Hensyr

Dank je voor deze uitleg, ik ga dit zeker in mijn overweging mee nemen. Doch is het de bedoeling nu een kant en klare pc te kopen die niet meer hoeft getest te worden, mocht blijken dat bepaalde onderdelen niet afdoende hun werk doen en ik moet upgraden naar betere onderdelen, gaat de gehele opzet naar budget in vlammen op. De grafishe core in de i5 processor moet toch sterk genoeg zijn om 8 tot 9 uur per dag, 7/7 dagen en het ganse jaar door te presteren, daarbij komt nog dat de pc continue zal draaien en alleen bij eventuele updates, onderhoud (ontstoffen) of hospitaal opname de pc eens zal uitgezet worden. Daarbij moet die pc minstens 5 jaar meegaan, dus ook de HDD moet dit aankunnen! Dat daarbij een deftige voeding moet zitten met goede koeling hoeft geen verdere uitleg, dus misschien moet ik het hele budget nog maar eens overzien...hehe amaai dit gaat me geld kosten! Ondertussen heb ik ook al eens met Alternate zelf contact opgenomen, omdat de pc builder op hun website niet up to date zou zijn en het spijtig is een pc te configureren met onderdelen die makkelijk door een nieuwere generatie onderdelen kunnen worden geconfigureerd voor het zelfde geld. Ik hoop op goede reacties in dit forum en van Alternate. Hartelijke dank om uw reactie en het feit dat je me verder wil helpen.

Beste Stegisoft, Het is zeer jammer te vernemen dat je liever geen configuratie doet bij Alternate omdat de website (pc builder) niet aangepast is aan de nieuwe norm met vierde generatie Intel processors. Langs de andere kant is wachten tot Alternate zijn webpagina aanpast aan die nieuwe onderdelen niet echt bevorderlijk om mijn echtgenote haar geduld op de proef te stellen. Het is dan al een oude pc waarop ze nu speelt en af en toe een fatal error in een raid geeft algauw tot gevolg dat men beslist je eruit te gooien en dat mijn lieve Stegisoft geeft tot gevolg dat Viviane haar reputatie van goede DPSer naar de maan gaat en ik het gezeur krijg. Dus als het enigszins kon mag je mij gerust een andere aanbeveling doen van andere pc builders die wel al de nieuwe generatie CPU' s hebben. De enige voorwaarde is dat ik direct moet kunnen bestellen en betalen met Bancontact! Het hoeft voor mij ook niet een Intel cpu te zijn maar eventueel AMD mag ook, ik ben niet zo gebonden aan merken, als de prestaties maar voldoen aan een goede gamer' s pc. Heb jij er weet van dat de nieuwe componenten bij Alternate reeds aanwezig zijn in de winkel? Misschien moet ik dan maar eens een bezoek brengen aan de winkel ter plaatse en daar mijn uitleg doen? En wat vond je eigenlijk van de configuratie die ikzelf eerst had voorgesteld, is die te doen of is die helemaal niet goed? Graag uw mening a.u.b. Groeten, Hensyr

Dag Miksel12, Je hebt echt wel moeite gedaan om ronde de prijs te blijven, proficiat hiervoor! Maar... zoals Stegisoft al zegt, er zijn twee moederborden geselecteerd. En er is een component (moederbord MSI B85M-G43) bij zonder technische uitleg van Alternate zelf zodat ik geen evalutie naar mogelijkheden en prestaties kan maken. Heb jij enige ervaring met dit moederbord dat de reden kan zijn van je keuze of was het alleen de prijs die je keuze heeft bepaald? Ja mag gerust wat uitleg geven bij de configuratie van een low budget game pc, dan kan ik volgen waarom je voor die component kiest. Groeten, Hensyr

Dag Miksel12, Dank u om een poging te ondernemen mij hierbij te helpen maar de link die je aangaf bevat geen samenstelling. Ik kan dus jouw samenstelling niet evalueren. Groetjes, Hensyr - - - Updated - - - Dag Stegisoft, Wil dit dan zeggen dat ik via de pcBuilder van Alternate geen goede samenstelling kan doen met de huidige componenten die daar nu wel opstaan? Moet ik dan wachten tot de pcBuilder van Alternate is aangepast aan de nieuwe componenten? En wat vond je van de samenstelling die ik zelf heb voorgesteld? Is dit een goede gamers pc samenstelling of kan het beter voor die prijs? Graag uw mening a.u.b. Van Socket nummers of maten heb ik geen kaas gegeten, daar snap ik eigenlijk weinig van, daarom heb ik ook dit toppic geopend. Groetjes, Hensyr

Beste Kweezie Wabbit, Als ik u niet had dan ging ik het hier nog lang niet goed hebben gekregen. Die OOBE file was inderdaad verdwenen en zorgde ervoor dat de oude versie niet kon vervangen worden door een update met de nieuwere versie. Dank zij uw link heb ik het Fix it tooltje kunnen gebruiken om die hele MSE eraf te gooien. Maar ik heb geen zin meer om het er opnieuw op te zetten Heb jij een voorstel om een goede gratis antivirus te gebruiken?

PC opnieuw opgestart, alles loopt vlot, geen meldingen gekregen. Microsoft Security Essentials moet ik wel nog via start / zoekvenster intypen en starten - - - Updated - - - Ondertussen heb ik ook een nieuwe toppic geplaatst voor advies van een nieuwe game computer voor Viviane. Ben eens benieuwd Voor deze computer ga ik een nieuwe voeding moeten aanschaffen denk ik om die BSOD' s kwijt te geraken - - - Updated - - - [ATTACH]26464[/ATTACH] is een eventviewer tekst, als je eens tijd mocht hebben. Hopelijk wordt ik er wat wijzer uit, maar toch blijkt er heel wat fout te gaan op deze pc

Arcsoft fotoimpression, een programma dat was meegeleverd met weer een ander programma, alhoewel ik niet meer weet met welk programma dat was meegeleverd heb ik het toch op de website van Arcsoft zelf kunnen downloaden. Gedownload en geïnstalleerd, kreeg geen melding tijdens de download dat het programma er reeds op stond. Hopelijk zou dit dan opgelost moeten zijn. Ik ga de computer eens heropstarten en zien wat er komt

dag forumleden, graag zou ik voor mijn echtgenote een nieuwe gamerspc willen aankopen ik heb reeds bij alternate geprobeerd maar sommige onderdelen passen dan weer niet in de configuratie. doch heb ik wel enkele voorkeuren wat die configuratie betreft zoals de case die mijn echtgenote reeds heeft uitgekozen zoals de Sharkoon Tauron red edition en een besturings programma Windows 7 Ultimate 64 bit om de gehele ram geheugen te gebruiken en tegelijk ook de mogelijkheid hebben bepaalde persoonlijke aanpassingen uit te voeren die in een Home edition niet mogelijk zijn als Admin even het lijstje afgaan van het stappen plan: Waarvoor heb ik een PC nodig ?: vooral om World Of Warcraft op te spelen minimale systeem vereisten voor WOW (Mists of Pandaria) zijn: -Windows 7 (latest service pack) -Intel Pentium D or AMD Athlon 64x2 -INVIDIA GFORCE 6800 or ATI Radeon x1600 Pro (with 256 mb) -25 GB free space -2 GB ram -Broadband Internet -screen resolution 1024 x 768 Natuurlijk willen we wel even naar de toekomst kijken en zullen nieuwe patches of nieuwe uitbreidingen van WOW wel zwaardere systeem eisen kunnen stellen, of als Viviane dan toch eens een nieuw game wil uitproberen dat zwaardere systeem eisen stelt moet deze pc ze toch wel vlotjes aan kunnen. Trouwens dit zijn de systeem eisen die al jaren op hun verpakking staan! Komt er nog bij dat Viviane heel slecht zicht heeft en een reusachtig TV scherm heeft waar zij nu met een Medion Akoya pc vlot WOW op speelt maar de pc is 8 jaar oud nu en ik wil niet hebben dat ze een dag verliest van haar kostelijke tijd! hm... het is misschien toch noodzakelijk even te vermelden dat Viviane 7/7 365 dagen per jaar WOW speelt en dat heeft zo zijn redenen vanwege haar lichamelijke beperkingen die op z'n zacht gezegt niet bestaan in de wereld van WOW dus een degelijke pc die niet uitgezet wordt en minstens 8 tot 9 uur per dag WOW vlot moet laten lopen. Wat is mijn budget ? Niet zo denderend veel 850 tot max 950 € is het budget dat ik kan vrijmaken Een merkcomputer of een samenstelling ? dat is een goede vraag waarop ik eigenlijk geen duidelijk antwoord kan op geven: - fabrikanten die pc' s kant en klaar presenteren zijn doorgaans goed voor alledaags gebruik, filmpje, game, nieuws, e-mail, office enz... maar als je echt een goede gamer pc wil zit je al gauw aan prijzen die echt de pan uit reizen van 1500 tot 2000 € en dit kan ik niet betalen - langs de andere kant heb ik vernomen dat Alternate een zeer goede reputatie heeft en al zegt de naam het zelf, heel goede alternatieven kan bieden, blijft wel de vraag of je dan ook nog een goede garantie en nazorg hebt al er iets fout gaat. laten we het zo hebben dat ik voor een samenstelling kies en hoop dat het niet fout gaat na een paar maanden! Ga ik overklokken ? Neen, daarom wou ik meteen ook graag dat het systeem toch wel enkele jaren kan meegaan met systeem vereisten die ons te wachten staan, al denk ik persoonlijk niet dat men nog veel zwaarder gaat gaan dan nu al het geval is bij sommige game' s De CPU zou toch naar mijn mening het liefst minimaal 3400 tot 3600 MHz moeten draaien of als het in het budget past meer 3800 of 4000 MHz maar dat wordt dan misschien een utopi hehe Ga ik later upgraden ? ik hoop van niet, maar zoals ik eerder al zei kan het zijn dat systeem vereisten zwaarder worden en hoop ik dat de cpu het een tijd volhoud, misschien zal ik wel de videokaart moeten vervangen omdat hij nu al een heuse TV moet aan kunnen en vele uren dag na dag moet runnen die TV waar ik steeds op terug keer is een LG Plasma TV 42" (100 cm)en heeft een HDMI 1.3 aansluiting en een RGB In (D-sub 15pin) - PC aansluiting de resolutie is niet denderend maar kan erdoor: 1024 x 768 Heb ik al die nieuwe functies wel nodig ? Momenteel heeft ze een World Of Warcraft muis met vele opties en een G15 gamers toetsenbord met tal van macro knopjes en een verlichting op de toetsen, een 2.0 usb poort voor deze toestellen is dus echt geen overbodige luxe plus usb poorten voor allerhande randapparatuur (zoals printer, camera, luidsprekers, sticks voor readyboost enz...) zorgt er nu al wel voor dat er 6 usb poorten in gebruik zijn aan de achterkant van de huidige Medion Akoya Ik weet dat men af en toe eens een nieuwe gamers muis en toetsenbord presenteren voor de hardcore gamers van WOW en het zou me dan ook niet verwonderen dat men dan wel 3.0 usb poorten zal willen hebben als die dingen snel moeten reageren (ingame) Ik zou minimaal 4 usb 2.0 poorten achteraan de case zetten en als het kan minstens 2 usb 3.0 poorten een kaartlezer is dan weer niet nodig een Solid State Driver (SSD) zou misschien in de toekomst mogen worden toegevoegd maar is nu nog niet nodig, alhoewel ik er sterk voorstander voor ben om daar mee te gamen wat snelheid betreft een Hard Disk Driver (HDD) van minstens 2 TB en 7200 toeren is dan weer geen overbodige luxe en liefst verdeeld in partities C: voor het besturingsprogramma D: voor de programfiles E: voor my documents waar in dit laatste een gigantische verzameling screenshots van WOW zullen worden in bewaard, en ik zeg niet voor niets een gigantische verzameling als je weet dat Viviane realy love' s her charackter en ongeveer een 30 tal screenshots per week maakt sinds het jaar 2005! Ga ik zelf assembleren ? Mijn lieve god neen, alhoewel ik dit zeer graag zou doen, ik pruts al aan computers sedert de commodore 64 en mijn vingers jeuken als gek om dit zelf te doen, maar voor mijn echtgenote is dat niet goed genoeg en ze heeft gelijk! Ik ben geen professionele samensteller en dan nog zou ik het hier ook niet aan jullie vragen me te assisteren mocht ik er zelf genoeg van weten, voor mijn echtgenote moet ze het gevoel hebben dat ik het heel serieus aanpak en dan moeten er specialisten hun hoofd er over gebogen hebben. Dat is als compliment bedoeld hé! Heb ik een besturingssysteem nodig ? Ja, Windows 7 Ultimate 64 bit versie Ga ik zelf installeren ? Installeren van Windows is niet zo moeilijk maar ik denk dat de verkoper dat niet zo maar los verkoopt en zelf de installatie zal doen + dat Alternate zelf ook nog wel wat monitorings software zal insalleren dus laat ik dit toch wel aan Alternate zelf over Heb ik een voorkeur aan onderdelen ? T' ja als je zo slim bent als ik en aan je echtgenote zegt waar je de case kan zien (Alternate pcbuilder) dan heb je pech natuurlijk en ze heeft gekozen voor de Sharkoon Tauron red (er zit trouwens een mooi filmpje bij op de website van Alternate die ervoor gezorgt heeft dat Viviane direkt verkocht was), deze zal het dus moeten worden. En natuurlijk genoeg koelers omwille van de vele uren dat deze pc tegemoet gaat gaan. Minstens 8 GB ram geheugen, dan kan ik die readyboost stick' s die nu in haar pc zitten terug krijgen Heb ik nog randapparatuur nodig ? Neen, ze heeft dan al genoeg zekers? WOW muis, tv van 100 cm, G15 toetsenbord, 6 usb poorten, Mercury camera, Canon Printer, Technics speaker system, Kerstverlichting boven haar hoofd, dikke bureaustoel, zwarte bureau die zo groot als de eettafel is, vast tapijt onder haar voetjes...Het mag dan ook al eens stoppen zekers, en ik? en je moet het haar ook niet vragen! Voor de rest zie ik haar heel graag, hou van haar en zal hier dadelijk de pagina mogen vernieuwen want heb zonet nog twee pannekoeken voor haar gebakken... een gouden hart hé, ja ik weet het maar ik moet het wel kunnen blijven betalen. Heb ik specifieke wensen ? Als de case maar juist is en Viviane nog jaren WOW kan gamen zal je haar heel gelukkig maken, het is alles wat ze nog heeft in dit korte leven en af en toe (heel veel eigenlijk) een dikke kus meer wil ze niet. Als er genoeg fans inzitten voor de koeling mag dat wel wat lawaai maken, als ik haar aanspreek hoort ze me niet eens, kan je je voorstellen dat die geluidskaart genoeg moet presteren om die versterker te voeden van haar speaker woofer systeem Woont u in Nederland of België, wil u bestellen bij een specifieke (web)winkel ? België, en liefst bij de goedkoopste, betrouwbaarste... (Alternate misschien?) als het maar goed in elkaar steekt en werkt de komende 5 jaar. Heel belangrijk!: ik moet het online kunnen bestellen en direct ook met Bancontact online kunnen betalen, dus geen PayPal, Ideal, CollectAndPay of andere betaaldinges, dat is de enige voorwaarde. Dus Azerty valt hierdoor al uit de boom met IDEAL.(spijtig geen korting). Zelf ook eens geprobeerd bij Alternate een game pc bij elkaar te sprokkelen, ik zou het erg op prijs stellen mochten jullie er eens naar kijken. Zou deze configuratie voldoende zijn voor de wensen die ik hierboven heb beschreven? link: ALTERNATE graag jullie mening en of een alternatieve samenstelling a.u.b.

Background Intelligent Transfer Service Cryptographic Services Security Center Windows Installer Service zijn de service' s die ik op automatisch zonder delay heb gezet. echter heb ik geen rechtstreekse service' s gevonden die aan Microsoft Security zijn gerelateerd de computer uitgeschakeld omdat er tevens update' s op de uitknop waren aangekondigd door een icoon op die knop tijdens het opnieuw opstarten zijn er een hoop Register\Machi... bestanden erbij gekomen. Dit is de screenshot van het MagCore.dll file missing: [ATTACH=CONFIG]26440[/ATTACH] Het icoon van Microsoft Security Essentials blijft achterwege Misschien heb ik de fout gemaakt om MSE niet eerst handmatig op te starten en dan te gaan zoeken in de services dat ga ik dus nu alsnog eens uitproberen

Background Intelligent Transfer Service Cryptographic Services Security Center Windows Installer Service zijn allemaal op automatisch gezet zonder delay en ik heb eigenlijk geen Microsoft Security Service gevonden, maar heb er wel twee die met security te maken hadden op automatisch gezet. De computer uitgeschakeld omdat er een icoon verscheen aan de uitknop dat update' s aankondigt. De computer heeft een hoop Register\Machi... onderdelen bijgekregen tijdens de update. Na het opstarten zijn de update' s geconfigureerd. En hier is de screenshot van het missing dll file: [ATTACH=CONFIG]26439[/ATTACH]

Dag Kweezie Wabbit, tot nu toe loopt alles goed, IE laat terug alle content zien en laat downloads toe. windows explorer werkt ook goed alleen wordt Microsoft Security Essentials niet opgestart bij de windows logon, die moet ik zelf steeds opnieuw handmatig in mijn start (zoekvenster) intypen en dan gewoon aanklikken en hij komt in mijn taskbar tevoorschijn als groen werkend misschien wordt het eens tijd deze eraf te gooien, in reviews lijkt hij toch nog steeds de slechtste score te behalen voor realtime bescherming na afsluiten van de pc en opnieuw starten via de aan knop (dus geen herstart) moet ik eerst zorgen dat een externe harde schijf van de stroom wordt afgehaald anders start de pc niet op (ergens moet de mbr gestoord worden als die externe schijf aan het draaien is), ik weet niet wat de juiste oorzaak hiervan kan zijn. bij het opstarten van de pc krijg ik dikwijls een melding dat een programma niet goed is geïnstalleerd en een dll fout loopt, ik heb er nog geen screenshot van kunnen nemen maar doe dit wel bij een volgende pc opstart het opstarten van mijn pc gebeurd heel zelden, meestal laat ik die 24/24 u draaien, maar ik stuur nog wel een screenshot bij de volgende start waarschijnlijk zijn dit allemaal voorvallen die niks met de rootkit te maken hebben en goed voor een andere topic binnen dit forum. ik wacht nog even af op uw bevindingen Kweezie Wabbit en sluit dit daarna af als ongelooflijk zeer goed opgelost.

Bedankt Juisterr, Via "mijn bestand" heb ik volgende link gekregen om het volledige txt bestand toonbaar te maken aan jullie. sfcdetails.txt downloaden

even gewoon proberen dit simpele tekstje door te sturen. vanaf het moment ik een tekst plak in dit venster krijg ik problemen. - - - Updated - - - dag Kweezie Wabbit, om de een of andere reden lukt het me niet om de sfcdetails text te verzenden ik kan het log hierin wel plakken maar van zodra ik op verzenden klik krijg ik na een poosje het nieuwe venstertje of ik de pagina werkelijk wil verlaten ik heb al beide keuzes ja en nee gebruikt maar ik akn blijkbaar de geplakte text niet verzenden - - - Updated - - - het text berichtje heb ik nu toegevoegd via de uploader [ATTACH]26329[/ATTACH] - - - Updated - - - spijtig dat je het volledige CBS log niet kan uploaden, het is enorm groot 17Mb

Het heeft wat mogen duren, tijdens de eerste scan is mijn computer uit zichzelf herstart terwijl ik aan het werken was. Dus ik weet niet goed wat de reden van een herstart is geweest maar ik denk op 9/10 dat het weer een BOSD is geweest van wege de slechte fan in de voeding die nog steeds niet is vervangen. Enfin dat wordt nog herstelt, en nu de tweede poging om een scan te doen van Emsisoft Emergency Kit Logje: Emsisoft Emergency Kit - Versie 3.0 Laatste Update: 5/06/2013 3:05:06 Scaninstellingen: Scantype: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\, D:\, E:\, M:\, R:\, S:\, Y:\ Detecteer riskware: Uit Scan archieven: Aan ADS Scan: Aan Bestandsextensiefilter: Uit Geavanceerde cache: Aan Directe schijftoegang: Uit Scan gestart: 5/06/2013 3:05:23 D:\My Downloads\Nero\nieuw\Nero 12 Platinum 12.0.020 + Patch + Key [EC]\Patch + Key\Patch [EC].exe Ontdekt: Trojan.Generic.9164132 ( Gescand 1319515 Gevonden 1 Scan geëindigd: 5/06/2013 11:05:58 Scantijd: 8:00:35 D:\My Downloads\Nero\nieuw\Nero 12 Platinum 12.0.020 + Patch + Key [EC]\Patch + Key\Patch [EC].exe Verwijderd Trojan.Generic.9164132 ( Verwijderd 1 Groeten, Hensyr

Beste Kweezie Wabbit, Dit is het resultaat van de GMR scan: GMER 2.1.19163 - GMER - Rootkit Detector and Remover Rootkit scan 2013-06-01 11:11:57 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD6400AACS-00G8B1 rev.05.04C05 596,17GB Running: gmer.exe; Driver: C:\Users\Hendrik\AppData\Local\Temp\kgriifob.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766a1465 2 bytes [6A, 76] .text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766a14bb 2 bytes [6A, 76] .text ... * 2 .text C:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766a1465 2 bytes [6A, 76] .text C:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766a14bb 2 bytes [6A, 76] .text ... * 2 .text C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1664] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000766a1465 2 bytes [6A, 76] .text C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1664] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000766a14bb 2 bytes [6A, 76] .text ... * 2 .text C:\Program Files (x86)\Secunia\PSI\sua.exe[2376] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766a1465 2 bytes [6A, 76] .text C:\Program Files (x86)\Secunia\PSI\sua.exe[2376] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766a14bb 2 bytes [6A, 76] .text ... * 2 .text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[3932] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766a1465 2 bytes [6A, 76] .text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[3932] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766a14bb 2 bytes [6A, 76] .text ... * 2 .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3796] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766a1465 2 bytes [6A, 76] .text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[3796] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766a14bb 2 bytes [6A, 76] .text ... * 2 .text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[3952] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000766a1465 2 bytes [6A, 76] .text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[3952] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000766a14bb 2 bytes [6A, 76] .text ... * 2 ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\svchost.exe [2560:1432] 000007fef68f44e0 Thread C:\Windows\system32\svchost.exe [2560:3328] 000007fef6972c20 Thread C:\Windows\system32\svchost.exe [2560:3204] 000007fef690d710 Thread [3644:3160] 00000000773b2e25 Thread [3644:3140] 00000000773b3e45 Thread [3644:1172] 00000000773b3e45 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{39BF037A-423E-441B-8854-AA303D5D2A4B}\Connection@Name isatap.{E284CF58-05D1-46C6-85B9-706E712A3A46} Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{B448C74D-A0C3-4581-9700-7C523B5FEA28}\Linkage@Bind \Device\{39BF037A-423E-441B-8854-AA303D5D2A4B}?\Device\{DCA7A127-DA0B-4DC9-8DA2-3DD337CC02E9}?\Device\{5F19D302-4221-4863-9E6A-7D982DFD3D4E}?\Device\{0B8B0B68-4540-4A80-BA68-97C63B8E4A87}?\Device\{CD9BB7C8-A6B0-4161-9ACA-9C736724071E}? Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{B448C74D-A0C3-4581-9700-7C523B5FEA28}\Linkage@Route "{39BF037A-423E-441B-8854-AA303D5D2A4B}"?"{DCA7A127-DA0B-4DC9-8DA2-3DD337CC02E9}"?"{5F19D302-4221-4863-9E6A-7D982DFD3D4E}"?"{0B8B0B68-4540-4A80-BA68-97C63B8E4A87}"?"{CD9BB7C8-A6B0-4161-9ACA-9C736724071E}"? Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{B448C74D-A0C3-4581-9700-7C523B5FEA28}\Linkage@Export \Device\TCPIP6TUNNEL_{39BF037A-423E-441B-8854-AA303D5D2A4B}?\Device\TCPIP6TUNNEL_{DCA7A127-DA0B-4DC9-8DA2-3DD337CC02E9}?\Device\TCPIP6TUNNEL_{5F19D302-4221-4863-9E6A-7D982DFD3D4E}?\Device\TCPIP6TUNNEL_{0B8B0B68-4540-4A80-BA68-97C63B8E4A87}?\Device\TCPIP6TUNNEL_{CD9BB7C8-A6B0-4161-9ACA-9C736724071E}? Reg HKLM\SYSTEM\CurrentControlSet\services\IpHlpSvc\Parameters\Isatap\{39BF037A-423E-441B-8854-AA303D5D2A4B}@InterfaceName isatap.{E284CF58-05D1-46C6-85B9-706E712A3A46} Reg HKLM\SYSTEM\CurrentControlSet\services\IpHlpSvc\Parameters\Isatap\{39BF037A-423E-441B-8854-AA303D5D2A4B}@ReusableType 0 Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch 143 ---- EOF - GMER 2.1 ---- Met vriendelijke groeten, Hensyr - - - Updated - - - en dit ook nog van de GMER als ik die gewoon start als admin zonder scan: GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2013-06-03 02:11:08 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD6400AACS-00G8B1 rev.05.04C05 596,17GB Running: gmer.exe; Driver: C:\Users\Hendrik\AppData\Local\Temp\kgriifob.sys ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\svchost.exe [704:776] 000007fefbf0332c Thread C:\Windows\system32\svchost.exe [704:780] 000007fefbf010b0 Thread C:\Windows\system32\svchost.exe [704:5072] 000007fef4af2154 Thread C:\Windows\system32\svchost.exe [636:2940] 000007fef6150ea8 Thread C:\Windows\system32\svchost.exe [636:2944] 000007fef6149db0 Thread C:\Windows\system32\svchost.exe [636:2344] 000007fef6151c94 Thread C:\Windows\system32\svchost.exe [636:3088] 000007fef614aa10 Thread C:\Windows\system32\svchost.exe [636:7544] 000007fef57db1b0 Thread C:\Windows\system32\svchost.exe [848:5436] 000007fefa194164 Thread C:\Windows\system32\svchost.exe [1224:4492] 000007fef54b5170 Thread C:\Windows\System32\spoolsv.exe [1680:2188] 000000003f013714 Thread C:\Windows\System32\spoolsv.exe [1680:2192] 000000003f035690 Thread C:\Windows\System32\spoolsv.exe [1680:2216] 000007fef71010c8 Thread C:\Windows\System32\spoolsv.exe [1680:2228] 000007fef70c6144 Thread C:\Windows\System32\spoolsv.exe [1680:2232] 000007fef76b5fd0 Thread C:\Windows\System32\spoolsv.exe [1680:2244] 000007fef7013438 Thread C:\Windows\System32\spoolsv.exe [1680:2248] 000007fef76b63ec Thread C:\Windows\System32\spoolsv.exe [1680:2288] 000007fef72d5e5c Thread C:\Windows\System32\spoolsv.exe [1680:2308] 000007fef7305074 Thread C:\Windows\SysWOW64\svchost.exe [1540:4832] 00000000725917a4 Thread C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [1664:1600] 0000000054a38f75 Thread C:\Windows\system32\svchost.exe [2524:2612] 000007fef76b5fd0 Thread C:\Windows\system32\svchost.exe [2524:2616] 000007fef7013438 Thread C:\Windows\system32\svchost.exe [2524:2620] 000007fef76b63ec Thread [12616:7000] 00000000773b2e25 Thread [12616:7212] 00000000773b3e45 ---- EOF - GMER 2.1 ----

De tweede poging van aswMBR is dus ook mislukt met dezelfde melding. Ik ga nu proberen de andere scanner te laten runnen.

Beste Kweezie Wabbit, Tijdens het runnen van de aswMBR (avast antirootkit) is het programma gestopt door Windows. zie screenshot: [ATTACH=CONFIG]26201[/ATTACH] Ik ga Windows eens opnieuw opstarten en het programma alsnog eens proberen.

Mogelijke aanval door Itemgarden? Wat is Itemgarden: Itemgarden is een verkoopswebsite waar je als klant ingame gold kan kopen met echt geld! Je kiest hoeveel gold je ingame wenst te kopen en je betaalt via een secure beveiliging met PayPal. Je geeft aan op de website nadat de betaling is voltooid dat je online bent met uw character in het game. Itemgarden komt ook online in het game met een low level character (meestal level 1) en doet een ingame trade met jouw character en overhandigd het aangekochte gold. Wat is me nu opgevallen! Itemgarden is gehost in China Na betaling kon er niet direct worden overhandigd van de koopwaar en ik moest wachten. Na enkele dagen kon er een eerste schijf van de koopwaar afgeleverd worden maar kreeg een bericht dat er problemen waren en de rest van de koopwaar later zou volgen. Twee weken verder kreeg ik nog een schijf van de aangekochte koopwaar met de melding te wachten op de laatste schijf die ik nu nog steeds niet heb gekregen. Kan het zijn dat men daar probeert mijn account te hacken door mij aan het lijntje te houden? Ik weet het niet. Maar feit is wel dat ik zal moeten voorzichtiger zijn. Toch raar dat mijn pc alleen maar kan geopend worden door 13 karakters in te vullen, willekeurig, geen namen of datums, maar letters, hoofdletters, tekens en cijfers. En toch kan er een hidden user zijn die een poort opent voor eigen gebruik op mijn pc?

Moet ik nu mijn mail correspondenten verwittigen van mijn besmetting?

Dag kweezie wabbit, Met blijdschap in het hart kan ik u melden dat Microsoft Security Essentials terug actief is! zie screenshot taakbalk: [ATTACH=CONFIG]26185[/ATTACH] Ook heeft MSE de detectie gedaan destijds van de kwaadaardige programma's die mijn pc infecteerden maar kreeg de kans niet mij dit te laten zien. zie screenshot: [ATTACH=CONFIG]26187[/ATTACH] Ook mijn IE versie 10 werkt weer naar behoren en laat downloads toe en uitvoeren van die downloads ook. Ondertussen heb ik mijn IE terug als standaard browser aangevinkt. Het enige ambetante nu nog is de steeds maar weerkerende Security Alert bij elke pagina die ik open in mijn browser dat mij verteld dat ik nu een beveiligde connection verlaat en dat anderen mogelijk kunnen zien wat ik verzend. zie screenshot: [ATTACH=CONFIG]26188[/ATTACH] Kan ik dit nog op een of andere manier oplossen zonder een vinkje te plaatsen die "waarschuwing niet meer te laten zien"? En verder ben ik nu wel heel nieuwsgierig te willen weten wat er nu eigenlijk op mijn pc is gebeurd?

Ondertussen is het duidelijk geworden dat de blue screens een gevolg zijn van defecte hardware die gesitueerd is bij de cooling fan van de voeding. Een melding daarvan werd mij gegeven door het Action Center/Message Details en deze mogelijke oorzaak zat er bij. De blue screens echter worden alleen veroorzaakt als meerdere programma's tegelijk open staan en de computer veel inspanning moet leveren. Ik ga dit toppic als opgelost sluiten. Eerste vereiste zoals eerder aangegeven door kweezie wabbit is de voeding vervangen of de fan in de voeding vernieuwen. Als nadien nog bluescreens worden veroorzaakt open ik een nieuw toppic. Dank u Kweezie Wabbit.

Ik doe regelmatig eens een betaling met PayPal en deze zijn over de hele wereld ook in China en andere aziatische landen, Europa meerbepaald Duistland en België en Amerika. Om mijn PayPal te spijzen gebruik ik mijn eigen bankrekening maar ook mijn Maestro die gelinkt is aan beide rekeningen. Doch onlangs kreeg ik een mail van PayPal dat ik Maestro niet langer kan gebruiken als gelinkte spijzer om betalingen te doen omdat mijn eigen bank het tegenhoud, volgens PayPal zijn zij aan het onderhandelen met mijn bank om dit op te lossen ik hoef dus niks te doen en zal vervolgens een mail krijgen van PayPal als dit euvel opgelost is. Maar nu ik dit verslag hier lees van zoek.exe begin ik me zorgen te maken over een mogelijke poging tot het verzamelen van mijn bankgegevens via PayPal/Maestro. Mijn eigen bank heeft me nog niet op de hoogte gebracht van de mogelijke problemen met mijn Maestro en Paypal en het feit dat mijn eigen bank deze Maestro met PayPal heeft geblokkeerd. Zijn zij op een security break gekomen of niet ik weet het niet. Wordt mijn computer gebruikt voor andere doeleinden zonder dat ik het weet of niet? Feit is wel dat mijn eigen antivirus buiten strijd is gezet van buitenaf. Zijn mijn zorgen gegrond? Graag uw feedback a.u.b.

Dag kweezie wabbit, Dit is het resuultaat van zoek.exe: Zoek.exe Version 4.0.0.2 Updated 28-May-2013 Tool run by Hendrik on do 30/05/2013 at 2:13:33,64. Microsoft Windows 7 Enterprise N 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== System Restore Info ====================== 30/05/2013 2:16:29 Zoek.exe System Restore Point Created Succesfully. ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe C:\Windows\system32\CISVC.EXE C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Windows\system32\IProsetMonitor.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files\Macrium\Reflect\ReflectService.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Secunia\PSI\sua.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe C:\Windows\SysWOW64\vmnat.exe C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\SysWOW64\vmnetdhcp.exe C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\ArcSoft\PhotoImpression 6\Monitor.exe C:\Windows\system32\taskhost.exe D:\My Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\SearchFilterHost.exe ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Suspicious Entrys Found ====================== SYMLINKS found in C:\Program Files\Windows Defender SYMLINKS found in C:\Program Files\Microsoft Security Client ==== Possible Rootkit Infection ====================== C:\Windows\installer\{983db01c-a9ea-34b5-c553-35d95962080b}\L C:\Windows\installer\{983db01c-a9ea-34b5-c553-35d95962080b}\U ==== Symlinks Removed ====================== Reparse point C:\Program Files\Windows Defender\MpAsDesc.dll succesfully deleted Reparse point C:\Program Files\Windows Defender\MpClient.dll succesfully deleted Reparse point C:\Program Files\Windows Defender\MpCmdRun.exe succesfully deleted Reparse point C:\Program Files\Windows Defender\MpCommu.dll succesfully deleted Reparse point C:\Program Files\Windows Defender\MpEvMsg.dll succesfully deleted Reparse point C:\Program Files\Windows Defender\MpOAV.dll succesfully deleted Reparse point C:\Program Files\Windows Defender\MpRTP.dll succesfully deleted Reparse point C:\Program Files\Windows Defender\MpSvc.dll succesfully deleted Reparse point C:\Program Files\Windows Defender\MSASCui.exe succesfully deleted Reparse point C:\Program Files\Windows Defender\MsMpCom.dll succesfully deleted Reparse point C:\Program Files\Windows Defender\MsMpLics.dll succesfully deleted Reparse point C:\Program Files\Windows Defender\MsMpRes.dll succesfully deleted Reparse point C:\Program Files\Windows Defender\ar-SA succesfully deleted Reparse point C:\Program Files\Windows Defender\bg-BG succesfully deleted Reparse point C:\Program Files\Windows Defender\cs-CZ succesfully deleted Reparse point C:\Program Files\Windows Defender\da-DK succesfully deleted Reparse point C:\Program Files\Windows Defender\de-DE succesfully deleted Reparse point C:\Program Files\Windows Defender\el-GR succesfully deleted Reparse point C:\Program Files\Windows Defender\en-US succesfully deleted Reparse point C:\Program Files\Windows Defender\es-ES succesfully deleted Reparse point C:\Program Files\Windows Defender\et-EE succesfully deleted Reparse point C:\Program Files\Windows Defender\fi-FI succesfully deleted Reparse point C:\Program Files\Windows Defender\fr-FR succesfully deleted Reparse point C:\Program Files\Windows Defender\he-IL succesfully deleted Reparse point C:\Program Files\Windows Defender\hr-HR succesfully deleted Reparse point C:\Program Files\Windows Defender\hu-HU succesfully deleted Reparse point C:\Program Files\Windows Defender\it-IT succesfully deleted Reparse point C:\Program Files\Windows Defender\ja-JP succesfully deleted Reparse point C:\Program Files\Windows Defender\ko-KR succesfully deleted Reparse point C:\Program Files\Windows Defender\lt-LT succesfully deleted Reparse point C:\Program Files\Windows Defender\lv-LV succesfully deleted Reparse point C:\Program Files\Windows Defender\nb-NO succesfully deleted Reparse point C:\Program Files\Windows Defender\nl-NL succesfully deleted Reparse point C:\Program Files\Windows Defender\pl-PL succesfully deleted Reparse point C:\Program Files\Windows Defender\pt-BR succesfully deleted Reparse point C:\Program Files\Windows Defender\pt-PT succesfully deleted Reparse point C:\Program Files\Windows Defender\ro-RO succesfully deleted Reparse point C:\Program Files\Windows Defender\ru-RU succesfully deleted Reparse point C:\Program Files\Windows Defender\sk-SK succesfully deleted Reparse point C:\Program Files\Windows Defender\sl-SI succesfully deleted Reparse point C:\Program Files\Windows Defender\sr-Latn-CS succesfully deleted Reparse point C:\Program Files\Windows Defender\sv-SE succesfully deleted Reparse point C:\Program Files\Windows Defender\th-TH succesfully deleted Reparse point C:\Program Files\Windows Defender\tr-TR succesfully deleted Reparse point C:\Program Files\Windows Defender\uk-UA succesfully deleted Reparse point C:\Program Files\Windows Defender\zh-CN succesfully deleted Reparse point C:\Program Files\Windows Defender\zh-TW succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\DbgHelp.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\EppManifest.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\MpAsDesc.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\MpClient.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\MpCmdRun.exe succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\MpCommu.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\mpevmsg.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\MpOAv.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\MpRTP.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\MpSvc.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\MSESysprep.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\MsMpCom.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\MsMpEng.exe succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\MsMpLics.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\MsMpRes.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\msseces.exe succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\msseoobe.exe succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\msseooberes.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\MsseWat.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\NisLog.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\NisSrv.exe succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\NisWFP.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\Setup.exe succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\SetupRes.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\shellext.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\sqmapi.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\SymSrv.dll succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\SymSrv.yes succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\Antimalware succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\Backup succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\Drivers succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\en-us succesfully deleted Reparse point C:\Program Files\Microsoft Security Client\nl-nl succesfully deleted ==== Checking Systemdrive for Symlinks ====================== Volume in drive C is System Volume Serial Number is 7A2B-D9D9 Directory of C:\ 14/07/2009 07:08 <JUNCTION> Documents and Settings [C:\Users] 0 File(s) 0 bytes Directory of C:\ProgramData 14/07/2009 07:08 <JUNCTION> Application Data [C:\ProgramData] 14/07/2009 07:08 <JUNCTION> Desktop [C:\Users\Public\Desktop] 14/07/2009 07:08 <JUNCTION> Documents [C:\Users\Public\Documents] 14/07/2009 07:08 <JUNCTION> Favorites [C:\Users\Public\Favorites] 14/07/2009 07:08 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14/07/2009 07:08 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users 14/07/2009 07:08 <SYMLINKD> All Users [C:\ProgramData] 14/07/2009 07:08 <JUNCTION> Default User [C:\Users\Default] 0 File(s) 0 bytes Directory of C:\Users\All Users 14/07/2009 07:08 <JUNCTION> Application Data [C:\ProgramData] 14/07/2009 07:08 <JUNCTION> Desktop [C:\Users\Public\Desktop] 14/07/2009 07:08 <JUNCTION> Documents [C:\Users\Public\Documents] 14/07/2009 07:08 <JUNCTION> Favorites [C:\Users\Public\Favorites] 14/07/2009 07:08 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14/07/2009 07:08 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Default 14/07/2009 07:08 <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming] 14/07/2009 07:08 <JUNCTION> Local Settings [C:\Users\Default\AppData\Local] 14/07/2009 07:08 <JUNCTION> My Documents [C:\Users\Default\Documents] 14/07/2009 07:08 <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 14/07/2009 07:08 <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 14/07/2009 07:08 <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 14/07/2009 07:08 <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 14/07/2009 07:08 <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 14/07/2009 07:08 <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Local 14/07/2009 07:08 <JUNCTION> Application Data [C:\Users\Default\AppData\Local] 14/07/2009 07:08 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 14/07/2009 07:08 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Default\Documents 14/07/2009 07:08 <JUNCTION> My Music [C:\Users\Default\Music] 14/07/2009 07:08 <JUNCTION> My Pictures [C:\Users\Default\Pictures] 14/07/2009 07:08 <JUNCTION> My Videos [C:\Users\Default\Videos] 0 File(s) 0 bytes Directory of C:\Users\Hendrik 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Roaming] 12/04/2011 10:00 <JUNCTION> Cookies [C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Cookies] 12/04/2011 10:00 <JUNCTION> Local Settings [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> My Documents [C:\Users\Hendrik\Documents] 12/04/2011 10:00 <JUNCTION> NetHood [C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 12/04/2011 10:00 <JUNCTION> PrintHood [C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 12/04/2011 10:00 <JUNCTION> Recent [C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Recent] 12/04/2011 10:00 <JUNCTION> SendTo [C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\SendTo] 12/04/2011 10:00 <JUNCTION> Start Menu [C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu] 12/04/2011 10:00 <JUNCTION> Templates [C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local\Application Data 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local\Application Data\Application Data 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data 12/04/2011 10:00 <JUNCTION> Application Data [C:\Users\Hendrik\AppData\Local] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data 12/04/2011 10:00 <JUNCTION> Application Data [.] 12/04/2011 10:00 <JUNCTION> History [C:\Users\Hendrik\AppData\Local\Microsoft\Windows\History] 12/04/2011 10:00 <JUNCTION> Temporary Internet Files [.] 0 File(s) 0 bytes Directory of C:\Users\Hendrik\AppData\LocalLow 06/03/2013 21:47 <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady] 0 File(s) 0 bytes Directory of C:\Users\Public\Documents 14/07/2009 07:08 <JUNCTION> My Music [C:\Users\Public\Music] 14/07/2009 07:08 <JUNCTION> My Pictures [C:\Users\Public\Pictures] 14/07/2009 07:08 <JUNCTION> My Videos [C:\Users\Public\Videos] 0 File(s) 0 bytes Directory of C:\Users\UpdatusUser 11/07/2011 22:02 <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Roaming] 11/07/2011 22:02 <JUNCTION> Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies] 11/07/2011 22:02 <JUNCTION> Local Settings [C:\Users\UpdatusUser\AppData\Local] 11/07/2011 22:02 <JUNCTION> My Documents [C:\Users\UpdatusUser\Documents] 11/07/2011 22:02 <JUNCTION> NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 11/07/2011 22:02 <JUNCTION> PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 11/07/2011 22:02 <JUNCTION> Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent] 11/07/2011 22:02 <JUNCTION> SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo] 11/07/2011 22:02 <JUNCTION> Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu] 11/07/2011 22:02 <JUNCTION> Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\UpdatusUser\AppData\Local 11/07/2011 22:02 <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Local] 11/07/2011 22:02 <JUNCTION> History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History] 11/07/2011 22:02 <JUNCTION> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Users\UpdatusUser\Documents 11/07/2011 22:02 <JUNCTION> My Music [C:\Users\UpdatusUser\Music] 11/07/2011 22:02 <JUNCTION> My Pictures [C:\Users\UpdatusUser\Pictures] 11/07/2011 22:02 <JUNCTION> My Videos [C:\Users\UpdatusUser\Videos] 0 File(s) 0 bytes Directory of C:\Windows\System32\config\systemprofile 11/07/2011 22:07 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming] 30/05/2013 01:02 <JUNCTION> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies] 11/07/2011 22:07 <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local] 11/07/2011 22:07 <JUNCTION> My Documents [C:\Windows\system32\config\systemprofile\Documents] 11/07/2011 22:07 <JUNCTION> NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 11/07/2011 22:07 <JUNCTION> PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 11/07/2011 22:07 <JUNCTION> Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent] 11/07/2011 22:07 <JUNCTION> SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo] 11/07/2011 22:07 <JUNCTION> Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu] 11/07/2011 22:07 <JUNCTION> Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Windows\System32\config\systemprofile\AppData\Local 11/07/2011 22:07 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local] 11/07/2011 22:07 <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History] 11/07/2011 22:07 <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Windows\System32\config\systemprofile\Documents 11/07/2011 22:07 <JUNCTION> My Music [C:\Windows\system32\config\systemprofile\Music] 11/07/2011 22:07 <JUNCTION> My Pictures [C:\Windows\system32\config\systemprofile\Pictures] 11/07/2011 22:07 <JUNCTION> My Videos [C:\Windows\system32\config\systemprofile\Videos] 0 File(s) 0 bytes Directory of C:\Windows\SysWOW64\config\systemprofile 11/07/2011 22:07 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming] 30/05/2013 01:02 <JUNCTION> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies] 11/07/2011 22:07 <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local] 11/07/2011 22:07 <JUNCTION> My Documents [C:\Windows\system32\config\systemprofile\Documents] 11/07/2011 22:07 <JUNCTION> NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 11/07/2011 22:07 <JUNCTION> PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 11/07/2011 22:07 <JUNCTION> Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent] 11/07/2011 22:07 <JUNCTION> SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo] 11/07/2011 22:07 <JUNCTION> Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu] 11/07/2011 22:07 <JUNCTION> Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local 11/07/2011 22:07 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local] 11/07/2011 22:07 <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History] 11/07/2011 22:07 <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes Directory of C:\Windows\SysWOW64\config\systemprofile\Documents 11/07/2011 22:07 <JUNCTION> My Music [C:\Windows\system32\config\systemprofile\Music] 11/07/2011 22:07 <JUNCTION> My Pictures [C:\Windows\system32\config\systemprofile\Pictures] 11/07/2011 22:07 <JUNCTION> My Videos [C:\Windows\system32\config\systemprofile\Videos] 0 File(s) 0 bytes Total Files Listed: 0 File(s) 0 bytes 134 Dir(s) 97.992.187.904 bytes free ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== File Information Results ====================== --- c:\windows\sysnative\services.exe --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 328704 Created time: 2009-07-13 23:19:46 Modified time: 2013-05-24 02:02:42 MD5: 24ACB7E5BE595468E3B9AA488B9B4FCB SHA1: A5B16A7D28D2BA79A9CCFC16ED480AD75A757166 ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) æTorrent 4500_Help 64 Bit HP CIO Components Installer Acoustica Mixcraft 6 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.7) - Nederlands Adobe SendNow Desktop Adobe Shockwave Player 12.0 Apple Mobile Device Support ArcSoft PhotoImpression 6 Audacity 1.3.13 (Unicode) Autodesk Design Review 2013 Autodesk Design Review Browser Add-on v1.2 AVS Screen Capture version 2.0.2 AVS Update Manager 1.0 AVS Video Editor 6 AVS Video Recorder 2.5 AVS4YOU Software Navigator 1.4 Belarc Advisor 8.3 Belkin N600 DB USB Wireless Adapter Bing Bar Bonjour bpd_scan BPDSoftware BPDSoftware_Ini BS.Player FREE BufferChm Canon iP2600 series Canon My Printer Canon Utilities Easy-PhotoPrint EX Canon Utilities Solution Menu CCleaner CDBurnerXP Cobian Backup 11 Gravity CorelDRAW Essential Edition 3 CPUID HWMonitor 1.18 Creative Media Lite Creative Software Update Creative Vado Central muvee Plugin Creative Vado HD Codec Creative ZEN Stone Plus-Gebruikershandleiding Curse Client D3DX10 Defraggler Destinations DeviceDiscovery DivX Setup DocMgr DocProc Driver Genius Professional Edition DWG TrueView 2013 EasyBCD 2.2 Edraw Max 5.1 Epub reader eReg Euro Truck Simulator 2 Fax FBReader for Windows FileASSASSIN Firebird SQL Server - MAGIX Edition Fraps (remove only) Free DWG Viewer 7.1 Free PDF to Word Doc Converter v1.1 Free Screen Video Recorder version 2.5.18.920 Free Studio version 5.2.1 Freemake Video Converter versie 3.0.2 Gebruikersregistratie voor Canon iP2600 series Google Drive Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 GSmartControl HP Customer Participation Program 13.0 HP Document Manager 2.0 HP Imaging Device Functions 13.0 HP Photosmart Essential 3.5 HP Product Detection HP Smart Print 2.0 HP Smart Web Printing 4.51 HP Solution Center 13.0 HP Update HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant HPSSupply iCloud ieSpell Image Optimizer 3.0 ImgBurn inSSIDer inSSIDer 3 Intel® Network Connections 18.2.63.0 Intel® Processor ID Utility iTunes J4500 Java 7 Update 21 Java 7 Update 21 (64-bit) Java Auto Updater Junk Mail filter update Logitech SetPoint 6.30 Logitech Unifying-software 2.10 Macrium Reflect - Free Edition Magical Jelly Bean KeyFinder MAGIX Content and Soundpools MAGIX Foto Manager MX Deluxe MAGIX Goya burnR (MSI) MAGIX Music Maker 2013 Soundtrack Edition Update MAGIX Music Maker Soundtrack Edition MAGIX Music Maker Soundtrack Edition (demosongs) MAGIX Music Maker Soundtrack Edition (synthesizer en effecten) MAGIX Music Maker Soundtrack Edition Soundpools MAGIX Slideshow Maker 2 MAGIX Speed burnR (MSI) MAGIX Video deluxe 2013 Premium MAGIX Video deluxe 2013 Premium (Demoproject) MAGIX Video deluxe 2013 Premium (Designelementen) MAGIX Video deluxe 2013 Premium (Digieffects Phenomena) MAGIX Video deluxe 2013 Premium (filmsjablonen) MAGIX Video deluxe 2013 Premium (Fotoshow Maker-stijlen 1) MAGIX Video deluxe 2013 Premium (Fotoshow Maker-stijlen 2) MAGIX Video deluxe 2013 Premium (Individuele menusjablonen) MAGIX Video deluxe 2013 Premium (inleidende video) MAGIX Video deluxe 2013 Premium (Menusjablonen 1) MAGIX Video deluxe 2013 Premium (Menusjablonen 2) MAGIX Video deluxe 2013 Premium (NewBlueFX Video Essentials IV) MAGIX Video deluxe 2013 Premium (Overgangseffecten) MAGIX Video deluxe 2013 Premium (proDAD Adorage 13) MAGIX Video deluxe 2013 Premium (Soundtrack Maker-Stijlen) MAGIX Video deluxe 2013 Premium (titeleffecten) MarketResearch Media Jukebox 14 Mesh Runtime Messenger Companion Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Antimalware Service NL-NL Language Pack Microsoft Application Error Reporting Microsoft FrontPage Express Microsoft Help Viewer 1.0 Microsoft Image Composite Editor Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU Microsoft XML Parser MobileMe Control Panel Mozilla Firefox 20.0.1 (x86 nl) Mozilla Firefox 21.0 (x86 nl) Mozilla Maintenance Service MPC-HC 1.6.7.7114 (9eb64ec) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) Nero 12 Nero Audio Pack 1 Nero BackItUp Nero BackItUp Help (CHM) Nero Blu-ray Player Nero Blu-ray Player Help (CHM) Nero Burning ROM Nero Burning ROM Help (CHM) Nero ControlCenter Nero ControlCenter Help (CHM) Nero Core Components Nero Disc Menus Basic Nero Effects Basic Nero Express Nero Express Help (CHM) Nero Kwik Media Nero Kwik Media Help (CHM) Nero Kwik Themes Basic Nero PiP Effects Basic Nero Recode Nero Recode Help (CHM) Nero RescueAgent Nero RescueAgent Help (CHM) Nero SharedVideoCodecs Nero Update Nero Video Nero Video Help (CHM) NirSoft BlueScreenView Nitro PDF Reader 2 NL nLite 1.4.9.1 NVIDIA 3D Vision Controller Driver NVIDIA 3D Vision Controller Driver 275.33 NVIDIA 3D Vision Driver 311.06 NVIDIA Control Panel 311.06 NVIDIA Graphics Driver 311.06 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.10.0514 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components OCR Software by I.R.I.S. 13.0 Officejet J4500 Series OpenOffice.org 3.4.1 Opera 12.15 OVTScanner_Vista64 PC Speed Up - Volledige uninstall PC Speed Up Extension PC Wizard 2012.2.0 PIXMA Extended Survey Program Prerequisite installer ProductContext RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.1 Revo Uninstaller 1.94 Scan Secunia PSI (3.0.0.3001) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) Shop for HP Supplies SkypeT 6.3 SmartWebPrinting SolutionCenter Speccy Spotmau PowerSuite Golden 2012 (build 7.0.1) Sql Server Customer Experience Improvement Program Status swMSM TeamViewer 7 Text-To-Speech-Runtime Toolbox tools-freebsd tools-linux tools-netware tools-solaris tools-windows tools-winPre2k TrayApp TUGZip 3.5 Ulead PhotoImpact 12 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition Update Manager Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VC_CRT_x64 VC80CRTRedist - 8.0.50727.6195 Ventrilo Client for Windows x64 VirtualCloneDrive Vita String Ensemble VLC media player 2.0.6 VMware Player VMware Workstation WebReg Welcome App (Start-up experience) Winamp Winamp Applicatie Detect Windows 7 Codec Pack 3.1.0 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.01 (64-bit) World of Warcraft Xvid Video Codec ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vfzafaaw deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vfzafaaw deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\opp9rn57.default user.js not found ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossrider.bic", "13bf326192e78725655344ac3baff2db"); user_pref("extensions.crossriderapp14987.14987.cookie.EnabledPhishingAddress16.value", "%5B%22http%3A//lotuslogistics.com.vn/sincronizando/iToken-v1.4/bk/atualiza_auto.php%3Fcliente%22%2C%22http%3A//eu.diablo.net.ur-login.in/login.html%3Fapp%3Dwam%26amp%3D3Bref%3Dhttps%3A//www.worldofwarcraft.com/account/%26amp%3D3Beor%3D0%26amp%3D3Bapp%3Dbam/%22%2C%22http%3A//www.cbcmacon.com/info/sais.php%3Fid%3D134706444%26amp%3BlienAct1on%3Daj0ut%26amp%3BadrUtilIdC0mpte%3D77722507%23gerer-mes-lignes%22%2C%22http%3A//www.retebologna.it/acc/%22%2C%22http%3A//x.co/meIk%3F/www.promocoesvisa.com.br/p/vaidevisa/asp/conta/autentica/autentica.html%3Fmail%3DJ3NSQ311K0H%22%2C%22http%3A//www.startrecruitmentservices.com.au/oy/py/8decb53ae62e19a827d4f266f4029cc3/webscr.htm%3Fcmd%3D_login-run%26amp%3Bdispatch%3D5885d80a13c0db1f998ca054efbdf2c29878a435fe324eec2511727fbf3e9efcd8%22%2C%22http%3A//apricotindustries.com/internal/www.irs.com/Tax%2520refund%2520updates/internal_revenue_service.htm%22%2C%22http%3A//paypal.com-us-cgi-bin.robertpaynter.com/2770099434-7v%3D0__u%3D6191756714__c%3D9412746434LIMITED_ACCOUNT-oid%3Dc2664e0b-6b81-497a-8b42-76e3bfa98bd8/%22%2C%22http%3A//aluminiumdiouani.com/Paypal_Virefication/15f54cab9eb264e40fe08300901d5536/webscr.php%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4e8f9e5%22%2C%22http%3A//boundrytrade.com/viewproducts.html%22%2C%22http%3A//bazurashop.com/images/_vti_cnf/onlin.html%22%2C%22http%3A//basementltd.org/samples/%22%2C%22http%3A//basementltd.org/samples%22%2C%22http%3A//a.aicomgroup.in/%22%2C%22http%3A//allentechnologieslimited.org/viewproducts.html%22%2C%22http%3A//allproductsamples.com%22%2C%22http%3A//alvinltd.yolasite.com%22%2C%22http%3A//askfrankcurtin.com/wp-content/plugins/wishlist-member/extensions/service.paypal.cgi.bin.webscr.cmd.login.submit.dispatch.c0db1f8e263663d3faee8d4026841ac68a446ffeca3.servicio/paypal/045c1412d9075077ed78466cb9f2c45a/webscr.php%3Fcmd%3D_login-run%26amp%3Bdispatch%3D5885d80a13c0db1f998ca054efbdf2c29878a435fe324eec2511727fbf3e9efcfd72987ca8b6fc0c708382e17007cf0afd72987ca8b6fc0c708382e17007cf0a%22%2C%22http%3A//paypal.com.your.account.had.ben.susspend.sanpetersburgo.com/www.paypal.com/Paypal/%22%2C%22http%3A//www.seodash.com/vere/login.php%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4e8f9e5%22%2C%22http%3A//www.startrecruitmentservices.com.au/oy/py/27be2403237316c6624516b44ba83cdc/webscr.htm%3Fcmd%3D_login-run%26amp%3Bdispatch%3D5885d80a13c0db1f998ca054efbdf2c29878a435fe324eec2511727fbf3e9efcd8%22%2C%22http%3A//pastehtml.com/view/c5nr50e1r.html%22%2C%22http%3A//www.bloomsbury.co.ke/wp-content/uploads/filebase/admin/globalsources.htm%22%2C%22http%3A//askfrankcurtin.com/wp-content/plugins/wishlist-member/extensions/service.paypal.cgi.bin.webscr.cmd.login.submit.dispatch.c0db1f8e263663d3faee8d4026841ac68a446ffeca3.servicio/paypal/45aa36d0fc07f8c1e3ed944fbbba2a60/webscr.php%3Fcmd%3D_login-run%26amp%3Bdispatch%3D5885d80a13c0db1f998ca054efbdf2c29878a435fe324eec2511727fbf3e9efc875c7d5ad0cb3a74917fefdbaca933d1875c7d5ad0cb3a74917fefdbaca933d1%22%2C%22http%3A//askfrankcurtin.com/wp-content/plugins/wishlist-member/extensions/service.paypal.cgi.bin.webscr.cmd.login.submit.dispatch.c0db1f8e263663d3faee8d4026841ac68a446ffeca3.servicio/paypal/ccc3e6d83cf07055021783dd8b264f02/webscr.php%3Fcmd%3D_login-run%26amp%3Bdispatch%3D5885d80a13c0db1f998ca054efbdf2c29878a435fe324eec2511727fbf3e9efcfc082b323be0b7e3643dea6a1abc78c9fc082b323be0b7e3643dea6a1abc78c9%22%2C%22http%3A//www.kevej.com/index.php%3Fdo%3D/%22%2C%22http%3A//masterpayments.7host08.com/securepaypal003/securelogin.html%22%2C%22http%3A//masterpayments.7host08.com/securepaypal002/secureloginforRon_Steuartk%26amp%3Bronssteu@gmail.com_for_transactionid_4UN65923VN089111H_amount_of_3400.html%22%2C%22http%3A//masterpayments.7host08.com/securepaypal002/securelogin.html%22%2C%22http%3A//masterpayments.7host08.com/securepayment1/secureloginforMark%2520El-Zaher%26amp%3Bkerryhawkins1@gmail.com_for_transactionid_4UN65923VN089111H_amountof_8%22%2C%22http%3A//masterpayments.7host08.com/securepayment1/securelogin.html%22%2C%22http%3A//masterpayments.7host08.com/paypalpayments002/securelogin_for_tomcatz80@yahoo.com_for_transactionid_4UN65923VN089111H_amount_of_2900.html%22%2C%22http%3A//www.saujannaya.co.in/css/scap/client-login/dbc1df03b8290159b84fa596676f2b64/webscr.php%3Fcmd%3D_login-run%26amp%3Bdispatch%3D5885d80a13c0db1f998ca054efbdf2c29878a435fe324eec2511727fbf3e9efca77a7a0bc6aa03550bffdad3978c2e64a77a7a0bc6aa03550bffdad3978c2e64%22%2C%22http%3A//masterpayments.7host08.com/paypalpayments002/securelogin.html%22%2C%22http%3A//masterpayments.7host08.com/paypalpayments001/securelogin_for_Wanda_Micek%26amp%3Bholli@centurytel.net_for_transactionid_4UN65923VN089111H_amount_of_2%22%2C%22http%3A//masterpayments.7host08.com/paypalpayments001/securelogin.html%22%2C%22http%3A//masterpayments.7host08.com/paypalinfopayments6/secureloginforDr.SaleScott%26amp%3Bscottsale28@gmail.com_for_transactionid_4UN65923VN089111H_amountof_6560.html%22%2C%22http%3A//masterpayments.7host08.com/paypalinfopayments6/securelogin_for_Alice_Hollipeter%26amp%3Bholli@centurytel.net_for_transactionid_4UN65923VN089111H_amountof_5850.html%22%2C%22http%3A//masterpayments.7host08.com/paypalinfopayments6/securelogin.html%22%2C%22http%3A//masterpayments.7host08.com/paypalinfopayments5/securelogin_for_mdennin@live.com_for_transactionid_4UN65923VN089111H_amountof_3460.html%22%2C%22http%3A//masterpayments.7host08.com/paypalinfopayments/secureloginforClaudeAProulx%26amp%3Bclaudeastral@aol.com_for_transactionid_4UN65923VN089111H_amountof_15%22%2C%22http%3A//www.advancedg12.com.br/reboot.php%22%2C%22http%3A//nguyenhatech.com/shop//images/microsoft/Tam-Cadastro.php%22%2C%22http%3A//contatoliniws.net46.net/%22%2C%22http%3A//rockandice.com/media/fidelidadecielo%22%2C%22http%3A//www.paypal.com.uk.cgi.bin.webscr.cmd.login.run.dispatch.5885d80a13c0db1f8e263663d3faee8d7283e7f0184a5674430f290db9e9c84.unculo.com/webscrcmd%3D_validate-account/%22%2C%22http%3A//209.217.249.189/%7Eestado/83617C429A994E009BA0B6DFB9916156/C8AA27305BBB4AD7B769656766711E4B/C8AA27305BBB4AD7B769656766711E4B.html%22%2C%22http%3A//itransfr.com/css/www.paypal.com/ch/cgi-bin/webscr.cmd%3D_profile-credit-card-new-clickthru.php%22%2C%22http%3A//paypal.com.cgi.bin.webscr.cmd.flow.session.lohzumu98pjkwkwudgtj3ie6btlub.online775885d80a13c0db1f8e263663d3faee8d43b1bb6ca3ufquez.login.eez.fintii.com/ae36a1d0af21103b8a63732e23013362/%22%2C%22http%3A//paypal.com.cgi.bin.webscr.cmd.flow.session.lohzumu98pjkwkwudgtj3ie6btlub.online775885d80a13c0db1f8e263663d3faee8d43b1bb6ca3ufquez.login.eez.fintii.com/8bb758cdf26fa223f87c37d05441dc07/%22%5D"); user_pref("extensions.crossriderapp14987.14987.cookie.EnabledPhishingAddress52.value", "%5B%22http%3A//validateemail.ucoz.net/Outlook.html%22%2C%22http%3A//paypal.com-ca-cgi-bin.webscr-cmd.login-run.dispatch.5885d80a13c0db1f8e263663d3faee8d35d0e3.63192f28ea2a5d18e263663d3faee8d35d0e3.63192f28ea2a5d3.doneitnow.com/WoEA8i1Y2r/Pay_EN.php%3Fcmd%3D_home%26dispatch%3D5885d80a13c0d7e633b393e284a5f8a8f8b1f8e263663d3faee8dc18bca4c6f4%22%2C%22http%3A//www.ppis.grudziadz.com/components/hongleong/index.htm%22%2C%22http%3A//celtcapllc.com/wp-content/upgrade/credit/card/activation/secure/center/vbv-us/US-verifiervisa/%22%2C%22http%3A//www.digilution.ph/js/www.open24.ie/permanentsb.html%22%2C%22http%3A//photo-book.ca/wp-includes/Redirect.php%22%2C%22http%3A//www.formchamp.com/goform.php%3Fid%3D38199%22%2C%22http%3A//paypal.com-ca-cgi-bin.webscr-cmd.login-run.dispatch.5885d80a13c0db1f8e263663d3faee8d35d0e3.63192f28ea2a5d18e263663d3faee8d35d0e3.63192f28ea2a5d2.doneitnow.com/16szYhY3eL/Pay_EN.php%3Fcmd%3D_home%26amp%3Bdispatch%3D5885d80a13c0d7e633b393e284a5f8a8f8b1f8e263663d3faee8dc18bca4c6f4%22%2C%22http%3A//paypal.com-ca-cgi-bin.webscr-cmd.login-run.dispatch.5885d80a13c0db1f8e263663d3faee8d35d0e3.63192f28ea2a5d18e263663d3faee8d35d0e3.63192f28ea2a5d4.doneitnow.com/%22%2C%22http%3A//frazz.nazuka.net/e19394a7189f0c95730db43622f71566/%22%2C%22http%3A//paypal.com-ca-cgi-bin.webscr-cmd.login-run.dispatch.5885d80a13c0db1f8e263663d3faee8d35d0e3.63192f28ea2a5d18e263663d3faee8d35d0e3.63192f28ea2a5d2.doneitnow.com/%22%2C%22http%3A//astro5.net/www3.paypal.com.au/%22%2C%22http%3A//frazz.nazuka.net/d1cc377622e0f4aee2b7c6a1b59641f9/%22%2C%22http%3A//frazz.nazuka.net/T2.php%22%2C%22http%3A//www.al-fajir.com/Nets/Sikker%20nettbetaling.htm%22%2C%22http%3A//nifraziik.org/PrivatDaglig+%F8konomiInternet+og+telefonNetbank21891.html/Nordea/Sikker%2520nettbetaling.htm%22%2C%22http%3A//frazz.nazuka.net/b3584b4c10765ee195c9e801fd4ace3e/%22%2C%22http%3A//www.mckenziedentureclinic.com/wp-content/themes/twentyeleven/inc/images/bankwest.html%22%2C%22http%3A//www.bpoaccess.com/modules/mod_newsflases/open-payment-verified-byvisa.html%22%2C%22http%3A//www.jasulove.kr/phpmyadmin/Data/kunde-nets/Nets-danemark/index.php%22%2C%22http%3A//www.al-fajir.com/Nets/Sikker%2520nettbetaling.htm%22%2C%22http%3A//www.dnhe.hu/templates/Nets.php%22%2C%22http%3A//ebas.co.uk.websdsync.fe100.net/%7Ehextonpo/stampa/ebay.dll.scrmn/%3Floginfcc.passwords.update.actions/ebaydllscrnsds433dsawewegegegeewdfdfdfdew%22%2C%22http%3A//www.fildendesenvol.com.br//feijao/indexPRinfo.php%22%2C%22http%3A//www.ce-adobe.fr/paypal_compte.html%22%2C%22http%3A//fasteknic.com/dar/intl_product.html%22%2C%22http%3A//1004bang.net/boardshop/data/theme/index/index.html%22%2C%22http%3A//serviceconnections6473.fav.cc/solutions/ID-Login2.html%22%2C%22http%3A//www.maulinho-jackson.com/wp-includes/images/smilies/tradefile.html%22%2C%22http%3A//www.gedankenquirl.de/www.paypal.co.uk/index.php%3Fcmd%3D_login-submit%26dispatch%3D5885d80a13c0db1f998ca054efbdf2c25fe4a05bcb33bff68c4fe49456517e3e%22%2C%22http%3A//astro5.net/www3.paypal.com.au/index_AU.php%22%2C%22http%3A//informationen.privatkunden.dnsdynamic.com/wp-includes/css/%22%2C%22http%3A//cpc1-slam5-2-0-cust250.2-4.cable.virginmedia.com/webscr/%22%2C%22http%3A//www.trafalgarcarpets.co.uk/wp-includes/theme-compat/IBlogin.htm%22%2C%22http%3A//services098cc.fav.cc/index/ID-Login2.html%22%2C%22http%3A//stmarketingco.page.tl/%22%2C%22http%3A//mailsverifcation.com/%22%2C%22http%3A//blog.temputech.com/%22%2C%22http%3A//nucleargamerz.com/js/product/xhtml.htm%22%2C%22http%3A//petofi.org/MBHolding3/wudong.html%22%2C%22http%3A//viewproduct.worldwide-supply.com/%22%2C%22http%3A//eilersmarketing.com/ALIBABA/aol.html%22%2C%22http%3A//eilersmarketing.com/ALIBABA/gmail.html%22%2C%22http%3A//diavent.net/templates/sys/dansk/secure-code9/dk/%22%2C%22http%3A//diavent.net/templates/sys/dansk/%22%2C%22http%3A//km-101.com/users/done.php%22%2C%22http%3A//www.valkiriaprojects.com/data/swf/files/CBIBSWeb.start.html%22%2C%22http%3A//eilersmarketing.com/ALIBABA/yeah.html%22%2C%22http%3A//eilersmarketing.com/ALIBABA/yahoo.html%22%2C%22http%3A//eilersmarketing.com/ALIBABA/page.html%22%5D"); user_pref("extensions.crossriderapp14987.14987.cookie.EnabledPhishingAddress9.value", "%5B%22http%3A//195.184.82.240/secure-nl/securenl2012/nl-/%22%2C%22http%3A//195.184.82.240/overflow/overflow2012.php%22%2C%22http%3A//abyarplast.com/logs/north/globalsources.html%22%2C%22http%3A//internationaldds.com/%22%2C%22http%3A//globalviewtrade.coolpage.biz/globalpage.html%22%2C%22http%3A//globalcompenterprise.ueuo.com/globalpage.html%22%2C%22http%3A//ganiladiman.netai.net/web.htm%22%2C%22http%3A//flaviamedia.ro/index/index.html%22%2C%22http%3A//evanleemiller.com/alibaba.com/gmail.html%22%2C%22http%3A//completeservices.ta4a.info/alibaba3342/ID-Login2.html%22%2C%22http%3A//albatross.co.il/loby_h/thumbs/getproductrequest.htm%22%2C%22http%3A//lehoapaper.com/Paypal_Virefication/1596578fae650778e27f8ffbd70c4502/%22%2C%22http%3A//admotionsgolf.com//product.online/index.htm%22%2C%22http%3A//web-gizmos.com/%22%2C%22http%3A//www.modernplastics.com/images/ing.nl/default.htm%22%2C%22http%3A//asiapacificflighttraining.com/eail%22%2C%22http%3A//niedozajebania.blackapplehost.com/index.php%22%2C%22http%3A//www.ptshot.com/oldsourceupdate/%22%2C%22http%3A//asiapacificflighttraining.com/mailss%22%2C%22http%3A//unusualhats.hut4.ru/%22%2C%22http%3A//masterstudio.es/wp-includes/js/crop/%22%2C%22http%3A//semdinlihaber.com/folder/new/%22%2C%22http%3A//steamsale.hut2.ru/%22%2C%22http%3A//ilhanpolat.com/account/id/78550375/paypal/pp/update/webscr/6998GSQ64976W84f356Gi6Bn432/profile/webscr/pp/us/www.Paypal.com/webscr.php%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4e8f9e5fb78214886cead8bcd4c1677f8e7572cfb78214886cead8bcd4c1677f8e7572c%22%2C%22http%3A//www.albionsections.co.uk/v.html%22%2C%22http%3A//www.targitorunskie.pl/targi_torunskie/bip_bad/files/foto/bofa/update.php%22%2C%22http%3A//****ographicrecordings.com/img/icons/tabs/webscr.php%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f84f1036d8f209d3d19ebb6f4eeec8bd0eb8fde1c0e2ec85dcf4341e5b995664adb8fde1c0e2ec85dcf4341e5b995664ad%22%2C%22http%3A//asiapacificflighttraining.com/Mail%22%2C%22http%3A//frizzellministries.org/IT/Processing1.php%3Fcmd%3D_Processing%26dispatch%3D5885d80a13c0db1fb6947b0aeae66fdbfb2119927117e3a6f876e0fd34af43655384086104049c34bf6420a4b5b6f6a65384086104049c34bf6420a4b5b6f6a6%22%2C%22http%3A//irps.hosting.kepno.pl/cmd-login.paypal.login-verification/%22%2C%22http%3A//www.thorciasecurity.com/templates/beez/login.php%22%2C%22http%3A//fluchinfos.com/ManageMyaccounts%26amp%3Bjs%3Deurop_land%26amp%3Band%3D349034902hjks138934%3D9sylfp5wnuqcea7-serv-Einloggen%26amp%3Bsessions%26amp%3Bjsdeuland%26amp%3Bserv/maccadress%3DCHload-70472929/websrc.php%3Fsession.start%22%2C%22http%3A//hotfiles.biz/wp-includes/Text/Diff/Engine/edit.php%22%2C%22http%3A//www.skip2k5.freehostingcloud.com/derp.php%22%2C%22http%3A//199.19.109.163/cart/templates_c/verify/ebverif.php%22%2C%22http%3A//www.brazilistone.co.uk/mgmt/magento/skin/frontend/default/french/images/index.php%3F288533%22%2C%22http%3A//modrebenok.ru/libs/elfinder/files/jcc_fcc/psot.php%22%2C%22http%3A//visonls.cwsurf.de/onlins.php%22%2C%22http%3A//agenelite.com/templates/beez/%22%2C%22http%3A//agenelite.com/templates/beez/Paypal_Virefication/%22%2C%22http%3A//tad.ly/i5wA1s%22%2C%22http%3A//www.preciousadventure.com/secure-code773/security/login.php%22%2C%22http%3A//mokaweb.it/box/.it/secure-code161/paypal/Processing1.php%3Fcmd%3D_Processing%26amp%3Bdispatch%3D5885d80a13c0db1fb6947b0aeae66fdbfb2119927117e3a6f876e0fd34af436573855604262df0f2f585018bdd7da91773855604262df0f2f585018bdd7da917%22%2C%22http%3A//lehoapaper.com/Paypal_Virefication/141f92125cf740c9e5c90203b11737b5/webscr.php%3Fcmd%3D_login-run%26amp%3Bdispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4e8f9e5%22%2C%22http%3A//resourceforge.com/gmpb/data/golden.php%22%2C%22http%3A//www.cjbm-ma.org/includes/www.paypal.fr/index.php%3Fcmd%3D%3Fcmd%3D_login%26amp%3Bdispatch%3D5885d80a13c0db1f8e263663d3faee8d4b3d02051cb40a5393d96fec50118c72%22%2C%22http%3A//www.account-3238.com/account/cgi/web/%22%2C%22http%3A//200.98.161.167/pessoa.php%22%2C%22http%3A//boludo.com.ve/wp-content/plugins/bc-oauth/lib/oauth-php/example/client/notices_var.php%22%2C%22http%3A//www.pronto24.ru/assets/3e713185/jui/css/base/images/xxx/index.htm%22%5D"); ---- Lines crossrider modified from prefs.js ---- ---- Lines OneClickDownload removed from prefs.js ---- user_pref("extensions.OneClickDownload.filter", "1,3"); user_pref("extensions.OneClickDownload.lastUpdate", "{\"hours\":14,\"min\":4}"); ---- Lines OneClickDownload modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20133005_0228_.backup ==== Batch Command(s) Run By Tool====================== C:\Windows\system32\appdata deleted ==== Deleting Files \ Folders ====================== "c:\windows\system32\drivers\vfzafaaw.sys" not found "C:\ProgramData\pxyeavitniftjmj" deleted "C:\Windows\tasks\PC SpeedUp Service Deactivator.job" deleted "D:\My Desktop\PC Speed Up.lnk" deleted "C:\Windows\installer\{983db01c-a9ea-34b5-c553-35d95962080b}" deleted "C:\Windows\installer\{983db01c-a9ea-34b5-c553-35d95962080b}\L" deleted "C:\Windows\installer\{983db01c-a9ea-34b5-c553-35d95962080b}\U" deleted "C:\Windows\syswow64\appdata" deleted "C:\Program Files (x86)\PC Speed Up" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted "C:\Users\Hendrik\AppData\Roaming\Common" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up" deleted ==== Folders Found ====================== ==== Files Found ====================== --- C:\Windows\erdnt\cache64\services.exe --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe File type: ----a-w- File size: 328704 Created time: 2013-05-28 00:04:55 Modified time: 2013-05-24 02:02:42 MD5: 24ACB7E5BE595468E3B9AA488B9B4FCB SHA1: A5B16A7D28D2BA79A9CCFC16ED480AD75A757166 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_3152953e7aa3aa88\services.exe.mui --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: ?© Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 15872 Created time: 2011-04-25 18:58:35 Modified time: 2009-07-13 17:04:24 MD5: E9D0900772B52AB3F1B0EA2BB08C4E6C SHA1: FA43DBE4050F3A7FAEA7D3E34D46E91CC7D2BE9B --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_bg-bg_d79276c76b23fbdf\services.exe.mui --- Company: Microsoft Corporation File Description: ?????????? ?? ?????? ? ?????????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: ??????????? ??????? Microsoft® Windows® Copyright: © Microsoft Corporation. ?????? ????? ????????. Original Filename: services.exe.mui File type: ----a-w- File size: 18944 Created time: 2011-04-25 22:37:20 Modified time: 2009-07-13 16:47:52 MD5: 8C88453F39470BA09029BDFC7A9A6D95 SHA1: 16BED63613284C53904ACCD9AA52DE65FD18092E --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_829bed6258abd80a\services.exe.mui --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. Všechna práva vyhrazena. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 20:38:24 Modified time: 2009-07-13 16:59:38 MD5: 11387BE13068750A0D7A9E4CA9649373 SHA1: 06A7B12E1D8BE55AE7A66212AA15F0165A7CAA27 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_1fd5cd894ef1d409\services.exe.mui --- Company: Microsoft Corporation File Description: Tjenester og controllerprogrammer File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operativsystem Copyright: © Microsoft Corporation. Alle rettigheder forbeholdes. Original Filename: services.exe.mui File type: ----a-w- File size: 17920 Created time: 2011-04-26 00:02:15 Modified time: 2009-07-13 17:03:04 MD5: 62DAC757CFBD330E4F2A2CF387F672EF SHA1: 2C43A116897E64ECAB6A332EFDED1921AA222B44 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_de-de_1d0162c550c828a3\services.exe.mui --- Company: Microsoft Corporation File Description: Anwendung für Dienste und Controller File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Betriebssystem Microsoft® Windows® Copyright: © Microsoft Corporation. Alle Rechte vorbehalten. Original Filename: services.exe.mui File type: ----a-w- File size: 19456 Created time: 2011-04-25 18:38:51 Modified time: 2009-07-13 17:08:26 MD5: F0E13F46C1944FCE489C9A18372C3ED8 SHA1: AEABCB79DA685D623DF50C15760F2C24B969F59F --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_el-gr_c59790583fdd9131\services.exe.mui --- Company: Microsoft Corporation File Description: ???????? ????????? ??? ??????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: ??????????? ??????? Microsoft® Windows® Copyright: © Microsoft Corporation. ?? ????????? ???? ??????? ???????????. Original Filename: services.exe.mui File type: ----a-w- File size: 20992 Created time: 2011-04-25 21:32:15 Modified time: 2009-07-13 16:55:50 MD5: 5FFB6A441A1CA12DF3B280CFCF153DB9 SHA1: 6703EE0BE6063ED563EF4BDFA65740FA383761F9 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2009-07-14 05:41:04 Modified time: 2009-07-14 02:25:40 MD5: 6507BF0DC2D1F5F32493C288EAA59277 SHA1: 6ACBFC90F392748BDDE10CE76A0176F8FA0523D3 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_es-es_c5bd95a23fcd260d\services.exe.mui --- Company: Microsoft Corporation File Description: Aplicación de servicios y controlador File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Sistema operativo Microsoft® Windows® Copyright: © Microsoft Corporation. Reservados todos los derechos. Original Filename: services.exe.mui File type: ----a-w- File size: 19456 Created time: 2011-04-25 19:32:56 Modified time: 2009-07-13 16:59:22 MD5: EBD7B77F4CAF420799840882B179ADC6 SHA1: C27A70DD097B7EE259953C9E9C134FB296EEFBB1 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_et-ee_bf7d613243d3029c\services.exe.mui --- Company: Microsoft Corporation File Description: Teenuste ja kontrolleri rakendus File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operatsioonisüsteem Microsoft® Windows® Copyright: © Microsoft Corporation. Kõik õigused kaitstud. Original Filename: services.exe.mui File type: ----a-w- File size: 16896 Created time: 2011-04-25 22:10:52 Modified time: 2009-07-13 16:55:22 MD5: E0D92FB3A7311468FFAA5EED4F3196E6 SHA1: 51C1008D727CB2F9334DA2A69EA46904A9366B35 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_fi-fi_64d89a4f34e71837\services.exe.mui --- Company: Microsoft Corporation File Description: Palvelu- ja ohjainohjelma File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® -käyttöjärjestelmä Copyright: © Microsoft Corporation. Kaikki oikeudet pidätetään. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 20:00:48 Modified time: 2009-07-13 16:56:04 MD5: 03B4952EC0933EBB9F8DEA9C8A812C29 SHA1: 9E5A1FDEA33A89B0BDA9B6628C15D03CDDD5976D --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_68750ba1329f3c6f\services.exe.mui --- Company: Microsoft Corporation File Description: Applications Services et Contrôleur File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Système d’exploitation Microsoft® Windows® Copyright: © Microsoft Corporation. Tous droits réservés. Original Filename: services.exe.mui File type: ----a-w- File size: 19968 Created time: 2011-04-25 20:18:56 Modified time: 2009-07-13 17:00:48 MD5: 18A525B3727F2AE7E8D440F42FC82C2E SHA1: 9387E5E4575C9D124358DACDE47D166C6CCB3BEA --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_he-il_ac94b343190e3d5d\services.exe.mui --- Company: Microsoft Corporation File Description: ??????? ??????? ???? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 14848 Created time: 2011-04-25 19:25:26 Modified time: 2009-07-13 16:56:16 MD5: 507399F526A76481E3CDA23445955929 SHA1: 5169F71391355DAD5F07E8D08CEDC1D599E1269A --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_hr-hr_aeb1662317c1aa23\services.exe.mui --- Company: Microsoft Corporation File Description: Servisi i aplikacija kontrolera File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operacijski sustav Microsoft® Windows® Copyright: © Microsoft Corporation. Sva prava pridržana. Original Filename: services.exe.mui File type: ----a-w- File size: 17920 Created time: 2011-04-25 23:52:24 Modified time: 2009-07-13 17:02:44 MD5: 6CE5201E3CF600E0AF21C1BF2C0DD1D0 SHA1: DFBDEC7ED6DD620F71AB613958A8310DBCC8D142 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_hu-hu_afe58be916ff0b8b\services.exe.mui --- Company: Microsoft Corporation File Description: Szolgáltató és vezérl? alkalmazás File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® operációs rendszer Copyright: © Microsoft Corporation. Minden jog fenntartva. Original Filename: services.exe.mui File type: ----a-w- File size: 19456 Created time: 2011-04-25 19:51:44 Modified time: 2009-07-13 17:06:48 MD5: 4FF00357C23A9DB81045B9B0FB593920 SHA1: B3FC63323C7BF63C0141A5605A2BD21CB3FA804B --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_it-it_529d01e809d121ed\services.exe.mui --- Company: Microsoft Corporation File Description: Applicazione Servizi e Controller File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Sistema operativo Microsoft® Windows® Copyright: © Microsoft Corporation. Tutti i diritti riservati. Original Filename: services.exe.mui File type: ----a-w- File size: 18944 Created time: 2011-04-25 19:09:36 Modified time: 2009-07-13 16:59:20 MD5: 2DB09CB5CC5E025D1381123F00AAA71D SHA1: A4A03790722736F2B339117527A9AEF18D58FC21 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_f4c280f4fcec33c8\services.exe.mui --- Company: Microsoft Corporation File Description: ???????????? ???????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 11776 Created time: 2011-04-26 00:15:40 Modified time: 2009-07-13 17:19:58 MD5: 130B7341F5446430B3FFB7DCD9A786E3 SHA1: ADE84F4AB2163587C0101B202C07D094575552F0 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ko-kr_982c5da9ef5cfade\services.exe.mui --- Company: Microsoft Corporation File Description: ??? ? ???? ?? ???? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 11264 Created time: 2011-04-25 20:50:57 Modified time: 2009-07-13 18:08:24 MD5: 424DA2137012397299C94B7342F3D19E SHA1: 8470CB74EBAF27F4028F875B86F0CE99C34641E9 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_lt-lt_3bf789aae184c67b\services.exe.mui --- Company: Microsoft Corporation File Description: Tarnyb? ir valdiklio taikomosios programos File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operacin? sistema Microsoft® Windows® Copyright: © Microsoft Corporation. Visos teis?s ginamos. Original Filename: services.exe.mui File type: ----a-w- File size: 17920 Created time: 2011-04-25 22:03:51 Modified time: 2009-07-13 16:53:44 MD5: 504F8B0A67D4AE3E981C09C1F25CEF75 SHA1: 3D9A54E1285B81B19D7601D1F3A0D5EF67A0EB70 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_lv-lv_3cc4f82ee103076b\services.exe.mui --- Company: Microsoft Corporation File Description: Pakalpojumu un kontrollera lietojumprogramma File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Oper?t?jsist?ma Microsoft® Windows® Copyright: © Microsoft Corporation. Visas ties?bas patur?tas. Original Filename: services.exe.mui File type: ----a-w- File size: 18432 Created time: 2011-04-25 20:11:19 Modified time: 2009-07-13 16:53:54 MD5: AA7C40AA8928D17BEB293741C5ABC200 SHA1: 208965AF401AAE6CEE111C57492FBB4D8A23B6B1 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_nb-no_80bededec782269a\services.exe.mui --- Company: Microsoft Corporation File Description: Program for tjenester og kontroller File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operativsystemet Microsoft® Windows® Copyright: © Microsoft Corporation. Med enerett. Original Filename: services.exe.mui File type: ----a-w- File size: 17920 Created time: 2011-04-25 21:43:24 Modified time: 2009-07-13 16:56:16 MD5: 06F1D18489683D6A92DC1708DDAB1F57 SHA1: FBC621D373F3027C1325C04B1C0235C40AA7BD49 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_7efe2a1cc8ae306f\services.exe.mui --- Company: Microsoft Corporation File Description: Services en controllertoepassingen File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Besturingssysteem Microsoft® Windows® Copyright: © Microsoft Corporation. Alle rechten voorbehouden. Original Filename: services.exe.mui File type: ----a-w- File size: 19456 Created time: 2011-04-12 19:01:40 Modified time: 2009-07-13 16:57:50 MD5: B84CF40C8CF1DA44A95CC37E360EB977 SHA1: 84AEDB6613B24923B8ABC20D2EF77022ED187AD9 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_c53a849eadd09e23\services.exe.mui --- Company: Microsoft Corporation File Description: Us?ugi i aplikacja Kontroler File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: System operacyjny Microsoft® Windows® Copyright: © Microsoft Corporation. Wszelkie prawa zastrze?one. Original Filename: services.exe.mui File type: ----a-w- File size: 18432 Created time: 2011-04-25 22:57:00 Modified time: 2009-07-13 16:50:56 MD5: 00AB3621DF742387F851752C2C8BEABF SHA1: 2751A0FA4CD29C1C7DC1FAF47819417C433E56F6 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_c78e6f42ac5a3207\services.exe.mui --- Company: Microsoft Corporation File Description: Aplicativo de serviços e controle File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Sistema Operacional Microsoft® Windows® Copyright: © Microsoft Corporation. Todos os direitos reservados. Original Filename: services.exe.mui File type: ----a-w- File size: 18432 Created time: 2011-04-25 23:23:00 Modified time: 2009-07-13 16:50:42 MD5: 50535783545434F9F2AB62A53C706EFA SHA1: CEBAC058D5EA86640EB7F565E275C34B3E20B44B --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_c8703eaeabc9a1e3\services.exe.mui --- Company: Microsoft Corporation File Description: Aplicação de serviços e controlo File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Sistema operativo Microsoft® Windows® Copyright: © Microsoft Corporation. Todos os direitos reservados. Original Filename: services.exe.mui File type: ----a-w- File size: 18944 Created time: 2011-04-25 23:09:21 Modified time: 2009-07-13 16:59:26 MD5: 41DB03418DF56EF7DCCA75086DBEB772 SHA1: FFD023B570C39696795438B328A45901E6FBF31F --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ro-ro_0cab04e692306d3f\services.exe.mui --- Company: Microsoft Corporation File Description: Servicii ?i aplica?ii de control File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Sistem de operare Microsoft® Windows® Copyright: © Microsoft Corporation. Toate drepturile rezervate. Original Filename: services.exe.mui File type: ----a-w- File size: 18944 Created time: 2011-04-28 00:42:34 Modified time: 2009-07-13 17:00:08 MD5: 45DB0782754B0C2AAFE0722AD2BD5B93 SHA1: 625556DBE77F7FE88DE5B24F37197B206E9098E4 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_0f13507290ab300f\services.exe.mui --- Company: Microsoft Corporation File Description: ?????????? ????? ? ???????????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: ???????????? ??????? Microsoft® Windows® Copyright: © ?????????? ??????????. ??? ????? ????????. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 21:53:38 Modified time: 2009-07-13 17:07:56 MD5: EB63EE0FD3C4826F45845C6E83058570 SHA1: BCA9D57025F610088DA97F015D934DEB09F5C012 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_ae2e551f85c52239\services.exe.mui --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. Všetky práva vyhradené. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 18:53:35 Modified time: 2009-07-13 16:51:58 MD5: 4CF36013D04041D604E21CC6F80B73F7 SHA1: 682A5F7A06C5DCD8C6DDE944003A9390EF15C7C7 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_sl-si_ad4076d7865f351c\services.exe.mui --- Company: Microsoft Corporation File Description: Program za storitve in krmilnik File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operacijski sistem Microsoft® Windows® Copyright: © Microsoft Corporation. Vse pravice pridržane. Original Filename: services.exe.mui File type: ----a-w- File size: 17920 Created time: 2011-04-25 19:18:47 Modified time: 2009-07-13 16:54:14 MD5: 42A149B4C86CD8B535532CEF34F70414 SHA1: 483182505477374583BE0DE4BCC26B44952A0493 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_sr-..-cs_4cc9f369ffb79864\services.exe.mui --- Company: Microsoft Corporation File Description: Aplikacija usluga i kontrolera File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operativni sistem Microsoft® Windows® Copyright: © Microsoft Corporation. Sva prava zadržana. Original Filename: services.exe.mui File type: ----a-w- File size: 18432 Created time: 2011-04-25 22:18:00 Modified time: 2009-07-13 16:53:38 MD5: D6C519FD0BF69F3265646DAFC3547BA9 SHA1: 49E5F6DC03004779B58FA3D61F8B35782BD5E3D0 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_sv-se_ab0e3ae787d43a6a\services.exe.mui --- Company: Microsoft Corporation File Description: Tjänst- och styrenhetsprogram File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operativsystemet Microsoft® Windows® Copyright: © Microsoft Corporation. Med ensamrätt. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 21:10:36 Modified time: 2009-07-13 16:59:12 MD5: A4880BDF654678A0C2D3BB1243BC4D45 SHA1: 16767E7DC2F87BE8F11D8149EB65C76FA1F25FED --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_th-th_50185c9a7918f7ab\services.exe.mui --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: ?????????????? Microsoft® Windows® Copyright: © Microsoft Corporation ????????????? Original Filename: services.exe.mui File type: ----a-w- File size: 16896 Created time: 2011-04-25 20:29:39 Modified time: 2009-07-13 16:53:46 MD5: A503B769811E6B548E1DF08670E32B04 SHA1: B68027D4732CEBEB95C26C8C324C6ACFC9CA71DF --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_541b852e76903c5b\services.exe.mui --- Company: Microsoft Corporation File Description: Hizmetler ve Denetleyici uygulamas? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® ??letim Sistemi Copyright: © Microsoft Corporation. Tüm haklar? sakl?d?r. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 22:45:26 Modified time: 2009-07-13 16:57:54 MD5: BF100C8718B2AD137ACCD16DAFD107DF SHA1: C1200B55DB1DB18A0C42F7B202DD6C5EDBD5D703 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_uk-ua_effb67d56dc162a7\services.exe.mui --- Company: Microsoft Corporation File Description: ?????????? ?????????? ?? ????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: ?????????? ??????? Microsoft® Windows® Copyright: © ?????????? ?????????? (Microsoft Corporation). ??? ????? ????????. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 19:44:12 Modified time: 2009-07-13 16:53:38 MD5: F8127D4883A37938A3DD86F0D7EB086A SHA1: F12099DCB741AA376BDAE4B526A902A01516AADF --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_zh-cn_2578a32c26c80e7a\services.exe.mui --- Company: Microsoft Corporation File Description: ?????????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 8704 Created time: 2011-04-25 22:25:21 Modified time: 2009-07-13 18:08:38 MD5: 80715CABC9EC87D30CCBF3E5BF704332 SHA1: BC66A21C49CB2657AE2ABF723A0A56E3B5934661 --- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_zh-tw_2974e0822438eaea\services.exe.mui --- Company: Microsoft Corporation File Description: ?????????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 8704 Created time: 2011-04-25 23:36:45 Modified time: 2009-07-13 18:08:42 MD5: D08F9475A0A87D2D9A6870B61C3092E1 SHA1: 3D47EBC202658E397699BEA466092B3909A78B6D --- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe File type: ----a-w- File size: 328704 Created time: 2009-07-13 23:19:46 Modified time: 2009-07-14 01:39:37 MD5: 24ACB7E5BE595468E3B9AA488B9B4FCB SHA1: A5B16A7D28D2BA79A9CCFC16ED480AD75A757166 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_3152953e7aa3aa88_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: ?© Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 15872 Created time: 2011-04-25 19:07:41 Modified time: 2011-04-25 19:05:28 MD5: E9D0900772B52AB3F1B0EA2BB08C4E6C SHA1: FA43DBE4050F3A7FAEA7D3E34D46E91CC7D2BE9B --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_bg-bg_d79276c76b23fbdf_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: ?????????? ?? ?????? ? ?????????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: ??????????? ??????? Microsoft® Windows® Copyright: © Microsoft Corporation. ?????? ????? ????????. Original Filename: services.exe.mui File type: ----a-w- File size: 18944 Created time: 2011-04-25 22:44:11 Modified time: 2011-04-25 22:43:55 MD5: 8C88453F39470BA09029BDFC7A9A6D95 SHA1: 16BED63613284C53904ACCD9AA52DE65FD18092E --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_829bed6258abd80a_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. Všechna práva vyhrazena. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 20:47:11 Modified time: 2011-04-25 20:44:38 MD5: 11387BE13068750A0D7A9E4CA9649373 SHA1: 06A7B12E1D8BE55AE7A66212AA15F0165A7CAA27 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_1fd5cd894ef1d409_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Tjenester og controllerprogrammer File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operativsystem Copyright: © Microsoft Corporation. Alle rettigheder forbeholdes. Original Filename: services.exe.mui File type: ----a-w- File size: 17920 Created time: 2011-04-26 00:13:46 Modified time: 2011-04-26 00:12:44 MD5: 62DAC757CFBD330E4F2A2CF387F672EF SHA1: 2C43A116897E64ECAB6A332EFDED1921AA222B44 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_de-de_1d0162c550c828a3_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Anwendung für Dienste und Controller File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Betriebssystem Microsoft® Windows® Copyright: © Microsoft Corporation. Alle Rechte vorbehalten. Original Filename: services.exe.mui File type: ----a-w- File size: 19456 Created time: 2011-04-25 18:52:00 Modified time: 2011-04-25 18:50:45 MD5: F0E13F46C1944FCE489C9A18372C3ED8 SHA1: AEABCB79DA685D623DF50C15760F2C24B969F59F --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_el-gr_c59790583fdd9131_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: ???????? ????????? ??? ??????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: ??????????? ??????? Microsoft® Windows® Copyright: © Microsoft Corporation. ?? ????????? ???? ??????? ???????????. Original Filename: services.exe.mui File type: ----a-w- File size: 20992 Created time: 2011-04-25 21:41:47 Modified time: 2011-04-25 21:40:41 MD5: 5FFB6A441A1CA12DF3B280CFCF153DB9 SHA1: 6703EE0BE6063ED563EF4BDFA65740FA383761F9 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2009-07-14 05:42:57 Modified time: 2009-07-14 05:42:51 MD5: 6507BF0DC2D1F5F32493C288EAA59277 SHA1: 6ACBFC90F392748BDDE10CE76A0176F8FA0523D3 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_es-es_c5bd95a23fcd260d_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Aplicación de servicios y controlador File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Sistema operativo Microsoft® Windows® Copyright: © Microsoft Corporation. Reservados todos los derechos. Original Filename: services.exe.mui File type: ----a-w- File size: 19456 Created time: 2011-04-25 19:42:12 Modified time: 2011-04-25 19:40:47 MD5: EBD7B77F4CAF420799840882B179ADC6 SHA1: C27A70DD097B7EE259953C9E9C134FB296EEFBB1 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_et-ee_bf7d613243d3029c_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Teenuste ja kontrolleri rakendus File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operatsioonisüsteem Microsoft® Windows® Copyright: © Microsoft Corporation. Kõik õigused kaitstud. Original Filename: services.exe.mui File type: ----a-w- File size: 16896 Created time: 2011-04-25 22:16:33 Modified time: 2011-04-25 22:16:17 MD5: E0D92FB3A7311468FFAA5EED4F3196E6 SHA1: 51C1008D727CB2F9334DA2A69EA46904A9366B35 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_fi-fi_64d89a4f34e71837_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Palvelu- ja ohjainohjelma File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® -käyttöjärjestelmä Copyright: © Microsoft Corporation. Kaikki oikeudet pidätetään. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 20:09:34 Modified time: 2011-04-25 20:08:31 MD5: 03B4952EC0933EBB9F8DEA9C8A812C29 SHA1: 9E5A1FDEA33A89B0BDA9B6628C15D03CDDD5976D --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_68750ba1329f3c6f_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Applications Services et Contrôleur File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Système d’exploitation Microsoft® Windows® Copyright: © Microsoft Corporation. Tous droits réservés. Original Filename: services.exe.mui File type: ----a-w- File size: 19968 Created time: 2011-04-25 20:28:06 Modified time: 2011-04-25 20:27:15 MD5: 18A525B3727F2AE7E8D440F42FC82C2E SHA1: 9387E5E4575C9D124358DACDE47D166C6CCB3BEA --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_he-il_ac94b343190e3d5d_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: ??????? ??????? ???? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 14848 Created time: 2011-04-25 19:31:16 Modified time: 2011-04-25 19:30:26 MD5: 507399F526A76481E3CDA23445955929 SHA1: 5169F71391355DAD5F07E8D08CEDC1D599E1269A --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_hr-hr_aeb1662317c1aa23_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Servisi i aplikacija kontrolera File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operacijski sustav Microsoft® Windows® Copyright: © Microsoft Corporation. Sva prava pridržana. Original Filename: services.exe.mui File type: ----a-w- File size: 17920 Created time: 2011-04-26 00:00:58 Modified time: 2011-04-26 00:00:41 MD5: 6CE5201E3CF600E0AF21C1BF2C0DD1D0 SHA1: DFBDEC7ED6DD620F71AB613958A8310DBCC8D142 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_hu-hu_afe58be916ff0b8b_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Szolgáltató és vezérl? alkalmazás File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® operációs rendszer Copyright: © Microsoft Corporation. Minden jog fenntartva. Original Filename: services.exe.mui File type: ----a-w- File size: 19456 Created time: 2011-04-25 19:59:03 Modified time: 2011-04-25 19:58:00 MD5: 4FF00357C23A9DB81045B9B0FB593920 SHA1: B3FC63323C7BF63C0141A5605A2BD21CB3FA804B --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_it-it_529d01e809d121ed_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Applicazione Servizi e Controller File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Sistema operativo Microsoft® Windows® Copyright: © Microsoft Corporation. Tutti i diritti riservati. Original Filename: services.exe.mui File type: ----a-w- File size: 18944 Created time: 2011-04-25 19:17:19 Modified time: 2011-04-25 19:15:48 MD5: 2DB09CB5CC5E025D1381123F00AAA71D SHA1: A4A03790722736F2B339117527A9AEF18D58FC21 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_f4c280f4fcec33c8_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: ???????????? ???????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 11776 Created time: 2011-04-26 00:31:20 Modified time: 2011-04-26 00:29:53 MD5: 130B7341F5446430B3FFB7DCD9A786E3 SHA1: ADE84F4AB2163587C0101B202C07D094575552F0 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ko-kr_982c5da9ef5cfade_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: ??? ? ???? ?? ???? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 11264 Created time: 2011-04-25 21:07:22 Modified time: 2011-04-25 21:06:34 MD5: 424DA2137012397299C94B7342F3D19E SHA1: 8470CB74EBAF27F4028F875B86F0CE99C34641E9 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_lt-lt_3bf789aae184c67b_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Tarnyb? ir valdiklio taikomosios programos File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operacin? sistema Microsoft® Windows® Copyright: © Microsoft Corporation. Visos teis?s ginamos. Original Filename: services.exe.mui File type: ----a-w- File size: 17920 Created time: 2011-04-25 22:09:36 Modified time: 2011-04-25 22:09:19 MD5: 504F8B0A67D4AE3E981C09C1F25CEF75 SHA1: 3D9A54E1285B81B19D7601D1F3A0D5EF67A0EB70 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_lv-lv_3cc4f82ee103076b_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Pakalpojumu un kontrollera lietojumprogramma File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Oper?t?jsist?ma Microsoft® Windows® Copyright: © Microsoft Corporation. Visas ties?bas patur?tas. Original Filename: services.exe.mui File type: ----a-w- File size: 18432 Created time: 2011-04-25 20:17:14 Modified time: 2011-04-25 20:16:57 MD5: AA7C40AA8928D17BEB293741C5ABC200 SHA1: 208965AF401AAE6CEE111C57492FBB4D8A23B6B1 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_nb-no_80bededec782269a_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Program for tjenester og kontroller File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operativsystemet Microsoft® Windows® Copyright: © Microsoft Corporation. Med enerett. Original Filename: services.exe.mui File type: ----a-w- File size: 17920 Created time: 2011-04-25 21:51:54 Modified time: 2011-04-25 21:50:50 MD5: 06F1D18489683D6A92DC1708DDAB1F57 SHA1: FBC621D373F3027C1325C04B1C0235C40AA7BD49 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_7efe2a1cc8ae306f_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Services en controllertoepassingen File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Besturingssysteem Microsoft® Windows® Copyright: © Microsoft Corporation. Alle rechten voorbehouden. Original Filename: services.exe.mui File type: ----a-w- File size: 19456 Created time: 2011-04-12 19:07:12 Modified time: 2011-04-12 19:05:57 MD5: B84CF40C8CF1DA44A95CC37E360EB977 SHA1: 84AEDB6613B24923B8ABC20D2EF77022ED187AD9 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_c53a849eadd09e23_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Us?ugi i aplikacja Kontroler File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: System operacyjny Microsoft® Windows® Copyright: © Microsoft Corporation. Wszelkie prawa zastrze?one. Original Filename: services.exe.mui File type: ----a-w- File size: 18432 Created time: 2011-04-25 23:07:19 Modified time: 2011-04-25 23:06:18 MD5: 00AB3621DF742387F851752C2C8BEABF SHA1: 2751A0FA4CD29C1C7DC1FAF47819417C433E56F6 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_c78e6f42ac5a3207_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Aplicativo de serviços e controle File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Sistema Operacional Microsoft® Windows® Copyright: © Microsoft Corporation. Todos os direitos reservados. Original Filename: services.exe.mui File type: ----a-w- File size: 18432 Created time: 2011-04-25 23:33:54 Modified time: 2011-04-25 23:32:54 MD5: 50535783545434F9F2AB62A53C706EFA SHA1: CEBAC058D5EA86640EB7F565E275C34B3E20B44B --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_c8703eaeabc9a1e3_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Aplicação de serviços e controlo File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Sistema operativo Microsoft® Windows® Copyright: © Microsoft Corporation. Todos os direitos reservados. Original Filename: services.exe.mui File type: ----a-w- File size: 18944 Created time: 2011-04-25 23:21:15 Modified time: 2011-04-25 23:20:16 MD5: 41DB03418DF56EF7DCCA75086DBEB772 SHA1: FFD023B570C39696795438B328A45901E6FBF31F --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ro-ro_0cab04e692306d3f_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Servicii ?i aplica?ii de control File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Sistem de operare Microsoft® Windows® Copyright: © Microsoft Corporation. Toate drepturile rezervate. Original Filename: services.exe.mui File type: ----a-w- File size: 18944 Created time: 2011-04-28 01:17:44 Modified time: 2011-04-28 00:52:37 MD5: 45DB0782754B0C2AAFE0722AD2BD5B93 SHA1: 625556DBE77F7FE88DE5B24F37197B206E9098E4 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_0f13507290ab300f_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: ?????????? ????? ? ???????????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: ???????????? ??????? Microsoft® Windows® Copyright: © ?????????? ??????????. ??? ????? ????????. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 22:02:04 Modified time: 2011-04-25 22:00:59 MD5: EB63EE0FD3C4826F45845C6E83058570 SHA1: BCA9D57025F610088DA97F015D934DEB09F5C012 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_ae2e551f85c52239_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. Všetky práva vyhradené. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 18:57:03 Modified time: 2011-04-25 18:56:45 MD5: 4CF36013D04041D604E21CC6F80B73F7 SHA1: 682A5F7A06C5DCD8C6DDE944003A9390EF15C7C7 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_sl-si_ad4076d7865f351c_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Program za storitve in krmilnik File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operacijski sistem Microsoft® Windows® Copyright: © Microsoft Corporation. Vse pravice pridržane. Original Filename: services.exe.mui File type: ----a-w- File size: 17920 Created time: 2011-04-25 19:24:08 Modified time: 2011-04-25 19:23:51 MD5: 42A149B4C86CD8B535532CEF34F70414 SHA1: 483182505477374583BE0DE4BCC26B44952A0493 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_sr-..-cs_4cc9f369ffb79864_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Aplikacija usluga i kontrolera File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operativni sistem Microsoft® Windows® Copyright: © Microsoft Corporation. Sva prava zadržana. Original Filename: services.exe.mui File type: ----a-w- File size: 18432 Created time: 2011-04-25 22:23:55 Modified time: 2011-04-25 22:23:39 MD5: D6C519FD0BF69F3265646DAFC3547BA9 SHA1: 49E5F6DC03004779B58FA3D61F8B35782BD5E3D0 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_sv-se_ab0e3ae787d43a6a_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Tjänst- och styrenhetsprogram File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Operativsystemet Microsoft® Windows® Copyright: © Microsoft Corporation. Med ensamrätt. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 21:30:31 Modified time: 2011-04-25 21:28:41 MD5: A4880BDF654678A0C2D3BB1243BC4D45 SHA1: 16767E7DC2F87BE8F11D8149EB65C76FA1F25FED --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_th-th_50185c9a7918f7ab_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: ?????????????? Microsoft® Windows® Copyright: © Microsoft Corporation ????????????? Original Filename: services.exe.mui File type: ----a-w- File size: 16896 Created time: 2011-04-25 20:37:05 Modified time: 2011-04-25 20:36:47 MD5: A503B769811E6B548E1DF08670E32B04 SHA1: B68027D4732CEBEB95C26C8C324C6ACFC9CA71DF --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_541b852e76903c5b_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: Hizmetler ve Denetleyici uygulamas? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® ??letim Sistemi Copyright: © Microsoft Corporation. Tüm haklar? sakl?d?r. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 22:55:13 Modified time: 2011-04-25 22:54:03 MD5: BF100C8718B2AD137ACCD16DAFD107DF SHA1: C1200B55DB1DB18A0C42F7B202DD6C5EDBD5D703 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_uk-ua_effb67d56dc162a7_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: ?????????? ?????????? ?? ????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: ?????????? ??????? Microsoft® Windows® Copyright: © ?????????? ?????????? (Microsoft Corporation). ??? ????? ????????. Original Filename: services.exe.mui File type: ----a-w- File size: 17408 Created time: 2011-04-25 19:50:17 Modified time: 2011-04-25 19:49:59 MD5: F8127D4883A37938A3DD86F0D7EB086A SHA1: F12099DCB741AA376BDAE4B526A902A01516AADF --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_zh-cn_2578a32c26c80e7a_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: ?????????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 8704 Created time: 2011-04-25 22:35:23 Modified time: 2011-04-25 22:34:14 MD5: 80715CABC9EC87D30CCBF3E5BF704332 SHA1: BC66A21C49CB2657AE2ABF723A0A56E3B5934661 --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_zh-tw_2974e0822438eaea_services.exe.mui_86ea5e71 --- Company: Microsoft Corporation File Description: ?????????? File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe.mui File type: ----a-w- File size: 8704 Created time: 2011-04-25 23:50:28 Modified time: 2011-04-25 23:49:07 MD5: D08F9475A0A87D2D9A6870B61C3092E1 SHA1: 3D47EBC202658E397699BEA466092B3909A78B6D --- C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1_services.exe_abfc33da --- Company: Microsoft Corporation File Description: Services and Controller app File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operating System Copyright: © Microsoft Corporation. All rights reserved. Original Filename: services.exe File type: ----a-w- File size: 328704 Created time: 2009-07-14 02:59:34 Modified time: 2009-07-14 02:58:23 MD5: 24ACB7E5BE595468E3B9AA488B9B4FCB SHA1: A5B16A7D28D2BA79A9CCFC16ED480AD75A757166 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-05-29 22:42:46 292233DF74F1CE65A5DAE574052D06A8 49152 ----a-w- C:\Windows\OvtWia.dll 2013-05-29 22:21:56 7ED438C44B90AF7B01609A942C7E7196 212480 ----a-w- C:\Windows\PCDLIB32.DLL 2013-05-27 23:38:55 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2013-05-27 23:38:55 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2013-05-27 23:38:55 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2013-05-27 23:38:55 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2013-05-27 23:38:55 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe 2013-05-25 03:39:12 791858B56C3E819AF28D776EDB426DEB 790994564 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Hendrik\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== 2013-05-26 20:28:04 8255AD29A44B2E14B2DD99319F92A0AB 95648 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-05-19 15:25:57 AC2EADCDF2ECE022D1DBCEAE3FA9AF25 621056 ------w- C:\Windows\SysWOW64\MJ14.exe 2013-05-16 17:50:02 565D78187494FB5F08B5A52DEB2AEA7A 12872704 ----a-w- C:\Windows\SysWOW64\shell32.dll 2013-05-16 17:50:00 E904178851A6A44BFA97E064EF779E9D 1796096 ----a-w- C:\Windows\SysWOW64\authui.dll 2013-05-16 17:50:00 1F05F5A16881CD928C82D53CEFCF4477 180224 ----a-w- C:\Windows\SysWOW64\shdocvw.dll 2013-05-16 17:12:07 49834B94A8E8383B700EDDEF46C2AE6A 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-05-16 17:12:06 28AEB03752D716BF149DBC93A9ACC17E 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-05-16 17:12:02 DFDBC397D0DDBD1AFA3CB400D4C003A9 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2013-05-16 17:12:01 5915AA67DECA289F7B4AFB686CDB09E9 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-05-16 17:12:01 3CC9825BFFE7B7429C8B79B0395ACDA8 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2013-05-16 17:12:01 366D8EA2ADCBA228C9487BC6D2427DDC 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2013-05-16 17:12:00 52AA8A8DA4175580F365D275EB53DBE3 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-05-16 17:11:59 F59A16A9418044C1D505C53DA370B099 2046976 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-05-16 17:11:57 65C95886E1B17001ADDF163AC18C5525 1130496 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-05-16 17:11:55 0142341520F0A0F2B0E312335B96705B 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-05-16 17:11:54 C9A062F32FF600C96795B43CD9A53151 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-05-16 17:11:52 5ABB3F36AF17007F33FA275E96A2C95E 1767424 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-05-16 17:11:52 03180AFD271BFD88813F428421BC4A1A 39424 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-05-16 17:11:47 7A468BC721C1D34E60389D3F2F87BBEA 14323712 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-05-16 17:11:40 D5E5A86F49ACC11768D8339094C3AFD8 13760512 ----a-w- C:\Windows\SysWOW64\ieframe.dll ====== C:\Windows\SysWOW64\drivers ===== 2013-05-29 22:21:59 6CCD1135320109D6B219F1A6E04AD9F6 22784 ----a-w- C:\Windows\SysWOW64\drivers\afc.sys ====== C:\Windows\Sysnative ===== 2013-05-26 19:30:14 315781E506D97F08E22F164B36EB5C11 108448 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll 2013-05-19 15:25:57 AC2EADCDF2ECE022D1DBCEAE3FA9AF25 621056 ------w- C:\Windows\Sysnative\MJ14.exe 2013-05-16 17:50:45 FE90B750AB808FB9DD8FBB428B5FF83B 230400 ----a-w- C:\Windows\Sysnative\wwansvc.dll 2013-05-16 17:50:45 30B1489F2DCD8DC1AB6BB60CA6093615 48640 ----a-w- C:\Windows\Sysnative\wwanprotdim.dll 2013-05-16 17:50:37 943F527DF79E6B400104341AA7023C75 144384 ----a-w- C:\Windows\Sysnative\cdd.dll 2013-05-16 17:50:06 1BFC94665BCA35F9001ADC7BFB167C63 14172672 ----a-w- C:\Windows\Sysnative\shell32.dll 2013-05-16 17:50:03 3EF480BFED1B5947A32585E30A58D4ED 1930752 ----a-w- C:\Windows\Sysnative\authui.dll 2013-05-16 17:50:03 22A0AE97360C1B146FDD9AA55AC0E989 197120 ----a-w- C:\Windows\Sysnative\shdocvw.dll 2013-05-16 17:50:01 E948D1D42DC68923ABD75EEB5BCCD1D3 111448 ----a-w- C:\Windows\Sysnative\consent.exe 2013-05-16 17:49:58 9D2A2369AB4B08A4905FE72DB104498F 70144 ----a-w- C:\Windows\Sysnative\appinfo.dll 2013-05-16 17:48:22 A11523523B31086DD760C0189C763359 3153920 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-05-16 17:12:07 9B2BB51ED6D28860A48CFF46FD6D3DC1 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-05-16 17:12:06 FE6CB2001A8C2A85B617CD3FC85D8242 526336 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-05-16 17:12:05 42758AF68D3C4912C8D8A18088AD2555 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-05-16 17:12:02 97588F2871E1FE8E3EB57B17B98DF03B 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll 2013-05-16 17:12:02 168602AB16D30D5D6E091CA609FC7E75 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll 2013-05-16 17:12:01 A197763AA7487807279AB61CD6835CEF 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe 2013-05-16 17:12:00 EC6E8273B6CB79CA5B7B00CA82D1FCEE 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2013-05-16 17:12:00 7DAA72F6C30D81EE31EC2BDC90054326 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-05-16 17:11:59 9D6B9124B582F0FBF275B434CE5A672C 2647552 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-05-16 17:11:56 E34F0440799F9A0F9DC4265F4ADA75C1 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-05-16 17:11:56 772EC073332D1BA2DBEC32C6D063811A 855552 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-05-16 17:11:54 2C96C695B6015042AC867EA419A45C20 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-05-16 17:11:52 254502230F2259D255D4149C235173B1 53248 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-05-16 17:11:50 27A9000C534AA9BADC9EE74940F50C6D 2242048 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-05-16 17:11:44 C56EF4C50A1FEED0CC9B7AE068CBBBBB 19231232 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-05-16 17:11:42 7F4F74880E0B586EB7A9E225C34B1296 15404032 ----a-w- C:\Windows\Sysnative\ieframe.dll ====== C:\Windows\Sysnative\drivers ===== 2013-05-16 17:50:38 AF2E16242AA723F68F461B6EAE2EAD3D 983400 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2013-05-16 17:50:38 1F04CFB79DD5FB7694468CE3FB3DCC31 265064 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys ====== C:\Windows\Tasks ====== 2013-05-29 23:07:04 F34834A54AD3AC01EAF9D33E17697B33 3350 ----a-w- C:\Windows\Sysnative\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1364749199-3237543244-4035560231-1000 2013-05-25 02:14:44 B8E6D41F2A6A99B1974E2C1053B285AE 3124 ----a-w- C:\Windows\Sysnative\Tasks\{353AAF2B-C217-498C-98F7-38CC7F9E7293} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-05-24 11:42:08 -------- d-----w- C:\Program Files\Microsoft Games ======= C:\Program Files (x86) ===== 2013-05-29 22:49:32 -------- d-----w- C:\Program Files (x86)\OVT 2013-05-29 22:21:27 -------- d-----w- C:\Program Files (x86)\Common Files\ArcSoft 2013-05-29 22:21:26 -------- d-----w- C:\Program Files (x86)\ArcSoft 2013-05-27 13:32:01 -------- d-----w- C:\Program Files (x86)\MPC-HC 2013-05-25 10:14:27 -------- d-----w- C:\Program Files (x86)\FileASSASSIN 2013-05-24 01:57:17 -------- d-----w- C:\Program Files (x86)\x264 Video Codec 2013-05-19 15:58:21 -------- d-----w- C:\Program Files (x86)\Webteh 2013-05-19 15:25:56 -------- d-----w- C:\Program Files (x86)\J River ======= C: ===== 2013-05-29 21:47:39 9A5ADA74C1E0416CA6F674A041F8ED61 77 ----a-w- C:\ADR_ColdStart.txt 2013-05-25 04:00:39 20E48F216A4627245A8002264FAE03BA 2336 ----a-w- C:\AdwCleaner[s2].txt 2013-05-25 03:57:52 5CBC797FAAD0084DF4A0321486249431 2242 ----a-w- C:\AdwCleaner[R1].txt ====== C:\Users\Hendrik\AppData\Roaming ====== 2013-05-29 22:24:36 -------- d-----w- C:\users\Hendrik\AppData\Local\ArcSoft 2013-05-29 22:22:01 -------- d-----w- C:\users\Hendrik\AppData\Roaming\ArcSoft 2013-05-28 00:35:53 -------- d-----w- C:\users\Hendrik\AppData\Roaming\Media Player Classic 2013-05-28 00:09:01 -------- d-----w- C:\users\UpdatusUser\AppData\Local\temp 2013-05-28 00:09:01 -------- d-----w- C:\users\Public\AppData\Local\temp 2013-05-28 00:09:01 -------- d-----w- C:\users\Default\AppData\Local\temp 2013-05-28 00:09:01 -------- d-----w- C:\users\Default User\AppData\Local\temp 2013-05-28 00:09:01 -------- d-----w- C:\users\AppData\AppData\Local\temp 2013-05-24 01:57:23 -------- d-----w- C:\users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264 Video Codec 2013-05-19 15:58:25 -------- d-----w- C:\users\Hendrik\AppData\Roaming\BSplayer Pro 2013-05-19 15:58:25 -------- d-----w- C:\users\Hendrik\AppData\Roaming\BSplayer 2013-05-19 15:34:38 -------- d-----w- C:\users\Hendrik\AppData\Local\DDMSettings 2013-05-19 15:25:35 -------- d-----w- C:\users\Hendrik\AppData\Roaming\J River ====== C:\Users\Hendrik ====== 2013-05-29 23:01:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect 2013-05-29 22:49:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ovt 2013-05-29 22:24:06 -------- d-----w- C:\ProgramData\ArcSoft 2013-05-29 22:21:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoImpression 6 2013-05-28 00:09:01 -------- d-----w- C:\Users\Public\AppData 2013-05-28 00:09:01 -------- d-----w- C:\Users\AppData\AppData 2013-05-27 13:32:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC 2013-05-25 10:14:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN 2013-05-19 15:59:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player 2013-05-19 15:27:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\J. River Media Jukebox 14 ====== C: exe-files == 2013-05-29 23:01:33 E72831417985680AAF432610DE880E53 192512 ----a-w- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\AcStBmhE.exe 2013-05-29 23:01:04 E8D31635B53668D75F01C67275669722 81920 ----a-w- C:\Program Files (x86)\ArcSoft\PhotoImpression 6\uTwainPhotoExe.exe 2013-05-29 23:01:04 4CFFA06DBD22569068F05FD625800F65 81920 ----a-w- C:\Program Files (x86)\ArcSoft\PhotoImpression 6\uTwainFilmExe.exe 2013-05-29 23:00:55 E61D65C33F2ECC93AE0C005DAC76D087 175104 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{063E409E-3D7C-4A4A-95AB-2F124B9224B3}\Setup.exe 2013-05-29 22:22:00 A021285655B6C0B2EB6ECDD9CDF45A44 51712 ----a-w- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACRun.exe 2013-05-29 22:22:00 82AC6AE0F6A7906861429EB852248F98 96768 ----a-w- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACStart.exe 2013-05-29 22:22:00 769DB4F484957CC98153B3C1B5D1162F 109056 ----a-w- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 2013-05-29 22:22:00 764A17F28192A3EC01ACD1C034405B1C 188728 ----a-w- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe 2013-05-29 22:21:43 944904845529B7D84E9E6DF73406FBB4 60160 ----a-w- C:\Program Files (x86)\ArcSoft\PhotoImpression 6\Modules\SimpleEmail\Sendmail.exe 2013-05-29 22:21:42 1BB52BD6B2F4F75B07AB4C4A334D2050 97024 ----a-w- C:\Program Files (x86)\ArcSoft\PhotoImpression 6\Modules\OrderPrintsOnline\Update.exe 2013-05-29 22:21:33 A19B87F7F263D99393432FDD1A845DA2 65536 ----a-w- C:\Program Files (x86)\ArcSoft\PhotoImpression 6\uTwainExe.exe 2013-05-29 22:21:30 9B13717CBE7AD0DB055136BA81E05E2C 35584 ----a-w- C:\Program Files (x86)\ArcSoft\PhotoImpression 6\TwainEnum.exe 2013-05-29 22:21:30 681202A6A5CDF4CEE504FBC3F3CB48BD 252672 ----a-w- C:\Program Files (x86)\ArcSoft\PhotoImpression 6\PhotoViewer.exe 2013-05-29 22:21:29 9EEA978178A634A54CA6B0BC3C1645FC 167936 ----a-w- C:\Program Files (x86)\ArcSoft\PhotoImpression 6\PhotoImpression.exe 2013-05-29 22:21:29 10FCF11B3AE0AF10E967FABE7476184B 117504 ----a-w- C:\Program Files (x86)\ArcSoft\PhotoImpression 6\Monitor.exe 2013-05-29 22:21:28 BD3CD198FA568B11DF62B76245F799D1 43776 ----a-w- C:\Program Files (x86)\ArcSoft\PhotoImpression 6\InitMediaLib.exe 2013-05-29 22:21:28 AFD801812E74471B8F01AE5391B75AC6 142080 ----a-w- C:\Program Files (x86)\ArcSoft\PhotoImpression 6\MediaPlayer.exe 2013-05-29 22:21:26 8F1810ECD51F9F6B93A636ABD2525532 154112 ----a-w- C:\Program Files (x86)\ArcSoft\PhotoImpression 6\CheckUpdate.exe 2013-05-29 22:21:22 13A3876A7217F84BC045326C7C86E2A6 175104 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{D56401D6-E356-4CA5-97A3-024D666F5E5C}\Setup.exe 2013-05-27 23:38:55 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2013-05-27 23:38:55 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2013-05-27 23:38:55 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2013-05-27 23:38:55 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2013-05-27 23:38:55 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe 2013-05-27 13:32:02 B4704B8857ED25E38D062369D2E4788A 11386208 ----a-w- C:\Program Files (x86)\MPC-HC\mpc-hc.exe 2013-05-27 13:32:01 B5CF68927816EDDFBC5FF9AA802DC80F 1239392 ----a-w- C:\Program Files (x86)\MPC-HC\unins000.exe 2013-05-26 13:44:32 7B9319D6C9CCE7467D0A0F2773B08E64 59392 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe 2013-05-26 13:44:32 3ECAC6384B793F4E73C71C822581EE63 54632 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe 2013-05-26 13:44:32 2C47C653DB966100F841F89FDF97B75D 130408 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe 2013-05-26 13:44:32 01D20A3F86B8481950C368060898C967 103272 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe 2013-05-25 10:14:28 0D4D1BA51BF0C1480AEAAF79E0EBE995 69223 ----a-w- C:\Program Files (x86)\FileASSASSIN\uninst.exe 2013-05-24 01:57:31 98C41AB0F6C05B0DEC773EC74526EACC 371561 ----a-w- C:\Program Files (x86)\x264 Video Codec\Uninstall.exe 2013-05-23 11:02:11 46BC5F8AB093CAAD1135003AE7F1ABDD 1918976 ----a-w- C:\Users\Hendrik\AppData\Local\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe 2013-05-23 11:02:11 46BC5F8AB093CAAD1135003AE7F1ABDD 1918976 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe 2013-05-23 11:02:11 46BC5F8AB093CAAD1135003AE7F1ABDD 1918976 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe 2013-05-23 11:02:11 46BC5F8AB093CAAD1135003AE7F1ABDD 1918976 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe 2013-05-23 11:02:11 46BC5F8AB093CAAD1135003AE7F1ABDD 1918976 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe 2013-05-23 11:02:11 46BC5F8AB093CAAD1135003AE7F1ABDD 1918976 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe 2013-05-23 11:02:11 46BC5F8AB093CAAD1135003AE7F1ABDD 1918976 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe 2013-05-23 11:02:11 46BC5F8AB093CAAD1135003AE7F1ABDD 1918976 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe 2013-05-23 11:02:10 122787B85554A8D7B3D4C0B2B138A1DC 133632 ----a-w- C:\Users\Hendrik\AppData\Local\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe 2013-05-23 11:02:10 122787B85554A8D7B3D4C0B2B138A1DC 133632 ----a-w- C:\Users\Hendrik\AppData\Local\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs...exe_9e9e83ddf3ed3ead_0005.0001_none_ee6919cf167f23c7\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe 2013-05-23 11:02:10 122787B85554A8D7B3D4C0B2B138A1DC 133632 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe 2013-05-23 11:02:10 122787B85554A8D7B3D4C0B2B138A1DC 133632 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs...exe_9e9e83ddf3ed3ead_0005.0001_none_ee6919cf167f23c7\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe 2013-05-23 11:02:10 122787B85554A8D7B3D4C0B2B138A1DC 133632 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe 2013-05-23 11:02:10 122787B85554A8D7B3D4C0B2B138A1DC 133632 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs...exe_9e9e83ddf3ed3ead_0005.0001_none_ee6919cf167f23c7\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe 2013-05-23 11:02:10 122787B85554A8D7B3D4C0B2B138A1DC 133632 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe 2013-05-23 11:02:10 122787B85554A8D7B3D4C0B2B138A1DC 133632 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs...exe_9e9e83ddf3ed3ead_0005.0001_none_ee6919cf167f23c7\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe 2013-05-23 11:02:10 122787B85554A8D7B3D4C0B2B138A1DC 133632 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe 2013-05-23 11:02:10 122787B85554A8D7B3D4C0B2B138A1DC 133632 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs...exe_9e9e83ddf3ed3ead_0005.0001_none_ee6919cf167f23c7\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe 2013-05-23 11:02:10 122787B85554A8D7B3D4C0B2B138A1DC 133632 ----a-w- C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Apps\2.0\QNGTC4Y9.75E\YWZ2QVZG.EQN\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe === C: other files == 2013-05-29 22:21:59 6CCD1135320109D6B219F1A6E04AD9F6 22784 ----a-w- C:\Windows\SysWOW64\drivers\afc.sys 2013-05-28 00:36:37 0F69938F999304C2039FE62C2938C798 56101 ----a-w- C:\Users\Hendrik\AppData\Roaming\J River\Media Jukebox 14\Library Backups\MJ Library Backup (Default - mei).zip ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" "Ulead AutoDetector v2"="C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot" "DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonMyPrinter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonMyPrinter" "hkey"="HKLM" "command"="C:\\Program Files\\Canon\\MyPrinter\\BJMyPrt.exe /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonSolutionMenu] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonSolutionMenu" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Canon\\SolutionMenu\\CNSLMAIN.exe /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUs Tray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EaseUs Tray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EASEUS\\Todo Backup\\bin\\TrayNotify.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUs Watch] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EaseUs Watch" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EASEUS\\Todo Backup\\bin\\EuWatch.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Freecorder FLV Service] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Freecorder FLV Service" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Freecorder\\FLVSrvc.exe\" /run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MediaGet2] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MediaGet2" "hkey"="HKCU" "command"="C:\\Users\\Hendrik\\AppData\\Local\\MediaGet2\\mediaget.exe --minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pando Media Booster] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Pando Media Booster" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Pando Networks\\Media Booster\\PMB.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Xvid] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Xvid" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Xvid\\CheckUpdate.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^simplicheck.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\simplicheck.lnk" "backup"="C:\\Windows\\pss\\simplicheck.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\SIMPLI~1\\SIMPLI~1\\SIMPLI~1.EXE -timer" "item"="simplicheck" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Hendrik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse Client.lnk] "path"="C:\\Users\\Hendrik\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Curse Client.lnk" "backup"="C:\\Windows\\pss\\Curse Client.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Hendrik\\AppData\\Local\\Apps\\2.0\\QNGTC4Y9.75E\\YWZ2QVZG.EQN\\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\\CurseClient.exe " "item"="Curse Client" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Hendrik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip] "path"="C:\\Users\\Hendrik\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\CurseClientStartup.ccip" "backup"="C:\\Windows\\pss\\CurseClientStartup.ccip.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Hendrik\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\CurseClientStartup.ccip" "item"="CurseClientStartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Hendrik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk] "path"="C:\\Users\\Hendrik\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.3 .lnk" "backup"="C:\\Windows\\pss\\OpenOffice.org 3.3 .lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\OPENOF~1.ORG\\program\\QUICKS~1.EXE " "item"="OpenOffice.org 3.3 " ==== Startup Folders ====================== 2012-11-12 00:51:49 2105 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15/05/2013 00:11] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/08/2011 23:09] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/08/2011 23:09] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\opp9rn57.default - HP Smart Print - %ProfilePath%\extensions\hpwebprint@hpwebprint.com.xpi - Easy YouTube Video Downloader - %ProfilePath%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\opp9rn57.default ADC539F67D3198679F480974EE203678 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.210.11 7ABE33792F2787D599B6963E71B9E8CD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll - Shockwave Flash 66640A55AEFF3819C94E0A8D40D7E0AD - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director F7015E6C5FE1E74C0E029A291E732787 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) BF115DE08783E9FA8A9BB83DAA39149B - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) 395BB0421E1C57D201DCE4D48E05E0BA - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) A56B8E622037E6D57480F16F4B8F472C - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin 3CB231F12674D3CB0AC1F5EDE9578E85 - C:\Windows\SysWOW64\npwmsdrm.dll - Microsoft® Windows Media Services 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[06/03/2013 02:26] jbolfgndggfhhpbnkgnpjkfhinclbigj - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[27/06/2012 13:01] mpfkfpmlciebaiepdediekoemmjaoong - C:\Users\Hendrik\AppData\Local\PC Speed Up Extension\Chrome\PC Speed Up Extension.crx[01/01/2013 00:47] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[06/05/2013 10:12] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Autodesk Design Review 2013.lnk - C:\Program Files (x86)\Autodesk\Autodesk Design Review 2013\DesignReview.exe C:\Users\Public\Desktop\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\DivX Plus Converter.lnk - C:\Program Files (x86)\DivX\DivX Plus Converter\DivXConverterLauncher.exe C:\Users\Public\Desktop\DivX Plus Player.lnk - C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe C:\Users\Public\Desktop\FileASSASSIN.lnk - C:\Program Files (x86)\FileASSASSIN\FileASSASSIN.exe C:\Users\Public\Desktop\Media Jukebox 14.lnk - C:\Program Files (x86)\J River\Media Jukebox 14\Media Jukebox 14.exe C:\Users\Public\Desktop\Photo Impression 6.lnk - C:\Program Files (x86)\ArcSoft\PhotoImpression 6\PhotoImpression.exe C:\Users\Public\Desktop\Speccy.lnk - C:\Program Files\Speccy\Speccy64.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264 Video Codec\Uninstall.lnk - C:\Program Files (x86)\x264 Video Codec\Uninstall.exe C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264 Video Codec\Filters\FFDShow Audio Decoder Configuration.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\x264 Video Codec\Filters\FFDShow\ffdshow.ax",configureAudio C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264 Video Codec\Filters\FFDShow VFW Codec Configuration.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\x264 Video Codec\Filters\FFDShow\ff_vfw.dll",configureVFW C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264 Video Codec\Filters\FFDShow Video Decoder Configuration.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\x264 Video Codec\Filters\FFDShow\ffdshow.ax",configure C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264 Video Codec\Filters\Haali Media Splitter Settings.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\x264 Video Codec\Filters\Haali\Splitter.ax",Configure C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264 Video Codec\Filters\VSFilter Configuration.lnk - C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\x264 Video Codec\Filters\vsfilter.dll",DirectVobSub ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AA1000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect\ArcSoft Connect starten.lnk - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACStart.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect\My ArcSoft Info bekijken.lnk - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACRun.exe ProductInfo.ac C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoImpression 6\PhotoImpression 6 Monitor.lnk - C:\Program Files (x86)\ArcSoft\PhotoImpression 6\Monitor.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoImpression 6\PhotoImpression 6.lnk - C:\Program Files (x86)\ArcSoft\PhotoImpression 6\PhotoImpression.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk Design Review 2013.lnk - C:\Program Files (x86)\Autodesk\Autodesk Design Review 2013\DesignReview.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player\Uninstall BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\uninstall.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Check for Updates.lnk - C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe /start=update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Plus Converter.lnk - C:\Program Files (x86)\DivX\DivX Plus Converter\DivXConverterLauncher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Plus Player.lnk - C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Support.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Register.lnk - C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe /start=registration C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN\FileASSASSIN.lnk - C:\Program Files (x86)\FileASSASSIN\FileASSASSIN.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN\Uninstall.lnk - C:\Program Files (x86)\FileASSASSIN\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FreeCell.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Hearts.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Minesweeper.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from Microsoft.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Purble Place.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Solitaire.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Spider Solitaire.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\J. River Media Jukebox 14\Check For Updates.lnk - C:\Program Files (x86)\J River\Media Jukebox 14\PackageInstaller.exe /Update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\J. River Media Jukebox 14\Media Jukebox 14.lnk - C:\Program Files (x86)\J River\Media Jukebox 14\Media Jukebox 14.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\J. River Media Jukebox 14\Uninstall Media Jukebox 14.lnk - C:\Program Files (x86)\J River\Media Jukebox 14\JRMediaUninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\Changelog.lnk - C:\Program Files (x86)\MPC-HC\Changelog.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\MPC-HC.lnk - C:\Program Files (x86)\MPC-HC\mpc-hc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\Verwijder MPC-HC.lnk - C:\Program Files (x86)\MPC-HC\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ovt\ovtscanner_vista64\Uninstall OVT Scanner.lnk - C:\Windows\SysWOW64\msiexec.exe /x {AE09704D-9051-4C25-B940-77F889F0C93F} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy\Speccy.lnk - C:\Program Files\Speccy\Speccy64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy\Uninstall Speccy.lnk - C:\Program Files\Speccy\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Media Jukebox 14.lnk - C:\Program Files (x86)\J River\Media Jukebox 14\Media Jukebox 14.exe C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Hendrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyOverride"="<local>" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\container.dat will be deleted at reboot C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\container.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\Hendrik\AppData\Local\Mozilla\Firefox\Profiles\opp9rn57.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Hendrik\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\container.dat" not found "C:\Users\Hendrik\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\container.dat" not found ==== EOF on do 30/05/2013 at 7:35:07,07 ====================== ik begin me hier toch wel wat zorgen te maken bij het lezen van dit verslag.

IE browser geopend en geprobeerd een bestand te downloaden van Bleepingcomputer site, zonder succes. Bestand wordt vernietigd als zijnde virus bevattend bestand. zie screenshot: [ATTACH=CONFIG]26130[/ATTACH] Nogmaals geprobeerd om Microsoft Security Essentials te starten zonder succes, geen permissie. zie screenshot: [ATTACH=CONFIG]26131[/ATTACH]

Combofix gedownload via Firefox browser uit Bleepingcomputer. Log Combofix: ComboFix 13-05-27.02 - Hendrik 28/05/2013 1:41.1.2 - x64 Microsoft Windows 7 Enterprise N 6.1.7601.1.1252.32.1033.18.4094.2376 [GMT 2:00] Gestart vanuit: d:\my desktop\ComboFix.exe SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Hendrik\AppData\Local\bonus.exe c:\windows\SysWow64\frapsvid.dll c:\windows\SysWow64\pt c:\windows\SysWow64\pt\AuthFWSnapIn.Resources.dll c:\windows\SysWow64\pt\AuthFWWizFwk.Resources.dll c:\windows\SysWow64\w3url.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2013-04-27 to 2013-05-27 )))))))))))))))))))))))))))))) . . 2013-05-27 13:32 . 2013-05-27 13:32 -------- d-----w- c:\program files (x86)\MPC-HC 2013-05-26 20:29 . 2013-05-26 20:29 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-05-26 20:28 . 2013-05-26 20:27 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-05-26 20:27 . 2013-05-26 20:27 -------- d-----w- c:\program files (x86)\Java 2013-05-26 19:30 . 2013-05-26 19:30 311200 ----a-w- c:\windows\system32\javaws.exe 2013-05-26 19:30 . 2013-05-26 19:30 188832 ----a-w- c:\windows\system32\javaw.exe 2013-05-26 19:30 . 2013-05-26 19:30 188320 ----a-w- c:\windows\system32\java.exe 2013-05-26 19:30 . 2013-05-26 19:30 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2013-05-26 17:54 . 2013-05-26 18:06 -------- d-----w- C:\TDSSKiller_Quarantine 2013-05-25 10:14 . 2013-05-25 10:14 -------- d-----w- c:\program files (x86)\FileASSASSIN 2013-05-24 11:42 . 2013-05-24 11:43 -------- d-----w- c:\program files\Microsoft Games 2013-05-24 01:57 . 2013-05-24 01:57 -------- d-----w- c:\program files (x86)\x264 Video Codec 2013-05-19 15:58 . 2013-05-19 16:06 -------- d-----w- c:\users\Hendrik\AppData\Roaming\BSplayer 2013-05-19 15:58 . 2013-05-19 15:58 -------- d-----w- c:\users\Hendrik\AppData\Roaming\BSplayer Pro 2013-05-19 15:58 . 2013-05-19 15:58 -------- d-----w- c:\program files (x86)\Webteh 2013-05-19 15:34 . 2013-05-19 15:34 -------- d-----w- c:\users\Hendrik\AppData\Local\DDMSettings 2013-05-19 15:25 . 2010-07-15 21:28 621056 ------w- c:\windows\SysWow64\MJ14.exe 2013-05-19 15:25 . 2010-07-15 21:28 621056 ------w- c:\windows\system32\MJ14.exe 2013-05-19 15:25 . 2013-05-19 15:25 -------- d-----w- c:\program files (x86)\J River 2013-05-19 15:25 . 2013-05-19 15:25 -------- d-----w- c:\users\Hendrik\AppData\Roaming\J River 2013-05-16 17:50 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll 2013-05-16 17:50 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll 2013-05-16 17:50 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2013-05-16 17:50 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2013-05-16 17:50 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll 2013-05-16 17:50 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll 2013-05-16 17:50 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll 2013-05-16 17:50 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll 2013-05-16 17:50 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe 2013-05-16 17:50 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll 2013-05-16 17:49 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll 2013-05-16 17:48 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys 2013-05-16 17:11 . 2013-04-05 06:50 2647552 ----a-w- c:\windows\system32\iertutil.dll 2013-05-14 22:11 . 2013-05-14 22:11 9195912 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-26 20:27 . 2012-11-11 21:47 866720 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2013-05-26 20:27 . 2011-04-17 18:53 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-05-26 19:30 . 2012-09-04 20:46 1092512 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-05-26 19:30 . 2011-05-07 14:06 971680 ----a-w- c:\windows\system32\deployJava1.dll 2013-05-24 02:02 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe 2013-05-24 01:58 . 2013-05-24 01:58 76232 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6E782BA2-D9FE-4D25-A0B4-B445F7208D1E}\offreg.dll ERROR(0x00000005) 2013-05-24 01:57 . 2013-05-24 01:57 225280 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Media Tools\MediaIconsOverlays.dll ERROR(0x00000005) 2013-05-21 21:15 . 2013-05-21 21:17 964552 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{41C20D7D-C06E-45AF-BC87-322811CAB5DC}\gapaengine.dll ERROR(0x00000005) 2013-05-18 10:32 . 2011-12-26 12:00 48648 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll ERROR(0x00000005) 2013-05-16 17:35 . 2011-04-12 18:43 75016696 ----a-w- c:\windows\system32\MRT.exe 2013-05-14 22:11 . 2012-04-01 20:46 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-05-14 22:11 . 2011-05-18 17:08 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-13 06:37 . 2013-05-23 09:12 9460464 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6E782BA2-D9FE-4D25-A0B4-B445F7208D1E}\mpengine.dll ERROR(0x00000005) 2013-05-13 06:37 . 2013-05-21 21:15 9460464 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll ERROR(0x00000005) 2013-05-09 18:00 . 2010-06-24 09:33 22240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll ERROR(0x00000005) 2013-05-02 15:29 . 2011-04-12 08:08 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-04-24 18:16 . 2011-05-21 10:37 905296 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll ERROR(0x00000005) 2013-04-13 05:49 . 2013-05-16 17:50 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49 . 2013-05-16 17:50 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49 . 2013-05-16 17:50 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49 . 2013-05-16 17:50 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45 . 2013-05-16 17:50 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-04-13 04:45 . 2013-05-16 17:50 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-04-12 23:44 . 2013-01-10 00:21 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2013-04-12 23:44 . 2013-01-10 00:21 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2013-04-12 14:45 . 2013-04-23 19:52 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-03-23 01:09 . 2013-03-23 01:09 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl 2013-03-19 06:04 . 2013-04-10 10:57 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-03-19 05:46 . 2013-04-10 10:57 43520 ----a-w- c:\windows\system32\csrsrv.dll 2013-03-19 05:04 . 2013-04-10 10:57 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04 . 2013-04-10 10:57 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47 . 2013-04-10 10:57 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll 2013-03-19 03:06 . 2013-04-10 10:57 112640 ----a-w- c:\windows\system32\smss.exe 2013-03-18 12:05 . 2013-03-18 12:05 815320 ----a-w- c:\windows\system32\ncs2dmix.dll 2013-03-18 12:05 . 2013-03-18 12:05 796888 ----a-w- c:\windows\system32\accesor.dll 2013-03-18 11:59 . 2013-03-18 11:59 220888 ----a-w- c:\windows\system32\ncs2instutility.dll 2013-03-18 11:57 . 2013-03-18 11:57 3345112 ----a-w- c:\windows\system32\ncscolib.dll 2013-03-16 13:15 . 2013-03-16 13:15 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-03-16 13:15 . 2013-03-16 13:15 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-03-16 13:15 . 2013-03-16 13:15 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-03-16 13:15 . 2013-03-16 13:15 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-03-16 13:15 . 2013-03-16 13:15 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-03-16 13:15 . 2013-03-16 13:15 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-03-16 13:15 . 2013-03-16 13:15 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-03-16 13:15 . 2013-03-16 13:15 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-03-16 13:15 . 2013-03-16 13:15 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-03-16 13:15 . 2013-03-16 13:15 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-03-16 13:15 . 2013-03-16 13:15 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-03-16 13:15 . 2013-03-16 13:15 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-03-16 13:15 . 2013-03-16 13:15 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-03-16 13:15 . 2013-03-16 13:15 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-03-16 13:15 . 2013-03-16 13:15 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-03-16 13:15 . 2013-03-16 13:15 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-03-16 13:15 . 2013-03-16 13:15 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-03-16 13:15 . 2013-03-16 13:15 197120 ----a-w- c:\windows\system32\msrating.dll 2013-03-16 13:15 . 2013-03-16 13:15 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-03-16 13:15 . 2013-03-16 13:15 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-03-16 13:15 . 2013-03-16 13:15 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-03-16 13:15 . 2013-03-16 13:15 81408 ----a-w- c:\windows\system32\icardie.dll 2013-03-16 13:15 . 2013-03-16 13:15 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-03-16 13:15 . 2013-03-16 13:15 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-03-16 13:15 . 2013-03-16 13:15 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-03-16 13:15 . 2013-03-16 13:15 441856 ----a-w- c:\windows\system32\html.iec 2013-03-16 13:15 . 2013-03-16 13:15 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-03-16 13:15 . 2013-03-16 13:15 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-03-16 13:15 . 2013-03-16 13:15 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-03-16 13:15 . 2013-03-16 13:15 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-03-16 13:15 . 2013-03-16 13:15 235008 ----a-w- c:\windows\system32\url.dll 2013-03-16 13:15 . 2013-03-16 13:15 216064 ----a-w- c:\windows\system32\msls31.dll 2013-03-16 13:15 . 2013-03-16 13:15 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-03-16 13:15 . 2013-03-16 13:15 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-03-16 13:15 . 2013-03-16 13:15 144896 ----a-w- c:\windows\system32\wextract.exe 2013-03-16 13:15 . 2013-03-16 13:15 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-03-16 13:15 . 2013-03-16 13:15 102912 ----a-w- c:\windows\system32\inseng.dll 2013-03-16 13:15 . 2013-03-16 13:15 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-03-16 13:15 . 2013-03-16 13:15 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-03-16 13:15 . 2013-03-16 13:15 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-03-16 13:15 . 2013-03-16 13:15 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-03-16 13:15 . 2013-03-16 13:15 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-03-16 13:15 . 2013-03-16 13:15 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-03-16 13:15 . 2013-03-16 13:15 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-03-16 13:15 . 2013-03-16 13:15 149504 ----a-w- c:\windows\system32\occache.dll 2013-03-16 13:15 . 2013-03-16 13:15 13824 ----a-w- c:\windows\system32\mshta.exe 2013-03-16 13:15 . 2013-03-16 13:15 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-03-16 13:15 . 2013-03-16 13:15 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-03-16 13:15 . 2013-03-16 13:15 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-03-03 21:51 . 2013-03-03 22:20 258352 ----a-w- c:\windows\SysWow64\unicows.dll 2013-03-01 15:13 . 2013-03-01 15:13 225792 ----a-w- c:\windows\system32\Ncs2Setp.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "Ulead AutoDetector v2"="c:\program files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2006-11-29 90112] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-05-10 37960] "TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2013-04-12 295512] "DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-04-15 450560] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [32W_LCD_TV]"(1920x1080@60Hz) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . 2;2 CareMon;CareMon [x] R1 vfzafaaw;vfzafaaw;c:\windows\system32\drivers\vfzafaaw.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560] R3 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe [2012-06-29 67584] R3 cpuz134;cpuz134;c:\program files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848] R3 Media Jukebox 14 Service;Media Jukebox 14 Service;c:\program files (x86)\J River\Media Jukebox 14\JRService.exe [2010-07-15 379400] R3 NisSrv;NisSrv;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360] R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976] R3 PSMounter;Macrium Reflect Image Explorer Service;c:\windows\system32\drivers\psmounter.sys [2011-07-01 40600] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 rt61x64;Linksys Wireless-G PCI Adapter Driver;c:\windows\system32\DRIVERS\WMP54Gv41x64.sys [x] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-09-29 695400] R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-07-25 1326176] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-05-16 156912] R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Hendrik\AppData\Local\Temp\tmp8F63.tmp [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976] R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys [2011-09-22 311144] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 431464] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2013-02-23 183048] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432] S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008] S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296] S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-03-06 39056] S2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2011-07-01 301720] S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-07-25 681056] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264] S2 supersafer64;supersafer64;c:\windows\SysWOW64\drivers\supersafer64.sys [2011-11-15 238072] S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2010-11-11 81008] S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-11-11 539248] S3 RTL8192cu;Belkin Wireless Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys [2012-02-01 1041000] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - NAL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}] 2009-07-14 01:14 126464 ----a-w- c:\windows\System32\advpack.dll . Inhoud van de 'Gedeelde Taken' map . 2013-05-27 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 22:11] . 2013-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-19 21:09] . 2013-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-19 21:09] . 2013-01-18 c:\windows\Tasks\PC SpeedUp Service Deactivator.job - c:\program files (x86)\PC Speed Up\PCSUSD.exe [2012-12-31 13:13] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1744152] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> LSP: d:\vmware workstation\vsocklib.dll Trusted Zone: dexia.be Trusted Zone: secunia.com TCP: DhcpNameServer = 195.130.130.133 195.130.131.133 FF - ProfilePath - c:\users\Hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\opp9rn57.default\ FF - ExtSQL: !HIDDEN! 2011-04-17 14:46; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\Hendrik\AppData\Local\Akamai\netsession_win.exe SafeBoot-28923202.sys HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file) WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) ShellIconOverlayIdentifiers-{1EC23CFF-4C58-458f-924C-8519AEF61B32} - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - c:\program files (x86)\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4} AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRing0_1_2_0] "ImagePath"="\??\c:\users\Hendrik\AppData\Local\Temp\tmp8F63.tmp" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FotoManager.9.alb" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.eps" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.gif" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.iff" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.pcd" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.png" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.tga" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.tif" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.tiff" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*] "Licence0"="04F0D21-79D8-7A25-D702-433F" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe c:\program files (x86)\Creative\Shared Files\CTDevSrv.exe c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE c:\program files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe c:\windows\SysWOW64\vmnat.exe c:\windows\SysWOW64\vmnetdhcp.exe c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe . ************************************************************************** . Voltooingstijd: 2013-05-28 02:08:58 - machine werd herstart ComboFix-quarantined-files.txt 2013-05-28 00:08 . Pre-Run: 98.046.431.232 bytes free Post-Run: 97.470.746.624 bytes free . - - End Of File - - 21B48F86C46B2EAA50E2A5CDFDB5F9D1