF4BFAD307BAE59CADE230966427F54D6543F037F782AA27 ] C:\WINDOWS\system32\winsrv.dll
11:14:40.0149 0x0950 [ 67F101FCFF1F46DFA9F41AD1B968509D, BDC495406582BCF5EF4BFAD307BAE59CADE230966427F54D6543F037F782AA27 ] C:\WINDOWS\system32\winsrv.dll
11:14:40.0196 0x0950 [ D98A222A707FFE40043E533FE7A6BA24, D5609A1744061C1943F4ACEAD0278706FF6CF3D16AB206A38B0FC9B86B1387C2 ] C:\WINDOWS\system32\services.exe
11:14:40.0211 0x0950 [ Global ] - ok
11:14:40.0211 0x0950 ================ Scan MBR ==================================
11:14:40.0243 0x0950 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0
11:14:40.0461 0x0950 \Device\Harddisk0\DR0 - ok
11:14:40.0477 0x0950 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk1\DR1
11:14:40.0868 0x0950 \Device\Harddisk1\DR1 - ok
11:14:40.0868 0x0950 ================ Scan VBR ==================================
11:14:40.0883 0x0950 [ 4C0D9503A4EC2FB404390C7EF0A74ACC ] \Device\Harddisk0\DR0\Partition1
11:14:40.0883 0x0950 \Device\Harddisk0\DR0\Partition1 - ok
11:14:40.0883 0x0950 [ 6853D9BB3DBC917F9E35F296FF002377 ] \Device\Harddisk1\DR1\Partition1
11:14:40.0883 0x0950 \Device\Harddisk1\DR1\Partition1 - ok
11:14:40.0899 0x0950 Waiting for KSN requests completion. In queue: 169
11:14:41.0899 0x0950 Waiting for KSN requests completion. In queue: 169
11:14:42.0899 0x0950 Waiting for KSN requests completion. In queue: 169
11:14:43.0961 0x0950 AV detected via SS1: Avira Desktop, 13.6.20.2100, disabled, updated
11:14:43.0977 0x0950 Win FW state via NFM: enabled
11:14:46.0633 0x0950 ============================================================
11:14:46.0633 0x0950 Scan finished
11:14:46.0633 0x0950 ============================================================
11:14:46.0665 0x0b8c Detected object count: 0
11:14:46.0665 0x0b8c Actual detected object count: 0
11:15:51.0086 0x0d24 ============================================================
11:15:51.0086 0x0d24 Scan started
11:15:51.0086 0x0d24 Mode: Manual; SigCheck; TDLFS;
11:15:51.0086 0x0d24 ============================================================
11:15:51.0086 0x0d24 KSN ping started
11:15:53.0618 0x0d24 KSN ping finished: true
11:15:54.0305 0x0d24 ================ Scan system memory ========================
11:15:54.0321 0x0d24 System memory - ok
11:15:54.0321 0x0d24 ================ Scan services =============================
11:15:54.0586 0x0d24 Abiosdsk - ok
11:15:54.0665 0x0d24 [ 02273A448BA21A7D447DAEB47810D40C, 1CB409BE2648ECA04A128230C6DADEA3ADA0720E24BA3BA9267D09751972E519 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:15:55.0165 0x0d24 ACPI - ok
11:15:55.0196 0x0d24 [ 63F517B1A87DABF3F5ACB8A7952FC1D1, 9A08759B9E02509D47FDCEF47C3B8E9081E687D7931D56672A6285E8C3520185 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:15:55.0383 0x0d24 ACPIEC - ok
11:15:55.0508 0x0d24 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:15:55.0540 0x0d24 AdobeFlashPlayerUpdateSvc - ok
11:15:55.0618 0x0d24 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:15:55.0821 0x0d24 aec - ok
11:15:55.0883 0x0d24 [ F6B7B1ECD7B41736BDB6FF4B092BCB79, B892C7303E08238C025409D602CB2F58D273B19B81CF04E26EA52A27EE7706DB ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:15:55.0961 0x0d24 AFD - ok
11:15:55.0977 0x0d24 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49, ED4EE32A51C7650FB20D10765ADB01B8743228B6BC712D4509571947BAC3AC58 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:15:56.0227 0x0d24 Alerter - ok
11:15:56.0258 0x0d24 [ DAB2A89FDE5CF791161200D90C1BCB12, 7F14CE7C85CDD5944134CC97A9B3AA0E7A0724D6D7A3DB3E0F68A4E9A1FE1446 ] ALG C:\WINDOWS\System32\alg.exe
11:15:56.0352 0x0d24 ALG - ok
11:15:56.0368 0x0d24 AliIde - ok
11:15:56.0508 0x0d24 [ 27C31F89693EFA9BAEFA0F1A38538BA5, 6DF0497A3A3508B513F02349D345C90D03ECE98FCD6E484E17F15043AFFF2D10 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:15:56.0524 0x0d24 AntiVirSchedulerService - ok
11:15:56.0586 0x0d24 [ A6E8FEE22D8A9162D1A93EB90407DC82, 370CC9405E11D4777ACFE9B44A983F96C59A0D8946E17C0D10AEA5F2A57AB441 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:15:56.0602 0x0d24 AntiVirService - ok
11:15:56.0711 0x0d24 [ 404BB7290836DBD9A3BD3ACD6145FF34, 23CA441A096666183337B2A4828A0C0C59F95D8E2DBF99F75FECBCA7D00356B0 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
11:15:56.0758 0x0d24 AntiVirWebService - ok
11:15:56.0930 0x0d24 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:15:56.0946 0x0d24 Apple Mobile Device - ok
11:15:56.0961 0x0d24 AppMgmt - ok
11:15:57.0133 0x0d24 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:15:57.0165 0x0d24 aspnet_state - ok
11:15:57.0227 0x0d24 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:15:57.0430 0x0d24 AsyncMac - ok
11:15:57.0493 0x0d24 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:15:57.0711 0x0d24 atapi - ok
11:15:57.0727 0x0d24 Atdisk - ok
11:15:57.0774 0x0d24 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:15:57.0977 0x0d24 Atmarpc - ok
11:15:58.0008 0x0d24 [ F10745ED3195360E69AA4A6E7768C0E0, 0D8F285AA9AAB23EBF6BFCCDD631134BBFC479790984B8A728D3B1C988AD3F15 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:15:58.0227 0x0d24 AudioSrv - ok
11:15:58.0274 0x0d24 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:15:58.0461 0x0d24 audstub - ok
11:15:58.0524 0x0d24 [ 40A34E457431625086F7E161E59A0528, ACB271F16F457173590E0563BEC6EE88A1154E8D369BB18C94D01AF492B99CC5 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
11:15:59.0008 0x0d24 avgntflt - ok
11:15:59.0071 0x0d24 [ F260F2EE3D21D00BEC0B08068E27BADB, 5E7BC4E54013AFB57FFF8B002B16CE7DC3F2CAB090D72D0C8EB6A403853AD180 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
11:15:59.0102 0x0d24 avipbb - ok
11:15:59.0133 0x0d24 [ CB8741CD7B126499FED40C9B197F6AC5, F682820A20CED26CD2E6A2531C721DB8985BCC1A03582BC54A706E9AA1A8B615 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
11:15:59.0165 0x0d24 avkmgr - ok
11:15:59.0243 0x0d24 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:15:59.0446 0x0d24 Beep - ok
11:15:59.0524 0x0d24 [ 5C0073A51C4873430FA8B262E92183FF, DE035B8F5BDCA347CBB753FE5B731CE41D4C1C49E7091BD90548B8A9C0A1D073 ] BITS C:\WINDOWS\system32\qmgr.dll
11:15:59.0758 0x0d24 BITS - ok
11:15:59.0868 0x0d24 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:15:59.0915 0x0d24 Bonjour Service - ok
11:15:59.0961 0x0d24 [ 307DC67231986A9552FA515F1233C1AB, 66B80F1AB210313607829DDB04A0B30EF91159CB0BD50E81ED26C0A5CB22E38C ] Browser C:\WINDOWS\System32\browser.dll
11:16:00.0008 0x0d24 Browser - ok
11:16:00.0180 0x0d24 catchme - ok
11:16:00.0227 0x0d24 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:16:00.0430 0x0d24 Cdaudio - ok
11:16:00.0477 0x0d24 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:16:00.0680 0x0d24 Cdfs - ok
11:16:00.0727 0x0d24 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:16:00.0930 0x0d24 Cdrom - ok
11:16:00.0961 0x0d24 Changer - ok
11:16:01.0008 0x0d24 [ BD85400700B80FBE3D4A3412BCE74861, 78419D94EEDD5C6C82A09425DADA30347D47897D40090E65970DB54F106E014F ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:16:01.0211 0x0d24 CiSvc - ok
11:16:01.0258 0x0d24 [ 4FB6108130829666C8FE96B442FEAD94, 9811037E2A195C05B442F928C4E95FDD1AF249461527269ED8508116A18DBF28 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:16:01.0430 0x0d24 ClipSrv - ok
11:16:01.0493 0x0d24 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:16:01.0524 0x0d24 clr_optimization_v2.0.50727_32 - ok
11:16:01.0618 0x0d24 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:16:01.0649 0x0d24 clr_optimization_v4.0.30319_32 - ok
11:16:01.0665 0x0d24 CmdIde - ok
11:16:01.0680 0x0d24 COMSysApp - ok
11:16:01.0743 0x0d24 [ D01F685F8B4598D144B0CCE9FF95D8D5, A68EF814CDBD7291DEF4745FE14D5080041BD3275AB12629C7811506AF2B8E17 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
11:16:01.0774 0x0d24 cpudrv - ok
11:16:01.0821 0x0d24 [ 0A9CF5D3CF63A8699F28C814EF821C7E, D6F09CABB25E557023312EE9921CCC35096B7B36C6A95A520D7514C33F70FCB2 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:16:02.0024 0x0d24 CryptSvc - ok
11:16:02.0118 0x0d24 [ D8D28F6CABEC7D42B8E487E290563B9A, 620FC20797581CDF4BF3ADF6D13F0904F4EA4C118510815F740E0B6E3ED6FE93 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:16:02.0211 0x0d24 DcomLaunch - ok
11:16:02.0290 0x0d24 [ 54D0B8343CE8C22412A5F29D32EFD211, D78BF09680FF19523C84E862593B45637D91A079C79CAB63A13726E7ACA8ABBF ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
11:16:02.0321 0x0d24 dg_ssudbus - ok
11:16:02.0383 0x0d24 [ 99F2C23ED213C7E0C10A778CB8E98C3B, 4EA22C7660860618FD84811F406FA044B8781D120546E4452CC6BF1B846D6699 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:16:02.0461 0x0d24 Dhcp - ok
11:16:02.0493 0x0d24 [ 47B6AAEC570F2C11D8BAD80A064D8ED1, 83AAFD7D2E44BAD967430AF72ABEC3E8F2985BAF71D06ADFC2B92EC4CD644012 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:16:02.0524 0x0d24 Disk - ok
11:16:02.0555 0x0d24 dmadmin - ok
11:16:02.0633 0x0d24 [ DEC123E0C75971D0CC7A6C6A75E28429, 7520BD43B0CCCC2F17A9BC7E5330341283BAF6DD10828B1CEBD8634C8EBFAA4F ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:16:02.0883 0x0d24 dmboot - ok
11:16:02.0930 0x0d24 [ 7268E66259722F6228C730685B201092, 3B8A38FA33D7C7A523490639B35CF165D512DB6BA64E5F606A54E2C2F12FD121 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:16:03.0133 0x0d24 dmio - ok
11:16:03.0165 0x0d24 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:16:03.0368 0x0d24 dmload - ok
11:16:03.0415 0x0d24 [ 127DB74184E2D3D31655DA525A5EFDE1, 9A632E97AE3C6CD05E36640DFE23420CA1164B5D33E2D849E31CB7BEF104C44C ] dmserver C:\WINDOWS\System32\dmserver.dll
11:16:03.0618 0x0d24 dmserver - ok
11:16:03.0680 0x0d24 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:16:03.0868 0x0d24 DMusic - ok
11:16:03.0899 0x0d24 [ F41AE23847F084F92E283D86C2A9EFCC, 79813051F215CDE3761FFA039771EA52E9178B2C336BCBF057C0A989492CAB7E ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:16:03.0946 0x0d24 Dnscache - ok
11:16:03.0993 0x0d24 [ 90EE765E1A598B578852901F74F914F1, 6A262A9234E1E9A19AF948A5E362F4B43CBC6EF2CCE796D4602D303A519CD545 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:16:04.0211 0x0d24 Dot3svc - ok
11:16:04.0274 0x0d24 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:16:04.0446 0x0d24 drmkaud - ok
11:16:04.0508 0x0d24 [ FE9CB643A034285031502D3369E5A869, 999704A1BDDD391F928901DCE970C48CE5101DA2D9EDFF7EA6DB29A558DEE723 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:16:04.0586 0x0d24 E100B - ok
11:16:04.0649 0x0d24 [ E6BBDEBF7081899D161C773E8D84D015, BD0059A3B9A154F2140F35CBF7402F8BB62260087917DA9DE817DEC161D73B8C ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:16:04.0868 0x0d24 EapHost - ok
11:16:04.0899 0x0d24 [ 2F5C7F650B7AF178988946EE4B0D9C01, 3FF2BAAB10A26A3E7A8DA28BE4689623E603403E4B11191BC66E9E4BA8E3988A ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:16:05.0086 0x0d24 ERSvc - ok
11:16:05.0149 0x0d24 [ D98A222A707FFE40043E533FE7A6BA24, D5609A1744061C1943F4ACEAD0278706FF6CF3D16AB206A38B0FC9B86B1387C2 ] Eventlog C:\WINDOWS\system32\services.exe
11:16:05.0196 0x0d24 Eventlog - ok
11:16:05.0243 0x0d24 [ F6C37073A269C163A5FDAE5BFF47F367, DA88F3336EEF727330B394AF3F039CC906783F00CA51B791CE99DDAC1D0F31F3 ] EventSystem C:\WINDOWS\system32\es.dll
11:16:05.0274 0x0d24 EventSystem - ok
11:16:05.0336 0x0d24 [ 4D893323DAE445E34A4C9038B0551BC9, 39EE6D1EA496568368F7E8167EFE444CAEDD34A760EC9107EC383D8D17485EFD ] exFat C:\WINDOWS\system32\drivers\exFat.sys
11:16:05.0415 0x0d24 exFat - ok
11:16:05.0461 0x0d24 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:16:05.0680 0x0d24 Fastfat - ok
11:16:05.0758 0x0d24 [ C28A9E9D28ACDAF8097BE4578C49559B, 6FAEEC5F6A2484052EB8DA537F0BA842A7D600AE654A55A8142CD6B7C50C97D1 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:16:05.0805 0x0d24 FastUserSwitchingCompatibility - ok
11:16:05.0836 0x0d24 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:16:06.0008 0x0d24 Fdc - ok
11:16:06.0071 0x0d24 [ 8BFFFB5AC954E19DFDB96D56512AA518, D4C2502B8B6A1B79711B817AEB671CBA23FBF8CE77743BD892ABFEB7201963D7 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:16:06.0274 0x0d24 Fips - ok
11:16:06.0305 0x0d24 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:16:06.0508 0x0d24 Flpydisk - ok
11:16:06.0571 0x0d24 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:16:06.0821 0x0d24 FltMgr - ok
11:16:06.0915 0x0d24 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:16:06.0946 0x0d24 FontCache3.0.0.0 - ok
11:16:06.0993 0x0d24 [ 30D42943A54704EF13E2562911DBFCEA, 6E0904E60A2F8B62BD34E5EDA2DA2240DFBCE1288C58CB4D819F0025ECF76763 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:16:07.0024 0x0d24 Fs_Rec - ok
11:16:07.0055 0x0d24 [ FA8CA22E70245C81FF29C36AF56292FC, 29BE006A4F5B125D1D3A556199690CCF0B537917DD004033659141E72CF3AD49 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:16:07.0243 0x0d24 Ftdisk - ok
11:16:07.0305 0x0d24 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:16:07.0336 0x0d24 GEARAspiWDM - ok
11:16:07.0399 0x0d24 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:16:07.0602 0x0d24 Gpc - ok
11:16:07.0680 0x0d24 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:16:07.0711 0x0d24 gupdate - ok
11:16:07.0743 0x0d24 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:16:07.0774 0x0d24 gupdatem - ok
11:16:07.0868 0x0d24 [ 5327BAD9B35C33D2A64B64E4CF282ECD, 766F9BDE4CAAA058F023C35605E3BD0C267F5D1B6A98A0809F33D89708BA9506 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:16:08.0086 0x0d24 helpsvc - ok
11:16:08.0102 0x0d24 HidServ - ok
11:16:08.0149 0x0d24 [ 1FF903FFA2DA1704E5A5443D37D8E49E, AB8B43B8869A3CDDA6931BB670CC8D38B89F95B29F39A5DE92DC7BF75D7891CA ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:16:08.0352 0x0d24 hkmsvc - ok
11:16:08.0430 0x0d24 [ 937031C085718C1C04A9C0864625EC6B, B812A70063750090202D646F466BD7F0377413F74AD109F8097CB2A1FB42466B ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:16:08.0493 0x0d24 HTTP - ok
11:16:08.0555 0x0d24 [ 2529C7BA05242BEED0027F554D0513BB, 5110D3D7A604B1F9606C6E1A6029263943B005E0BFEEC49EFB9E7D31A83B2744 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:16:08.0758 0x0d24 HTTPFilter - ok
11:16:08.0805 0x0d24 [ C43372D0682F8E32E4EC21117E089EC0, 06C546CA6D75D5C660941957163DF1F2109DFDF8F26C3DCE70DAEFF985ABCF97 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:16:08.0993 0x0d24 i8042prt - ok
11:16:09.0055 0x0d24 [ B652FB9DF6345131112BA9351C875B6F, 849ABEAB7FBCBB203D35C36BBAAAE8B7E237E1AF0FED7F08F262C2B3BAA8330D ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
11:16:09.0274 0x0d24 ialm - ok
11:16:09.0399 0x0d24 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:16:09.0477 0x0d24 idsvc - ok
11:16:09.0524 0x0d24 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:16:09.0743 0x0d24 Imapi - ok
11:16:09.0790 0x0d24 [ A117772F94C854DE5D1BBC1F1962B192, 420FB45771FF2E068A9D28B290117E94741D8323F90156B5E3E17C1C35AD05F4 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:16:10.0008 0x0d24 ImapiService - ok
11:16:10.0086 0x0d24 [ 72C63AD984D427D34BD5B9DB838D88EB, 01EC4AB4E705B7DE34CDA438FBA6268FC261F1D87E749D1C300841FD9CB0F3E0 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
11:16:10.0274 0x0d24 IntelIde - ok
11:16:10.0336 0x0d24 [ 2D2254FAC267E6B1C7865E8EBEF60C6D, 0037A5673E8F1CED478BA23BF3C90B08DBCF2FCC291558D2487FF373F5A00B8F ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:16:10.0540 0x0d24 intelppm - ok
11:16:10.0571 0x0d24 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:16:10.0758 0x0d24 Ip6Fw - ok
11:16:10.0805 0x0d24 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:16:10.0993 0x0d24 IpFilterDriver - ok
11:16:11.0040 0x0d24 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:16:11.0243 0x0d24 IpInIp - ok
11:16:11.0290 0x0d24 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:16:11.0477 0x0d24 IpNat - ok
11:16:11.0571 0x0d24 [ 061614179585BE398A73B9B3AF111310, BE715790531CBF3E038C6C2083A0802FA492D1DCAB3ACFE035DF72E3D6A4B83B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:16:11.0618 0x0d24 iPod Service - ok
11:16:11.0680 0x0d24 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:16:11.0899 0x0d24 IPSec - ok
11:16:11.0946 0x0d24 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:16:12.0055 0x0d24 IRENUM - ok
11:16:12.0133 0x0d24 [ 0B78E1A31340E1FB1E389D5633F7C3A0, A6BCA5940E5F89602BBB127481CF48E39E7834375D13947A047336E136ADFDA7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:16:12.0321 0x0d24 isapnp - ok
11:16:12.0368 0x0d24 [ 380397621E94B32C744E7B2CC1330390, 6215E8F881642E798D6F2ABC01605D78696B1AA0D3A50C243BB061BFF9AC7BC3 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:16:12.0571 0x0d24 Kbdclass - ok
11:16:12.0618 0x0d24 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:16:12.0836 0x0d24 kmixer - ok
11:16:12.0899 0x0d24 [ C6EBF1D6AD71DF30DB49B8D3287E1368, 09A8F5BCE774BA8881195AB390692048C3B05EDC8C0BF3ACBC673FD391A29D72 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:16:12.0993 0x0d24 KSecDD - ok
11:16:13.0055 0x0d24 [ AB3C73CFC4D21540C51671EDF6E2C989, EA2B83DA23AC3169DA3682AA45E9A215AEDBF9C24A908C1A3BC24DAA16042174 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
11:16:13.0118 0x0d24 LanmanServer - ok
11:16:13.0165 0x0d24 [ F2BB3D20CD27EE6ED1FD5954DE629441, 2D72EB11E82281806AA0592A6A93C8448401B56A1D7EA2882CE697734A19B02B ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:16:13.0227 0x0d24 lanmanworkstation - ok
11:16:13.0243 0x0d24 lbrtfdc - ok
11:16:13.0305 0x0d24 [ 91AE20C5C2776C511994AA1308C05283, BF085E2F5974404336475CC2E159F4524015AA01B0C76C176AC398DD30AD90A6 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:16:13.0493 0x0d24 LmHosts - ok
11:16:13.0540 0x0d24 [ C56A45A03DCA11712DE9FDF98224230B, A1D1F5B12736A9A4300E554930FC11DAFFD901C8ACFC0994BA6FF4A304BCF2CA ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:16:13.0758 0x0d24 Messenger - ok
11:16:13.0805 0x0d24 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:16:13.0993 0x0d24 mnmdd - ok
11:16:14.0040 0x0d24 [ 5B1D994DCF1895AFA27600E46A2F0FEA, C43E8CEC5865C0EC4BD4E48980C85D6BA7E80A9F702B6E559FE4DCCC16F655C3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:16:14.0243 0x0d24 mnmsrvc - ok
11:16:14.0305 0x0d24 [ 8114EEAC353F549331AB73E9AF4219ED, 60B2FC56A2CF6335CFAA62154743863716CBAFEF38A716C755FAC74790C22C56 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:16:14.0477 0x0d24 Modem - ok
11:16:14.0508 0x0d24 [ 1A4E2214DD63E4A876463D3427EE8261, E3C137E1A05F46170538D1A2FC23F146A75FA556ADCC1CD48CE6FE412B41DBC5 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:16:14.0696 0x0d24 Mouclass - ok
11:16:14.0743 0x0d24 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:16:14.0930 0x0d24 MountMgr - ok
11:16:15.0008 0x0d24 [ 3121304FEBE28A90AF199DBF1AFD4518, 95B5188B71ADB8934183828C2AEEF16620CB5C97C7141DF4A7140D72B79210D9 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:16:15.0086 0x0d24 MozillaMaintenance - ok
11:16:15.0149 0x0d24 [ 4FEFD389D71126EE581B9F9CB2918BE4, 64C527DEFF0F8B6CB0318B14BC7F34F8221D8FF6D5A128F9C2C4779537245F7B ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:16:15.0211 0x0d24 MRxDAV - ok
11:16:15.0274 0x0d24 [ FB2FCCC70F7174C7BF64F48E96D3ADF4, 484B4DF0A500CAE8AFA4F3A6393615A3963D91C95939025DF1A172C9A67D951D ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:16:15.0368 0x0d24 MRxSmb - ok
11:16:15.0430 0x0d24 [ 21EA21984D7D1AD50DB2E627020AB14C, 5F0BA1973B30CCEE1FED562BA47B2F5E03A7F0EDB1A24200F2B14FE562D021A3 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:16:15.0633 0x0d24 MSDTC - ok
11:16:15.0696 0x0d24 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:16:15.0883 0x0d24 Msfs - ok
11:16:15.0899 0x0d24 MSIServer - ok
11:16:15.0946 0x0d24 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:16:16.0133 0x0d24 MSKSSRV - ok
11:16:16.0165 0x0d24 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:16:16.0383 0x0d24 MSPCLOCK - ok
11:16:16.0415 0x0d24 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:16:16.0602 0x0d24 MSPQM - ok
11:16:16.0665 0x0d24 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:16:16.0852 0x0d24 mssmbios - ok
11:16:16.0883 0x0d24 [ F7B1AD991491F02AF6DA70B00B8BF114, 4EF6B2FF3138CB461D631EB9395C52DE4075B58E8A3C13847A3AFF591536CA72 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:16:16.0946 0x0d24 Mup - ok
11:16:17.0008 0x0d24 [ 87E394C810794D3C70CF22E8316CB23E, D8CDEB692AA52FC647059F268E075092A213DC1AE70F406589728EF9C7BD28D8 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:16:17.0196 0x0d24 napagent - ok
11:16:17.0258 0x0d24 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:16:17.0461 0x0d24 NDIS - ok
11:16:17.0493 0x0d24 [ 091735A5F20ACB1DC147383A905AE002, 71F5EA1B762B304AE46284F80F9AABF5EAB890C9CC5F257AC84D3ABF4268B3D3 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:16:17.0555 0x0d24 NdisTapi - ok
11:16:17.0602 0x0d24 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:16:17.0774 0x0d24 Ndisuio - ok
11:16:17.0836 0x0d24 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:16:18.0024 0x0d24 NdisWan - ok
11:16:18.0055 0x0d24 [ 816460BD4B4ACD27937D1D0813E2E9E9, 71574BC38CF392E8BB158C6B61430F0472DF1926BF71481D72E380D1D7B94B64 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:16:18.0102 0x0d24 NDProxy - ok
11:16:18.0149 0x0d24 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:16:18.0336 0x0d24 NetBIOS - ok
11:16:18.0368 0x0d24 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:16:18.0555 0x0d24 NetBT - ok
11:16:18.0602 0x0d24 [ DC6BAE085E9B3C2F3A963ED46791FEAB, BC9B8C4C3E9EB70C8A15125ACE8A0CE9B8455337334860BB02815AE8A4669469 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:16:18.0805 0x0d24 NetDDE - ok
11:16:18.0821 0x0d24 [ DC6BAE085E9B3C2F3A963ED46791FEAB, BC9B8C4C3E9EB70C8A15125ACE8A0CE9B8455337334860BB02815AE8A4669469 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:16:19.0024 0x0d24 NetDDEdsdm - ok
11:16:19.0071 0x0d24 [ 8754210A3399D19610CE2D71E0C3E5D9, B10B28B559B447CC9DF317F222BB7641A7317001DA631371E6E6A928D67276A9 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:16:19.0243 0x0d24 Netlogon - ok
11:16:19.0321 0x0d24 [ 5431FB616ECAE0D587C5B97D0B86CBD8, 81B79A2C37118794C8D466084287F4DB7216A1BDD9D65901B3C5E9EA91A134EB ] Netman C:\WINDOWS\System32\netman.dll
11:16:19.0524 0x0d24 Netman - ok
11:16:19.0571 0x0d24 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:16:19.0602 0x0d24 NetTcpPortSharing - ok
11:16:19.0680 0x0d24 [ 18740E8EC5BE4B6D66FA0E4CBFD3B9C6, 073952B1668964BE9ADE6BC2BDFBF30C847038BB9DA1BC031B0B6E7728E53440 ] Nla C:\WINDOWS\System32\mswsock.dll
11:16:19.0727 0x0d24 Nla - ok
11:16:19.0758 0x0d24 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:16:19.0930 0x0d24 Npfs - ok
11:16:19.0993 0x0d24 [ A0857C97770034FD2AF17DC4014B5ABD, 3A325399DD8A384F1EEB2340FB5CA54FCE7360C9A02E8ADB6DE2EF3CFD805A92 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:16:20.0368 0x0d24 Ntfs - ok
11:16:20.0415 0x0d24 [ 8754210A3399D19610CE2D71E0C3E5D9, B10B28B559B447CC9DF317F222BB7641A7317001DA631371E6E6A928D67276A9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:16:20.0586 0x0d24 NtLmSsp - ok
11:16:20.0633 0x0d24 [ AC1A78237B53044735693633F8235468, 9F5168E92C4897DD0F6744653FB22DEDC8EC83ACE32F3C50D20CF114FA992E01 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:16:20.0899 0x0d24 NtmsSvc - ok
11:16:20.0961 0x0d24 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
11:16:21.0118 0x0d24 Null - ok
11:16:21.0165 0x0d24 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:16:21.0352 0x0d24 NwlnkFlt - ok
11:16:21.0383 0x0d24 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:16:21.0571 0x0d24 NwlnkFwd - ok
11:16:21.0633 0x0d24 [ E3934CCC20A4D24F1924E13D36D2A5BD, 6681AB6061A5DD28C0DFDDBBF5967A936E67765DD5A77B3F109FE07C6AF5E186 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:16:21.0821 0x0d24 Parport - ok
11:16:21.0852 0x0d24 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:16:22.0055 0x0d24 PartMgr - ok
11:16:22.0102 0x0d24 [ 1EADE28746A64C21E0A808BB12A63326, 88A2E7101B9582DCCF310F128536C24856727A0DE3E5D4D7404CBE79BCC36CF9 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:16:22.0290 0x0d24 ParVdm - ok
11:16:22.0336 0x0d24 [ 3B166F9F753C21AEDAA9A6BD76B49655, DD6F13D856890D9CAD83C21BA5C7EEC0D8FBA2EE3678C5F07FE15DDDD5EA4926 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:16:22.0586 0x0d24 PCI - ok
11:16:22.0618 0x0d24 PCIDump - ok
11:16:22.0633 0x0d24 [ B31EDEBA4DA28283F6B8DC4756FB9585, 3B296A4A5DFD6A11D6A99A96D84E0DDEA4737C4B09595B82D256CAB4EC1BFC1B ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:16:22.0836 0x0d24 PCIIde - ok
11:16:22.0883 0x0d24 [ 2137FFD65F8E609A3A5ACD487C56CCE0, D754BED7C3B13662AC95BE0F234AFB6565BC7EC69DFECF03DA65469DBA974D2D ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:16:23.0071 0x0d24 Pcmcia - ok
11:16:23.0086 0x0d24 PDCOMP - ok
11:16:23.0102 0x0d24 PDFRAME - ok
11:16:23.0118 0x0d24 PDRELI - ok
11:16:23.0149 0x0d24 PDRFRAME - ok
11:16:23.0211 0x0d24 [ D98A222A707FFE40043E533FE7A6BA24, D5609A1744061C1943F4ACEAD0278706FF6CF3D16AB206A38B0FC9B86B1387C2 ] PlugPlay C:\WINDOWS\system32\services.exe
11:16:23.0243 0x0d24 PlugPlay - ok
11:16:23.0274 0x0d24 [ 8754210A3399D19610CE2D71E0C3E5D9, B10B28B559B447CC9DF317F222BB7641A7317001DA631371E6E6A928D67276A9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:16:23.0446 0x0d24 PolicyAgent - ok
11:16:23.0477 0x0d24 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:16:23.0665 0x0d24 PptpMiniport - ok
11:16:23.0680 0x0d24 [ 8754210A3399D19610CE2D71E0C3E5D9, B10B28B559B447CC9DF317F222BB7641A7317001DA631371E6E6A928D67276A9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:16:23.0883 0x0d24 ProtectedStorage - ok
11:16:23.0899 0x0d24 [ D8E11D311785F89F1D70A28B0E879127, 8DC3BB4C2238960A47D601CC0B6E2D07EE6C8B5D3852A9908803F89B01F715FB ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:16:23.0993 0x0d24 PSched - ok
11:16:24.0040 0x0d24 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:16:24.0243 0x0d24 Ptilink - ok
11:16:24.0305 0x0d24 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:16:24.0336 0x0d24 PxHelp20 - ok
11:16:24.0399 0x0d24 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:16:24.0586 0x0d24 RasAcd - ok
11:16:24.0633 0x0d24 [ 0575D034B1292CA3A9BB9F67A8EE289C, 85F9964CEC39F4FFA704C995ECB18995A20FDFB110841867486F9EF3164A8775 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:16:24.0852 0x0d24 RasAuto - ok
11:16:24.0899 0x0d24 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:16:25.0071 0x0d24 Rasl2tp - ok
11:16:25.0102 0x0d24 [ 9E7E2DF6971A5F00102BE3F901CC3BDC, AFD5ECDAF59228A2F51E8F195F4E96C7C1D26740DA7EA4B1F6E491C16EF8B34B ] RasMan C:\WINDOWS\System32\rasmans.dll
11:16:25.0305 0x0d24 RasMan - ok
11:16:25.0336 0x0d24 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:16:25.0524 0x0d24 RasPppoe - ok
11:16:25.0571 0x0d24 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:16:25.0758 0x0d24 Raspti - ok
11:16:25.0805 0x0d24 [ 9629383F70DB691CB6AA5BBD828CD9A9, 972D3355CE74DFBD9B0C8749EE5B456CBDB1EC5D625858A602AED798E0C8D358 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:16:25.0915 0x0d24 Rdbss - ok
11:16:25.0961 0x0d24 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:16:26.0133 0x0d24 RDPCDD - ok
11:16:26.0211 0x0d24 [ C7D9BC54354B8C706ABF172D48313F1B, 48065B6914F29AAA3010CCBC78A3ED4ADC25C98D2E6778559DCCF986FA36E21E ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:16:26.0274 0x0d24 RDPWD - ok
11:16:26.0321 0x0d24 [ EA9FDF71D696B532BDC44C8BFF03A737, 2D2FFC96F2A88327142EF817AA8D7F62DD9E94555E82292D8933786AF332FA33 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:16:26.0524 0x0d24 RDSessMgr - ok
11:16:26.0618 0x0d24 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
11:16:26.0649 0x0d24 RealNetworks Downloader Resolver Service - ok
11:16:26.0696 0x0d24 [ 4173BC66E485FD77A03C4819F60BD0DA, FDC4C5ACA5305CCDB1B665D1711A57BB16A9B373913E4B36F32AA159A0A069E3 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:16:26.0915 0x0d24 redbook - ok
11:16:26.0930 0x0d24 [ 4007ABF5D9BF0E55451D775443D1F985, EC3BCFCC9629BC6E809A025A0589F2FD96F628CD6B4ED7AC8A1A007832D418DD ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:16:27.0149 0x0d24 RemoteAccess - ok
11:16:27.0196 0x0d24 [ BE078F8F7EC2491EFDD79A53353A060F, AC4630E5AC360D0A5C7EE92AA1FEE2F91F5B4FC59CF1F96F03F6EF09D65C9623 ] RpcLocator C:\WINDOWS\system32\locator.exe
11:16:27.0383 0x0d24 RpcLocator - ok
11:16:27.0430 0x0d24 [ D8D28F6CABEC7D42B8E487E290563B9A, 620FC20797581CDF4BF3ADF6D13F0904F4EA4C118510815F740E0B6E3ED6FE93 ] RpcSs C:\WINDOWS\System32\rpcss.dll
11:16:27.0493 0x0d24 RpcSs - ok
11:16:27.0555 0x0d24 [ 743D7D59767073A617B1DCC6C546F234, DE08EEC475F97F616BACF125B441B3542CEA3B017E2E98D94BE9FB1E13D13C99 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
11:16:27.0618 0x0d24 rspndr - ok
11:16:27.0680 0x0d24 [ AD1B5F1B99FFF08C99F443D784711A81, 1BE13FE1E1E45F6D3C4E73BB85D7DD509BCA384B36FC07498A0C5F4BD93B8B20 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:16:27.0883 0x0d24 RSVP - ok
11:16:27.0899 0x0d24 [ 8754210A3399D19610CE2D71E0C3E5D9, B10B28B559B447CC9DF317F222BB7641A7317001DA631371E6E6A928D67276A9 ] SamSs C:\WINDOWS\system32\lsass.exe
11:16:28.0102 0x0d24 SamSs - ok
11:16:28.0211 0x0d24 [ 230FD3749904CA045EA5EC0AA14006E9, D7C79238F862B471740AFF4CC3982658D1339795E9EC884A8921EFE2E547D7C3 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\WNt500x86\Sandra.sys
11:16:28.0243 0x0d24 SANDRA - ok
11:16:28.0290 0x0d24 [ CD23C3C62D0C20CC272BD421F2A3D002, 6A5982B385335850AF558EB7F1C9A6F66C7F1981BE5B1D27B9B579C87E16FA65 ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe
11:16:28.0321 0x0d24 SandraAgentSrv - detected UnsignedFile.Multi.Generic ( 1 )
11:16:28.0321 0x0d24 Detect skipped due to KSN trusted
11:16:28.0321 0x0d24 SandraAgentSrv - ok
11:16:28.0368 0x0d24 [ 1B4CD62174E907C7EF8EC5D4D0A2A616, 9BC82E5FB7A1604CE6FB7DBFF8AF58ABDCD7A8AE01EC62CBAC9996D838CC36AB ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:16:28.0555 0x0d24 SCardSvr - ok
11:16:28.0633 0x0d24 [ 7C288AE0F75CB18CFF1DF6179A67AD8F, D4B7A1B7BD5B239A7B1E6AF1AA28116FB337765EACEA5357A0EF76AAC53216E1 ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:16:28.0852 0x0d24 Schedule - ok
11:16:28.0899 0x0d24 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:16:29.0040 0x0d24 Secdrv - ok
11:16:29.0071 0x0d24 [ 6983665BEA867125B1DA5757CD8B2F9D, EDAE386791F5B390EB1705ED0EE7F67259BC6C0EC8785C0E1161E7C0984EDE64 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:16:29.0243 0x0d24 seclogon - ok
11:16:29.0274 0x0d24 [ F6EC8F1E50E40237BDDEE1CB7FE20B42, 9DAD21F8B052F189F411DB5BD3DE19E3788D5D4ACEF320AC7E188A7A48A77FCA ] SENS C:\WINDOWS\system32\sens.dll
11:16:29.0446 0x0d24 SENS - ok
11:16:29.0477 0x0d24 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:16:29.0649 0x0d24 Serenum - ok
11:16:29.0696 0x0d24 [ 92C21762653BB2CE51147EB8A9AA654F, F8B7C7053D66C3ED8F891F5CEF1D8B208A95805CD74CFD1740B4A2F794808B1D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:16:29.0883 0x0d24 Serial - ok
11:16:30.0008 0x0d24 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:16:30.0180 0x0d24 Sfloppy - ok
11:16:30.0243 0x0d24 [ FB728CFE87FF4A3ABA0AA526B553D877, A1ABDAC01307C459198E409A3DBB4D918A9CBD746CF8FD5C22E48EEBE0E436F3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:16:30.0336 0x0d24 SharedAccess - ok
11:16:30.0368 0x0d24 [ C28A9E9D28ACDAF8097BE4578C49559B, 6FAEEC5F6A2484052EB8DA537F0BA842A7D600AE654A55A8142CD6B7C50C97D1 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:16:30.0415 0x0d24 ShellHWDetection - ok
11:16:30.0430 0x0d24 Simbad - ok
11:16:30.0508 0x0d24 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
11:16:30.0571 0x0d24 SkypeUpdate - ok
11:16:30.0649 0x0d24 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:16:30.0836 0x0d24 splitter - ok
11:16:30.0915 0x0d24 [ 258DD5D4283FD9F9A7166BE9AE45CE73, 05369C6943ADFF081B06400ADC4D26FEC81972B53F11AD079F51412AD07C2978 ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:16:30.0977 0x0d24 Spooler - ok
11:16:31.0024 0x0d24 [ 64D2A7640E0767ECD3BCB38D3200E7CE, B1F5662A2A4F0587CBD5058358B3C0E30E258C995FB2E902165FAB76571E66C9 ] Sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:16:31.0118 0x0d24 Sr - ok
11:16:31.0165 0x0d24 [ 81CBF363C414620CAA61BD6843D8FDB9, AA1552BF9D7B21DB7B1D9AF9D53FE1DC90150F03035F21999715F95BE0E2EE6A ] srservice C:\WINDOWS\system32\srsvc.dll
11:16:31.0258 0x0d24 srservice - ok
11:16:31.0321 0x0d24 [ 9B390283569EA58D43D2586032B892F5, FADC0AD9D8F715290F02A6A59B284A6AD53C5BD13933B1D3ECC03C558C9D5885 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:16:31.0446 0x0d24 Srv - ok
11:16:31.0493 0x0d24 [ 5B9D0DE64BE96A806819516440FD211C, 5C632D05A83F8C4BCD3E412F4ECDBA1D00B48F0A162B305940E6396D765F27F0 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:16:31.0602 0x0d24 SSDPSRV - ok
11:16:31.0649 0x0d24 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
11:16:31.0680 0x0d24 ssmdrv - ok
11:16:31.0743 0x0d24 [ D2C02234E3E87EA5FE420F045068099B, A5BFB342FFF50E6EAF5586A72BCBE56E9DA4F7AE612EDE7D20D77DB59472D3FE ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
11:16:31.0774 0x0d24 ssudmdm - ok
11:16:31.0821 0x0d24 [ E97F09A7EC9C45B7060FE45BC620766C, 176C8BAE7CB69A2174F5BBF01A04B214DCE1EF01B83C547F6C3F71CAC94E63B4 ] ssudserd C:\WINDOWS\system32\DRIVERS\ssudserd.sys
11:16:31.0852 0x0d24 ssudserd - ok
11:16:31.0946 0x0d24 [ 88E96A39A11B0EDE2876926EE5B2564B, 3F49A28F53788DA6FC9F97C98F2B9031AEB09C6795D3EA2A8F5C668F532C0F35 ] STAC97NA C:\WINDOWS\system32\drivers\stac97na.sys
11:16:32.0024 0x0d24 STAC97NA - ok
11:16:32.0086 0x0d24 [ 0383587C1597BB1D1B79485BE8F12177, 6D0313933BFC343986F7829EBBDEFCFBCCF4FF14F72E3BBA04B2D7D7238FC84D ] STAC97NH C:\WINDOWS\system32\drivers\stac97nh.sys
11:16:32.0133 0x0d24 STAC97NH - ok
11:16:32.0165 0x0d24 [ 5AE996186D2DC694FEF88F14A3FC9242, 496C74364C750DA0851647B08DF731DFED2E2CD0BDB795C0E48821F457D2DD9A ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:16:32.0399 0x0d24 stisvc - ok
11:16:32.0461 0x0d24 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:16:32.0649 0x0d24 swenum - ok
11:16:32.0696 0x0d24 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:16:32.0899 0x0d24 swmidi - ok
11:16:32.0915 0x0d24 SwPrv - ok
11:16:32.0946 0x0d24 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:16:33.0165 0x0d24 sysaudio - ok
11:16:33.0227 0x0d24 [ 251EAE7C56C6AB9490311A3C9757E18D, C79FE215747798A82E1719453DE67CF9DBB09C524667E229AFE9FA16638FDB05 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:16:33.0415 0x0d24 SysmonLog - ok
11:16:33.0461 0x0d24 [ ABAEC91155E18BE1215B9170EE6B2F13, EE24F9B07760D3737B5E019A65EC27537D4D5E9677B2856FA5CEFF30681C578F ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:16:33.0508 0x0d24 TapiSrv - ok
11:16:33.0555 0x0d24 [ AD978A1B783B5719720CFF204B666C8E, FA50A3664522C58E1637C06731B9CB9D56FF14F0A5F8AB496A1945585E8A2C16 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:16:33.0649 0x0d24 Tcpip - ok
11:16:33.0696 0x0d24 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:16:33.0899 0x0d24 TDPIPE - ok
11:16:33.0930 0x0d24 [ C0578456F29E5F26285F81B7B71FE57D, D1744D3C242E014EBB242FFA2F21AE9398D7568A23E443855A94DF14D1A72885 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:16:34.0008 0x0d24 TDTCP - ok
11:16:34.0055 0x0d24 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:16:34.0243 0x0d24 TermDD - ok
11:16:34.0321 0x0d24 [ E0AEF86A594C9990D6321C5CA239C5B7, 30C45E48F0A3A2D5D3518AEBFB99D3AD4426BD358FC9239E93FD8481BFBB03BF ] TermService C:\WINDOWS\System32\termsrv.dll
11:16:34.0524 0x0d24 TermService - ok
11:16:34.0571 0x0d24 [ C28A9E9D28ACDAF8097BE4578C49559B, 6FAEEC5F6A2484052EB8DA537F0BA842A7D600AE654A55A8142CD6B7C50C97D1 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:16:34.0602 0x0d24 Themes - ok
11:16:34.0618 0x0d24 TosIde - ok
11:16:34.0680 0x0d24 [ 20655E8CA1C78BC7088B18E93806D21B, 91B6B9058C1933972484210DB9BEAA3EA74F359494B7286EFDA6370BCEA913A4 ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:16:34.0868 0x0d24 TrkWks - ok
11:16:34.0946 0x0d24 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:16:35.0102 0x0d24 Udfs - ok
11:16:35.0196 0x0d24 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:16:35.0383 0x0d24 Update - ok
11:16:35.0430 0x0d24 [ 01653D6C9604F1FB31A76EC94E08954F, C778076DBBFD38FFEFA7D2113D92A394CC1E7AAEA1530E488A8AB055BE5BEAC7 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:16:35.0524 0x0d24 upnphost - ok
11:16:35.0540 0x0d24 [ A89796DD0DE24CF03B3A39407E1F46A3, 3866F5C649591F1630EE414B0FC6661DF9F2B0DF71821CB4C711D1728205CC82 ] UPS C:\WINDOWS\System32\ups.exe
11:16:35.0711 0x0d24 UPS - ok
11:16:35.0758 0x0d24 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:16:35.0821 0x0d24 usbccgp - ok
11:16:35.0852 0x0d24 [ 52674B5DBEE499342A599C7771ABECAA, A8F3FB78DAB0E7187FD07CB7CEA72862DB4BC115F347ABEB9E155BB4CF34A671 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:16:35.0899 0x0d24 usbehci - ok
11:16:35.0961 0x0d24 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:16:36.0149 0x0d24 usbhub - ok
11:16:36.0196 0x0d24 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:16:36.0383 0x0d24 USBSTOR - ok
11:16:36.0446 0x0d24 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:16:36.0602 0x0d24 usbuhci - ok
11:16:36.0665 0x0d24 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:16:36.0836 0x0d24 VgaSave - ok
11:16:36.0836 0x0d24 ViaIde - ok
11:16:36.0868 0x0d24 [ 8AB662B3C4691E6DDF61C96BB5B7D103, 362142C9684A3FDA7DDBE1B2FACD7BD0FC403BF30BB549D173F6805A42C932E7 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:16:37.0040 0x0d24 VolSnap - ok
11:16:37.0071 0x0d24 [ A585EDD6965B301DE8A45C6768C7C215, A506F4C1333CDB4C48CE3571A75F3751081FBC422AEE61C927C3E9796568F249 ] VSS C:\WINDOWS\System32\vssvc.exe
11:16:37.0211 0x0d24 VSS - ok
11:16:37.0258 0x0d24 [ 99BDD2DFF6F04482B738A90D74688212, AC98F4A73DA1DB63A6DC97324CE5511B3B06E878703CEBB3FF1FB48089987C50 ] W32Time C:\WINDOWS\system32\w32time.dll
11:16:37.0290 0x0d24 W32Time - ok
11:16:37.0336 0x0d24 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:16:37.0524 0x0d24 Wanarp - ok
11:16:37.0540 0x0d24 WDICA - ok
11:16:37.0571 0x0d24 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:16:37.0743 0x0d24 wdmaud - ok
11:16:37.0805 0x0d24 [ 33D8E2812054D97A0AEC9B8F04277927, B30A5CB97B14DF9B9F94C6C9FC7A415458EDD85C46B085E0A51F304795CCF698 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:16:37.0977 0x0d24 WebClient - ok
11:16:38.0086 0x0d24 [ F9E105F369C18E4001E0C05AAF600D73, EDA4AE346832CA7D3A0AC18DFE6470B57F33C7235252E0C3D2DF2418236F443B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:16:38.0290 0x0d24 winmgmt - ok
11:16:38.0399 0x0d24 [ 250F8D15406269CB3A690B4A4859D92D, 69A60906D65680B91A907727D99794C809E00CA2C9D4C1FB3CD78CD68CE6CFA0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
11:16:38.0540 0x0d24 WinRM - ok
11:16:38.0602 0x0d24 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
11:16:38.0680 0x0d24 WmdmPmSN - ok
11:16:38.0758 0x0d24 [ 87F11D161207C7063EDABAC0AADC33C3, 60BD9AC3EE591DDCAEACFD085937779732A7D36513059DFB01941C98DC296504 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:16:38.0930 0x0d24 WmiApSrv - ok
11:16:39.0055 0x0d24 [ 79A01ACD485687EE602411A06B63A9A5, 60B39E95BA8389F29CEEF2A5F118ADF16E2CEE66B63A094E18A4F00C51EB3838 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:16:39.0180 0x0d24 WMPNetworkSvc - ok
11:16:39.0227 0x0d24 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:16:39.0274 0x0d24 WpdUsb - ok
11:16:39.0352 0x0d24 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:16:39.0430 0x0d24 WPFFontCache_v0400 - ok
11:16:39.0461 0x0d24 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:16:39.0649 0x0d24 WS2IFSL - ok
11:16:39.0696 0x0d24 [ 843F7FA8EA38E6A4262976DCC994C81A, E3429581BA18910CC658449EA763CE7A2EE949BD65D43B177B0402A6037C4A46 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:16:39.0868 0x0d24 wscsvc - ok
11:16:39.0930 0x0d24 [ 02E4055488047729B333F99D93877038, DE0C57AE8B828537B57D9EADEDEE3AAEBE5484A6C5A3FBE827F80987CDC0C5B2 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:16:39.0946 0x0d24 wuauserv - ok
11:16:40.0008 0x0d24 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:16:40.0071 0x0d24 WudfPf - ok
11:16:40.0102 0x0d24 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:16:40.0149 0x0d24 WudfRd - ok
11:16:40.0211 0x0d24 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:16:40.0258 0x0d24 WudfSvc - ok
11:16:40.0352 0x0d24 [ 991E417C2D3D07260757F165A8F40589, 218E373959E7865A883E22D45662F7A06C82EA6194A71C9588806A8BF38EA8CE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:16:40.0477 0x0d24 WZCSVC - ok
11:16:40.0524 0x0d24 [ FD3C38635808920F8235BF2FED642F54, 1A9218967EE6E30F6DABE026E22478067B72E59FEE2EA9CD142859F138A42CF8 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:16:40.0727 0x0d24 xmlprov - ok
11:16:40.0790 0x0d24 [ 9595EE81566A9EC4A96A6D5E2533E4F3, 175805B9A2A9F9ED60E28C6701F1F2BD933E8E38FD0A363F8B55E0666BE80FFD ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys
11:16:40.0852 0x0d24 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
11:16:40.0868 0x0d24 [ 5CC069889A922ED647145FCA8371E545, D54DC22258E5A3E7AD1F475E5AAECEFD37AB581CA760CC60B32CFD6A53E9FE8C ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys
11:16:40.0915 0x0d24 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
11:16:40.0930 0x0d24 ================ Scan global ===============================
11:16:40.0993 0x0d24 [ 953AD498333B03F7CE547151F96EF241, 15717B634AE15981714A7ACF02417A4EF80C72EEF355FC728E41B3DA36553434 ] C:\WINDOWS\system32\basesrv.dll
11:16:41.0040 0x0d24 [ 67F101FCFF1F46DFA9F41AD1B968509D, BDC495406582BCF5EF4BFAD307BAE59CADE230966427F54D6543F037F782AA27 ] C:\WINDOWS\system32\winsrv.dll
11:16:41.0086 0x0d24 [ 67F101FCFF1F46DFA9F41AD1B968509D, BDC495406582BCF5EF4BFAD307BAE59CADE230966427F54D6543F037F782AA27 ] C:\WINDOWS\system32\winsrv.dll
11:16:41.0149 0x0d24 [ D98A222A707FFE40043E533FE7A6BA24, D5609A1744061C1943F4ACEAD0278706FF6CF3D16AB206A38B0FC9B86B1387C2 ] C:\WINDOWS\system32\services.exe
11:16:41.0149 0x0d24 [ Global ] - ok
11:16:41.0165 0x0d24 ================ Scan MBR ==================================
11:16:41.0196 0x0d24 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0
11:16:41.0461 0x0d24 \Device\Harddisk0\DR0 - ok
11:16:41.0493 0x0d24 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk1\DR1
11:16:41.0883 0x0d24 \Device\Harddisk1\DR1 - ok
11:16:41.0883 0x0d24 ================ Scan VBR ==================================
11:16:41.0899 0x0d24 [ 4C0D9503A4EC2FB404390C7EF0A74ACC ] \Device\Harddisk0\DR0\Partition1
11:16:41.0899 0x0d24 \Device\Harddisk0\DR0\Partition1 - ok
11:16:41.0915 0x0d24 [ 6853D9BB3DBC917F9E35F296FF002377 ] \Device\Harddisk1\DR1\Partition1
11:16:41.0915 0x0d24 \Device\Harddisk1\DR1\Partition1 - ok
11:16:41.0961 0x0d24 AV detected via SS1: Avira Desktop, 13.6.20.2100, disabled, updated
11:16:41.0961 0x0d24 Win FW state via NFM: enabled
11:16:44.0508 0x0d24 ============================================================
11:16:44.0508 0x0d24 Scan finished
11:16:44.0508 0x0d24 ============================================================
11:16:44.0524 0x07e0 Detected object count: 0
11:16:44.0524 0x07e0 Actual detected object count: 0
  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
OK. You might want to go through your junk pile and see if you can find a good hard drive or two and then clone the sick drives so when they fail you can just change them out.

Looking at the alarms:

Log: 'System' Date/Time: 21/10/2013 10:29:00
Type: Waarschuwing Category: 0
Event: 18 Source: avgntflt
TIMEOUT<svchost.exe> C:\WINDOWS\system32\wuapi.dll

Log: 'System' Date/Time: 21/10/2013 10:28:28
Type: Waarschuwing Category: 0
Event: 18 Source: avgntflt
TIMEOUT<Kies.exe> C:\...iceProcess.resources.dll


These are from Avira. It is complaining that it tried to scan these files and it took too long. It might mean malware or it might be caused by the hard drive errors or it might just be that the PC was busy. We will let OTL look at them more closely along with the two files that Combofix is complaining about.

Copy the text in the code box:

/md5start
ntdll.dll
sfcfiles.dll
wuapi.dll
system.serviceProcess.resources.dll
/md5stop


Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.
  • 0

#10
Admirgency

Admirgency

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Visitors and the less responsble employees don't complain about the public computers so in their eyes they're working allright.

If this HD can't be used anymore we'll just swich the computer with another computer from the junkpile. I won't be switching harddrives. There's no important data on these public computers annyway. The music in Itunes is my own and is backed up a long time ago.

OTL logfile created on: 26-10-2013 15:48:21 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Eigenaar\Bureaublad
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

503,48 Mb Total Physical Memory | 291,58 Mb Available Physical Memory | 57,91% Memory free
1,20 Gb Paging File | 0,78 Gb Available in Paging File | 65,06% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38,28 Gb Total Space | 16,46 Gb Free Space | 43,00% Space Free | Partition Type: NTFS
Drive D: | 38,28 Gb Total Space | 38,18 Gb Free Space | 99,74% Space Free | Partition Type: NTFS

Computer Name: EIGENAAR-PC | User Name: Eigenaar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-10-16 15:44:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-6-OTL.exe
PRC - [2013-10-13 13:03:52 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013-09-19 18:50:02 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013-09-19 15:14:24 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013-09-19 15:14:07 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013-09-19 15:14:06 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013-09-19 15:14:02 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013-09-19 15:14:01 | 000,347,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013-08-22 06:39:36 | 000,084,576 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2013-08-14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012-02-15 17:06:07 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013-08-14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2013-04-21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013-04-21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013-03-24 13:17:17 | 000,397,704 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013-10-10 15:57:11 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-10-10 10:34:45 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-09-19 15:14:24 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013-09-19 15:14:07 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013-09-19 15:14:02 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013-09-05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-08-14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2008-10-02 11:22:20 | 000,071,832 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe -- (SandraAgentSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Eigenaar\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013-09-19 15:14:33 | 000,136,672 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013-09-19 15:14:33 | 000,088,840 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013-06-24 09:53:59 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013-06-21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2013-06-21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013-06-21 02:07:52 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013-03-24 13:17:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011-06-02 10:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009-08-07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2002-07-07 13:53:32 | 000,296,179 | ---- | M] (SigmaTel Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97na.sys -- (STAC97NA)
DRV - [2002-07-07 13:52:46 | 000,231,983 | ---- | M] (SigmaTel Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97nh.sys -- (STAC97NH)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 88 1D 78 FF 7D 95 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {B16C97B2-33E0-42CA-96F9-E7A70567AA27}
IE - HKCU\..\SearchScopes\{B16C97B2-33E0-42CA-96F9-E7A70567AA27}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\CEB4644C31D947E0B8F1DB4980F8D9D4: "URL" = http://websearch.ask...1E-B2E6F28D5F18
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Wikipedia (nl)"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (nl)"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1
FF - prefs.js..extensions.enabledAddons: %7BDF153AFF-6948-45d7-AC98-4FC4AF8A08E2%7D:1.3.3
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131008
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-09-19 18:53:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-09-19 18:50:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2013-03-24 17:48:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Extensions
[2013-10-21 11:23:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions
[2013-10-21 11:23:34 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013-09-19 17:01:48 | 000,128,676 | ---- | M] () (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\[email protected]
[2013-10-21 10:32:56 | 001,333,292 | ---- | M] () (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\[email protected]
[2013-10-13 13:51:12 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-03-24 17:56:32 | 000,138,614 | ---- | M] () (No name found) -- C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\rjfq1y1i.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013-09-19 16:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-09-19 17:00:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013-09-19 18:53:37 | 000,000,000 | ---D | M] (RealDownloader) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2013-09-19 18:50:25 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/...q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/...=UP97DF&PC=UP97,
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Google Documenten = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Zoeken = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealDownloader = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: Adblock Pro = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\2.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2004-08-04 14:00:00 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1364126438671 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.13.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.23.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBBB6759-C7E8-4871-BD0D-F6CF94A8EA25}: DhcpNameServer = 192.168.23.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Ierland.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Ierland.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-09-18 10:23:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013-10-21 11:13:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Bureaublad\21okt2013-10b-tdsskiller
[2013-10-21 11:08:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013-10-21 10:44:24 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013-10-21 10:41:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013-10-21 10:41:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013-10-21 10:41:39 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013-10-21 10:41:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013-10-21 10:41:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-10-21 10:41:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Eigenaar\Menu Start\Programma's\Systeembeheer
[2013-10-21 10:41:14 | 000,000,000 | R--D | C] -- D:\Gebruikers\Eigenaar\Mijn Documenten\Mijn video's
[2013-10-21 10:41:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documenten\Mijn video's
[2013-10-21 10:40:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013-10-21 10:32:55 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Eigenaar\Bureaublad\21okt2013-10-tdsskiller.exe
[2013-10-21 10:32:33 | 005,135,479 | R--- | C] (Swearware) -- C:\Documents and Settings\Eigenaar\Bureaublad\21okt2013-9-ComboFix.exe
[2013-10-16 18:07:14 | 000,000,000 | ---D | C] -- C:\FRST
[2013-10-16 17:29:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Menu Start\Programma's\Speccy
[2013-10-16 17:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013-10-16 16:36:39 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-4b-aswmbr.exe
[2013-10-16 16:19:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013-10-16 15:57:25 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013-10-16 15:46:48 | 001,087,213 | ---- | C] (Farbar) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-7-FRST.exe
[2013-10-16 15:44:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-6-OTL.exe
[2013-10-16 15:40:00 | 005,552,488 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-5-spsetup123.exe
[2013-10-16 15:35:17 | 002,659,680 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-4-aswmbr.exe
[2013-10-16 15:30:51 | 001,033,335 | ---- | C] (Thisisu) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-3-JRT.exe
[2013-10-13 17:36:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013OTL.exe
[2013-10-13 14:52:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eigenaar\Menu Start\Programma's\Revo Uninstaller
[2013-10-13 14:52:03 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013-10-13 14:51:29 | 002,623,656 | ---- | C] (VS Revo Group Ltd.) -- C:\Documents and Settings\Eigenaar\Bureaublad\revosetup.exe
[2013-10-13 13:51:13 | 022,143,816 | ---- | C] (Mozilla) -- C:\Documents and Settings\Eigenaar\Bureaublad\Thunderbird Setup 24.0.1.exe
[2013-10-13 12:34:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013-10-11 10:00:11 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidparse.sys
[2013-10-11 10:00:10 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2013-10-11 09:56:41 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbd.sys
[2013-10-11 09:56:37 | 000,030,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbehci.sys
[2013-10-06 14:53:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Foxit Reader
[2013-10-06 13:18:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\iTunes
[2013-10-06 13:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013-10-06 13:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013-10-06 13:15:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-10-26 15:57:00 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D00FDB6F-8963-405A-804E-BB510CC46110}.job
[2013-10-26 15:41:57 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1614895754-879983540-1606980848-1003.job
[2013-10-26 15:41:54 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1614895754-879983540-1606980848-1003.job
[2013-10-26 15:38:00 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-10-26 15:37:46 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-10-26 15:37:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-10-25 16:09:00 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-10-25 15:33:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-10-21 11:11:26 | 004,101,145 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Bureaublad\21okt2013-10b-tdsskiller.zip
[2013-10-21 10:44:35 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013-10-21 10:32:47 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Eigenaar\Bureaublad\21okt2013-10-tdsskiller.exe
[2013-10-21 10:32:15 | 005,135,479 | R--- | M] (Swearware) -- C:\Documents and Settings\Eigenaar\Bureaublad\21okt2013-9-ComboFix.exe
[2013-10-21 10:30:42 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Eigenaar\Bureaublad\21okt2013-8-VEW.exe
[2013-10-16 17:34:08 | 000,000,550 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Bureaublad\Snelkoppeling naar aReebok Maintenance.lnk
[2013-10-16 16:37:53 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-4b-aswmbr.exe
[2013-10-16 15:46:49 | 001,087,213 | ---- | M] (Farbar) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-7-FRST.exe
[2013-10-16 15:44:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-6-OTL.exe
[2013-10-16 15:40:04 | 005,552,488 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-5-spsetup123.exe
[2013-10-16 15:35:18 | 002,659,680 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-4-aswmbr.exe
[2013-10-16 15:30:52 | 001,033,335 | ---- | M] (Thisisu) -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-3-JRT.exe
[2013-10-16 15:28:37 | 001,048,960 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-2-AdwCleaner.exe
[2013-10-13 17:36:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eigenaar\Bureaublad\13okt2013OTL.exe
[2013-10-13 14:52:04 | 000,000,924 | ---- | M] () -- C:\Documents and Settings\Eigenaar\Bureaublad\Revo Uninstaller.lnk
[2013-10-13 14:51:25 | 002,623,656 | ---- | M] (VS Revo Group Ltd.) -- C:\Documents and Settings\Eigenaar\Bureaublad\revosetup.exe
[2013-10-13 14:27:18 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2013-10-13 13:53:46 | 000,001,675 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Mozilla Thunderbird.lnk
[2013-10-13 13:51:43 | 022,143,816 | ---- | M] (Mozilla) -- C:\Documents and Settings\Eigenaar\Bureaublad\Thunderbird Setup 24.0.1.exe
[2013-10-13 12:30:39 | 000,124,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-10-11 13:11:52 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013-10-11 13:01:17 | 000,552,774 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat
[2013-10-11 13:01:17 | 000,481,188 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-10-11 13:01:17 | 000,100,822 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat
[2013-10-11 13:01:17 | 000,079,644 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-10-10 10:34:36 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013-10-10 10:34:34 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013-10-06 14:53:53 | 000,001,710 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Foxit Reader.lnk
[2013-10-06 13:49:19 | 000,001,029 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\SiSoftware Sandra Lite 2013.SP6.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-10-21 11:11:20 | 004,101,145 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Bureaublad\21okt2013-10b-tdsskiller.zip
[2013-10-21 10:44:35 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013-10-21 10:44:28 | 000,261,936 | RHS- | C] () -- C:\cmldr
[2013-10-21 10:41:39 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013-10-21 10:41:39 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013-10-21 10:41:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013-10-21 10:41:39 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013-10-21 10:41:39 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013-10-21 10:31:30 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Eigenaar\Bureaublad\21okt2013-8-VEW.exe
[2013-10-16 17:34:08 | 000,000,550 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Bureaublad\Snelkoppeling naar aReebok Maintenance.lnk
[2013-10-16 15:28:33 | 001,048,960 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Bureaublad\16okt2013-2-AdwCleaner.exe
[2013-10-13 14:52:04 | 000,000,924 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Bureaublad\Revo Uninstaller.lnk
[2013-10-13 13:53:46 | 000,001,675 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Mozilla Thunderbird.lnk
[2013-10-06 14:53:53 | 000,001,710 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Foxit Reader.lnk
[2013-10-06 14:53:51 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\gcapi_dll.dll
[2013-10-06 13:49:19 | 000,001,029 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\SiSoftware Sandra Lite 2013.SP6.lnk
[2013-09-24 14:48:32 | 000,131,222 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013-06-25 11:33:41 | 000,124,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-06-24 13:55:54 | 013,709,312 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Application Data\Sandra.mdb
[2013-04-18 19:07:00 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2013-04-18 19:06:46 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2013-04-18 19:06:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2013-04-18 19:06:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2013-04-18 19:06:46 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2013-03-24 16:06:58 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Eigenaar\Local Settings\Application Data\fusioncache.dat
[2012-09-18 12:13:39 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-09-18 11:12:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-09-18 10:31:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-09-18 10:19:50 | 000,021,748 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-02-15 17:16:19 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

========== ZeroAccess Check ==========

[2013-03-24 15:09:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012-02-15 17:06:50 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012-02-15 17:06:07 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-14 23:32:46 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< MD5 for: NTDLL.DLL >
[2010-12-09 16:15:54 | 000,739,328 | ---- | M] (Microsoft Corporation) MD5=9011D64E9090247C04EE767ED6C7B4BE -- C:\WINDOWS\system32\ntdll.dll
[2004-08-04 01:03:00 | 000,729,088 | ---- | M] (Microsoft Corporation) MD5=A558BE062173291AA6BB94D9FCB8FA7F -- C:\cmdcons\SYSTEM32\NTDLL.DLL

< MD5 for: SFCFILES.DLL >
[2012-02-15 17:09:46 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=660868E1371697C652CFC9C1CB98B371 -- C:\WINDOWS\system32\sfcfiles.dll

< MD5 for: WUAPI.DLL >
[2012-06-02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) MD5=1A617835452EEE5060976C9B9F5FE635 -- C:\WINDOWS\system32\dllcache\wuapi.dll
[2012-06-02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) MD5=1A617835452EEE5060976C9B9F5FE635 -- C:\WINDOWS\system32\wuapi.dll

========== Files - Unicode (All) ==========
[2013-10-26 15:44:48 | 103,108,672 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⛝砼召6
[2013-10-26 15:44:48 | 103,108,672 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⛝砼召6
[2013-10-20 11:11:54 | 101,983,560 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\噜⠶召6
[2013-10-20 11:11:54 | 101,983,560 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\噜⠶召6
[2013-10-17 08:59:38 | 101,413,064 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\縳흡召6
[2013-10-17 08:59:38 | 101,413,064 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\縳흡召6
[2013-10-14 11:41:23 | 100,838,232 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ಣ並召6
[2013-10-14 11:41:23 | 100,838,232 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ಣ並召6
[2013-10-11 09:57:55 | 100,446,413 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᙈ⬨召6
[2013-10-11 09:57:55 | 100,446,413 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᙈ⬨召6
[2013-10-10 09:43:44 | 100,221,909 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\丷ꞛ召6
[2013-10-10 09:43:44 | 100,221,909 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\丷ꞛ召6
[2013-10-09 09:57:56 | 100,120,694 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䘠凹召6
[2013-10-09 09:57:56 | 100,120,694 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䘠凹召6
[2013-10-08 15:14:16 | 099,859,239 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\顶隱召6
[2013-10-08 15:14:16 | 099,859,239 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\顶隱召6
[2013-10-06 12:51:53 | 099,399,748 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\뎔淅召6
[2013-10-06 12:51:53 | 099,399,748 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\뎔淅召6
[2013-09-26 07:38:25 | 097,892,804 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\偕召6
[2013-09-26 07:38:25 | 097,892,804 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\偕召6
[2013-09-25 09:36:53 | 097,673,008 | ---- | M] ()(C:\WINDOWS\System32\O??6) -- C:\WINDOWS\System32\O↫召6
[2013-09-25 09:36:53 | 097,673,008 | ---- | C] ()(C:\WINDOWS\System32\O??6) -- C:\WINDOWS\System32\O↫召6
[2013-09-24 10:16:35 | 098,852,061 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ꅓ먔召6
[2013-09-24 10:16:35 | 098,852,061 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ꅓ먔召6
[2013-09-23 10:47:51 | 098,615,842 | ---- | M] ()(C:\WINDOWS\System32\?s?6) -- C:\WINDOWS\System32\s召6
[2013-09-23 10:47:51 | 098,615,842 | ---- | C] ()(C:\WINDOWS\System32\?s?6) -- C:\WINDOWS\System32\s召6

< End of report >


OTL Extras logfile created on: 26-10-2013 15:48:21 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Eigenaar\Bureaublad
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

503,48 Mb Total Physical Memory | 291,58 Mb Available Physical Memory | 57,91% Memory free
1,20 Gb Paging File | 0,78 Gb Available in Paging File | 65,06% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38,28 Gb Total Space | 16,46 Gb Free Space | 43,00% Space Free | Partition Type: NTFS
Drive D: | 38,28 Gb Total Space | 38,18 Gb Free Space | 99,74% Space Free | Partition Type: NTFS

Computer Name: EIGENAAR-PC | User Name: Eigenaar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service -- (Apple Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\WNt500x86\RpcSandraSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{101738D7-D805-37A9-BB91-1F2C351782BF}" = Microsoft .NET Framework 3.5 Language Pack SP1 - nld
"{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}" = Microsoft .NET Framework 1.1 Dutch Language Pack
"{1BD6AE96-4742-4498-9D03-9451C7E5A214}" = Windows Live aanmeldhulp
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
"{2869F5EA-93C3-48E5-80DF-DB696BC84A91}" = Windows Live Mail
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CA031C-D3CD-4A28-8D9B-C71466C4F045}" = Windows Live Writer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{6FEC9863-5EF2-4A07-9D0B-CA81B47E3F59}" = Windows Live Photo Gallery
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A1027CE-83F6-3CB2-B9BA-9DA38D0907D0}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - NLD
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C169BD5F-00C1-437C-8162-88FA6BE495D5}" = OpenOffice.org 3.4.1
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2013.SP6
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DCAEC601-735C-41AE-B84F-D792F09FB7D1}" = WOT for Internet Explorer
"{E05D82D8-FE70-4228-B073-B0C07FE27595}" = iTunes
"{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}" = Windows Live Sync
"{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}" = Windows Live Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F73EA8BF-81F5-32AF-8D8A-24F12FD23B79}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - NLD
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"FileHippo.com" = FileHippo.com Update Checker
"Foxit Reader_is1" = Foxit Reader
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - nld" = Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
"Mozilla Firefox 24.0 (x86 nl)" = Mozilla Firefox 24.0 (x86 nl)
"Mozilla Thunderbird 24.0.1 (x86 en-US)" = Mozilla Thunderbird 24.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROSet" = Intel® PRO Ethernet Adapter and Software
"RealPlayer 16.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.95
"SigmaTel C-Major" = SigmaTel C-Major Audio
"Speccy" = Speccy
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Applicatie Detect

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 25-10-2013 6:23:35 | Computer Name = EIGENAAR-PC | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen
module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

[ System Events ]
Error - 24-10-2013 5:44:36 | Computer Name = EIGENAAR-PC | Source = Service Control Manager | ID = 7009
Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van
deze service: COM-service voor IMAPI cd-branders.

Error - 24-10-2013 5:44:37 | Computer Name = EIGENAAR-PC | Source = Service Control Manager | ID = 7000
Description = De COM-service voor IMAPI cd-branders-service kan vanwege de volgende
fout niet worden gestart: %%1053

Error - 25-10-2013 6:21:38 | Computer Name = EIGENAAR-PC | Source = Service Control Manager | ID = 7009
Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van
deze service: COM-service voor IMAPI cd-branders.

Error - 25-10-2013 6:21:39 | Computer Name = EIGENAAR-PC | Source = Service Control Manager | ID = 7000
Description = De COM-service voor IMAPI cd-branders-service kan vanwege de volgende
fout niet worden gestart: %%1053

Error - 26-10-2013 9:41:30 | Computer Name = EIGENAAR-PC | Source = Service Control Manager | ID = 7023
Description = De iPod-service-service is gestopt met de volgende foutcode: %%2147549465.

Error - 26-10-2013 9:41:43 | Computer Name = EIGENAAR-PC | Source = DCOM | ID = 10010
Description = De server {063D34A4-BF84-4B8D-B699-E8CA06504DDE} heeft zich binnen
de vereiste termijn niet bij DCOM geregistreerd.

Error - 26-10-2013 9:41:47 | Computer Name = EIGENAAR-PC | Source = Service Control Manager | ID = 7009
Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van
deze service: Application Layer Gateway-service.

Error - 26-10-2013 9:41:47 | Computer Name = EIGENAAR-PC | Source = Service Control Manager | ID = 7000
Description = De Application Layer Gateway-service-service kan vanwege de volgende
fout niet worden gestart: %%1053

Error - 26-10-2013 9:42:15 | Computer Name = EIGENAAR-PC | Source = DCOM | ID = 10010
Description = De server {063D34A4-BF84-4B8D-B699-E8CA06504DDE} heeft zich binnen
de vereiste termijn niet bij DCOM geregistreerd.


< End of report >

Edited by Admirgency, 26 October 2013 - 08:18 AM.

  • 0

Advertisements


#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
I don't think there is any malware left on this one. Just the hard drive failing. You have several services which are not starting like they should.

Error - 24-10-2013 5:44:36 | Computer Name = EIGENAAR-PC | Source = Service Control Manager | ID = 7009
Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van
deze service: COM-service voor IMAPI cd-branders.


Error - 26-10-2013 9:41:30 | Computer Name = EIGENAAR-PC | Source = Service Control Manager | ID = 7023
Description = De iPod-service-service is gestopt met de volgende foutcode: %%2147549465.

Error - 26-10-2013 9:41:47 | Computer Name = EIGENAAR-PC | Source = Service Control Manager | ID = 7009
Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van
deze service: Application Layer Gateway-service.



You could go into Services and change them all to Manual but if no one care about this PC I'd just leave it as it is.
  • 0

#12
Admirgency

Admirgency

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
IN MEMORIAM : JAN BEUKENS.

Jan was one of leading employees amongst our towns homeless-projects. For citizens and illegal immigrants/refugees alike. To me he was one of 3 pillars i could always lean upon in the past decade when i received counter-productive medication from various psychiatrists. Without Jan i would not've been able to shed my psychiatric problems & come clean of crackware on my computers nor come clean of drugs. I would not be able to do the work i do now. Without Jan Beukens i might not have lived anymore for without him the projects where i also encountered my other 2 pillars of moral & spiritual support might not have survived.

Sorry for the confusion, because of the time passed and the modem/router-passwords i'll write now about all 3 computers. I'll highlight in bold text that is specified for this computer. And when i come around to it i'll copy/paste parts of this text to the threads for the other 2 computers.

Early sunday-evening last week i was almost ready updating the public computers when i got a phonecall from Spain, where my boss is on holiday. Our substitute payed coördinator doesn't know our town yet while i am familliar with clients, volunteers, payed employees and board-members. I had to phone the message about the demise of Jan Beukens around and make some quick prints.

With this death being the worst, every time in the past weeks where i thought i'ld have time to work on the computers something happened. F.e. our board-members forgot to tell the substitute payed coördinator she was hired again and likewise i heard the news of our boss going on a holiday via other ppl. We got assurance only on the very last workingday of our boss. While i came to work extra early to work on the computers, the boss had made a double appointment and was late for both. Furthermore the garden was made winter-ready (and i have 3 more gardens to work on), there were repairs to the building needed for the winter (homeless evening-shelter), extra repairs because of agression, multiple thefts from visitors amongst each-other and so on. These last weeks i did not have much time for the computers and the time i had planned went up on all kinds of extra events. (And i'm not so crazy anymore to flee into working a 100 to 120 hours a week).

3 weeks ago i opted to change the passwords on our routers (1 wireless and 1 wired). I found we have no installation-disks (with user-manuals) for the routers we use but for 1 different router. Thus i had to study on the manufacturers websites. I could not get in via the wired computers so i tried a hard reset. I had taken the wired router for the public computers offline but wile resetting the wireless router the somewhat less responsable employee plugged the wired router + public computers back in. Then only the office-laptop could get in via the routers pin-code (and not directly via password nor via IPadresses). The password i then received was not our own nor the manufacturers password. The manufacturers websites warned me against changing router-settings via a wireless connection but in hindsight i wished i'ld done so indeed. why you say?

1 of our visitors brought in a laptop he couldn't get in, together with a Dongel (KPN prepaid Inet) that didn't work. My boss tried it on his Android and immediately lost Internet-connection instead of gaining another-one. I looked at the dongel on public computer no. 2 (sorry for installing its software). Next day my boss had connection again most of the time, be it a very weak signal while right next to his Android the office-laptop had strong signal. Quick check of the visitors laptop learned me it wasn't taken hostage. And that visitor received a new Dongel from the KPN-shop because the shop where he bought it gave him an outdated Dongel. I took the visitors laptop home to work on it. His Windows needed repair and a lot of registry-scanners and AV (+ their start-pages + theirs & some more search-engines + theirs & some more toolbars) had to be uninstalled. Mbam as well as Eset and MS online scanners deemed it free of any malware. So malware from the visitors laptop most likely was not the reason the public computers lost LAN-connection for one day also.

On top of all that a prankster visitor messed with the screen-settings of public computer no. 1 (this-one) so much that i couldn't get into the screens menu anymore. Not risking any employee or visitor plugging it in again, i took the cables (electric & Lan) from those computers + router and locked them up.

Sunday the 17th of November Microsoft Security Updates, this Computer updated everything as should be.
However both public computers – after Security Updates for Microsoft-software – could not update non-MS software from Filehippo. Public comp no. 2 has Secunia PSI installed but Filehippo is official mirror for Piriform Ccleaner, Speccy and Defragler. Publ. comp. no 1 (this comp) has Filehippo Update Checker installed and as far as it didn't need to update from the Filehippo website and the right updates were presented, the updates roled in. I don't know why i could not update from Filehippo website. The Ccleaner-version via Filehippo was a higher version then the "same" update on the other computer via Secunia PSI. Filehippo Update Checker also presented Open Office Bèta version 3.4.0 While end-user-version 3.4.1 was already installed and needed updating to 4.0.1. Last but not least Filehippo deemed Realplayer up to date while a manual check with Realplayer build-in updater showed an update. (Secunia PSI on the other comp had some more failures then written here) (no update-checker installed on the office-comp). conclusion : something is wrong with the update-checkers on these 2 public computers.

Thursday evening the 21st i took another look at the router-passwords (had to, winter-evening-shelter for the homeless started earlyer then planned). I Still could not get in. Where after a hard reset i previously got a new password for the wireless router with its pincode - on the laptop - that option now could only be used for the modem. Despite the laptop recieving new connection to our wireless network.
I called in a friend (i'ld normaly hesitate to call him for he still uses crackware, but hey, that's another story, if it weren't for his financial and psychiatric caretakers i would've gotten him to use only legal software a few years ago). Via his Samsung Galaxy he found the IP's for modem the same as for the wireless router but changing the routers IP didn't work as expected either. We took the wireless (primary) router out of the equation for the modem has wireless connection also and no porn/pornchat/gambling-website using visitor gets to use wifi anyway (for now, but the password will be passed on, can't stop that) (the secondary router for the public computers is Lan only).

Friday i've been updating one of our reserve-computers for SMO (combined homeless shelters), who now coördinate our winter-evening shelter, wants a third public computer to be available. It doesn't look like there's malware present but i'll have to run something like Eset Online & Mbam or maybe i'll have time to run dr. Web from BootCD, to be sure before i let our visitors loose on it. Saturday sunday and monday i've been working on the office-computer. well.... working.... scanning and cleaning took a lot of time in which i could also help preparing & cleaning the building for our winter-evening homeless shelter and in the evening act as an extra volunteer.

OTL & SiSoftware Sandra Light are already uninstalled (Sandra is not used via GeeksToGo but it is to powerfull for the visitors to let linger around. Concerning Combofix : The Command-line on this computer is set standard to "C:\Documents and Settings\eigenaar>" and i did not manage to Change Dir(ectory) to "C:\".

Are there any special instructions for removing the other tools used?
AdwareCleaner, JRT, Aswmbr, Speccy, Kaspersky TDSSkiller, VEW, GMER, FRST.



Thank you for your efforts and again sorry it took such a long time for me to resume the 3 threads i have opened.

Edited by Admirgency, 25 November 2013 - 12:30 PM.

  • 0

#13
Admirgency

Admirgency

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Superpatchtuesday. Early at work for theWindows Security Updates i finaly had them installed at 12 'o clock and 15:55 h for resp public comp no. 1 and 2, and did not get around to updating the office-pc. Lovely to know how rewarding my line of work is, after 8 hours of computing with lunch and early dinner while continuing work, and then have visitors of our evening-shelter be mad and swearing & 1 even threatening because i needed another half our after evening-shelter opened. Proud i've never been like that when i lived on the streets. How could i, in my time there was no shelter or social work at all. (The more help they get, the more ppl in denial think they can blame on the social workers atl, therefore the longer their lives remain a mess).

(Avira updated immediatly). Quick search for only the essential updates didn't work for the public computers while the office-laptop updated without a glitch. I let it run for 5 quarters of an hour and all that time the systemtray-icon for the updates indicated 0 % downloaded. Then on public comp no 1 i switched auto-updating to 10 'o clock, noticed it's internal clock ran 6 minutes in the future and synchronised it, and then waited for the updates to roll in automaticly. To no avail.

After half an hour waiting i ran another quick search, gave up after about half an hour and then ran the search for updates with non-essential updates included. That did it, all essentials roled in and installed. After reboot the clock clearly had been running too fast again (and that's on an old batery).

Lastly i checked all installed programs manually for updates (didn't use FileHippo Update Checker). Hey, is Winamp gonna stop? New winamp version means new OpenCandy adware. Avira didn't catch that and neither did Mbam, though during installation of kb 2898785 Avira cought an ADWARE/Adware.Gen in \roler_Coaster_Tycoon_2_full_pc_Downloader(1).exe. Avira cought 1 more of them in an iPumper-installer and again 1more in recycling-bin. Don't have the specifics of them as i write this at home and not at work. The latter 2 were cought while running Mbam. Very anoying to have to pauze the Mbam scan because the system can not handle 2 scans and Avira needs to scan the complete system when removing an infection cought by real-time protection. Mbam found a PUP, don't have those specifics with me either. I'll give them tomorrow, they weren't Winamps OpenCandy as far as i know).

In the afternoon and evening in guest-account, this computer was extremely slow.

At 15:55 h they finally were installed also on public computer no.2. By this time i was half an hour late for my evening job, but hey, today that was at the same place as my day-job and i already had an excessive meal of supermarket-ögarbageö brought in by a guest and cooked by our Polish hostess.



  • 0

#14
Admirgency

Admirgency

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Today there's no chance of replacing one of the public computers with the spare computer i've been working on. It's got dammaged csrss.exe- and rundll32.exe-processes. I hope i damaged that myself somewhere between uninstalling old Adobe Flash + Avira (don't have the password, uninstalled according to Avira FAQ) and installing new Adobe Flash (player & ActiveX) + Agnitum Outpost Security Suite (freeware) + the MS Security updates, and that it is not malware.

New hope : after many months of remarks and discussions from myself + the other computer-savy employee to our boss, he finally realizes he needs to advise the board-members of the comming new organisation to hire more competent computer-caretakers. Allas they'll probably still use freeware AV but on the other hand they'll be ordered to implement a server-network and give visitors access only to keyboard mouse screen and headset and nothing else).

11 dec 2013.
The Adware cought by Avira RT prot. during installation of kb 2898785 :

ADWARE/Adware.Gen in \roler_Coaster_Tycoon_2_full_pc_Downloader(1).exe.

Adware cought by Avira RT prot. while running Mbam :
ADWARE/Adware.Gen in C:\Documents and Settings\......ipumperinst.exe
1 more ADWARE/Adware.Gen in \roler_Coaster_Tycoon_2_full_pc_Downloader(1).exe. (Ships, i thought i'ld written down it's full path but apparently i didn't) ;
ADWARE/Adware.Gen in C:\System Volume Information\......\A0064413.exe.

Detected by Mbam : PUP.casino in C:\RECYCLER\s-1-5-.....\Dc.exe.


Thursday 12 dec
Detected by Avira RT Prot.
the next day, 5 min before closingtime of our evening-shelter (thus that one visitor needed to swear and threaten again however another excelent meal from supermarket-"garbage" made it bearable) :
TR/Drop.Softomat.AN in C:\System Volume Information\......\A0064417.exe.
I ran Avira full scan, that didn't find any real threat. 88 warnings were mostly about SySoftware Sandra Light and a handfull of OTL, + 1 warning about iPumper.

Edited by Admirgency, 13 December 2013 - 01:10 AM.

  • 0

#15
Admirgency

Admirgency

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Extra Essential Microsoft Update for .Net Framework 2.0 sp2 (19th of dec for XP, 16th for Vista) installed OK.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP