Trojan Horse in C:\windows\system32\services.exe

[Apie3procent]

Heb steeds een trojan horse waarschuwing. De waarschuwing staat in het bestandje services.exe (zie titel).

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:54:59, on 15-8-2012

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v9.00 (9.00.8112.16447)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe

C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Acer | MSN

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={4BE7BB38-D645-4924-A59D-47C5813159D3}&mid=509f89a0fe3947d1abe4cd3c4e3aa480-93140327d5ee4fb7b069a0795f5363137aeda013〈=en&ds=pp011&pr=sa&d=2012-07-24 12:27:00&v=12.1.0.21&sap=hp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Acer | MSN

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/howfytdl/{AE8A783F-7EB9-4A9B-8FED-E52CBD9EE5DC}

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll (file missing)

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (file missing)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll (file missing)

O3 - Toolbar: (no name) - !{338B4DFE-2E2C-4338-9E41-E176D497299E} - (no file)

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1"

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater12.1.5 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 14342 bytes

15 augustus 2012 aangepast door Apie3procent

[Asus]

Hoi Apie3procent

welkom op PCH.

Ik heb je een eigen topic aangemaakt...nieuwe logjes plaatsen in lopende topics van andere mensen creëert meestal enkel verwarring.

Neem in afwachting van de analyse van je logje deze (klik er op) Welkom Gids eens door, dan ben je helemaal "mee"...

[kape]

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/howfytdl/{AE8A783F-7EB9-4A9B-8FED-E52CBD9EE5DC}

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll (file missing)

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (file missing)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll (file missing)

O3 - Toolbar: (no name) - !{338B4DFE-2E2C-4338-9E41-E176D497299E} - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

[Apie3procent]

ComboFix 12-08-14.05 - Bram J 15-08-2012 14:41:04.2.4 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.3948.2697 [GMT 2:00]

Gestart vanuit: c:\users\Bram J\Desktop\ComboFix.exe

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

---- Voorgaande Run -------

.

c:\programdata\560d580e5f2ce5fbba020b41f9622db9_c

c:\programdata\FullRemove.exe

c:\users\Bram J\ia_remove.sh6429.tmp

c:\users\Bram J\ia_remove.sh6554.tmp

c:\windows\assembly\GAC_32\Desktop.ini

c:\windows\assembly\GAC_64\Desktop.ini

c:\windows\Installer\{8349a64e-639b-ced1-041b-99b3950e9f4d}\@

c:\windows\Installer\{8349a64e-639b-ced1-041b-99b3950e9f4d}\L\00000004.@

c:\windows\Installer\{8349a64e-639b-ced1-041b-99b3950e9f4d}\L\201d3dde

c:\windows\Installer\{8349a64e-639b-ced1-041b-99b3950e9f4d}\U\00000004.@

c:\windows\Installer\{8349a64e-639b-ced1-041b-99b3950e9f4d}\U\00000008.@

c:\windows\Installer\{8349a64e-639b-ced1-041b-99b3950e9f4d}\U\000000cb.@

c:\windows\Installer\{8349a64e-639b-ced1-041b-99b3950e9f4d}\U\80000000.@

c:\windows\Installer\{8349a64e-639b-ced1-041b-99b3950e9f4d}\U\80000032.@

c:\windows\Installer\{8349a64e-639b-ced1-041b-99b3950e9f4d}\U\80000064.@

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-15 to 2012-08-15 ))))))))))))))))))))))))))))))

.

.

2012-08-15 12:44 . 2012-08-15 12:44 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-15 12:14 . 2012-08-15 12:14 -------- d-----w- c:\windows\SysWow64\drivers\AVG

2012-08-15 08:46 . 2012-08-15 08:46 388096 ----a-r- c:\users\Bram J\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-08-15 08:46 . 2012-08-15 08:46 -------- d-----w- c:\program files (x86)\Trend Micro

2012-08-14 18:31 . 2012-08-14 18:31 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-08-14 18:23 . 2012-08-14 18:25 -------- d-----w- c:\programdata\Windows Codecs

2012-08-14 16:57 . 2012-08-14 16:57 -------- d-----w- c:\users\Bram J\AppData\Local\Wajam

2012-08-14 16:46 . 2012-06-09 17:21 178688 ----a-w- c:\windows\SysWow64\unrar.dll

2012-07-27 07:41 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll

2012-07-27 07:41 . 2008-10-15 04:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll

2012-07-27 07:41 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll

2012-07-27 07:41 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll

2012-07-27 07:41 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll

2012-07-27 07:41 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll

2012-07-24 19:01 . 2012-08-01 07:55 -------- d-----w- c:\program files (x86)\GameSpy Arcade

2012-07-24 18:58 . 2012-07-24 18:58 -------- d-----w- c:\program files (x86)\Aspyr

2012-07-23 16:32 . 2012-07-23 16:32 -------- d-----w- c:\users\Bram J\AppData\Roaming\cerasus.media

2012-07-23 16:32 . 2012-07-23 16:32 -------- d-----w- C:\Downloads

2012-07-23 16:24 . 2012-01-20 12:14 18816 ----a-w- c:\windows\system32\roboot64.exe

2012-07-23 16:24 . 2012-07-23 16:41 -------- d-----w- c:\users\Bram J\AppData\Roaming\systweak

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-15 10:50 . 2012-04-03 06:09 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-15 10:50 . 2011-08-21 12:42 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-16 06:06 . 2012-07-16 06:06 476976 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2012-07-16 06:06 . 2011-09-28 20:27 472880 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-07-13 19:20 . 2012-07-13 19:20 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2012-06-29 15:34 . 2012-02-24 16:49 560184 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-06-12 03:02 . 2012-07-12 18:47 3147264 ----a-w- c:\windows\system32\win32k.sys

2012-06-09 05:30 . 2012-07-11 06:19 14165504 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 05:50 . 2012-07-11 06:19 2003968 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 05:50 . 2012-07-11 06:19 1880064 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 05:09 . 2012-07-11 06:19 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:09 . 2012-07-11 06:19 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-02 22:19 . 2012-06-21 06:33 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-21 06:33 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-21 06:33 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-21 06:33 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-21 06:33 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-21 06:33 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-21 06:33 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-06-21 06:33 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:15 . 2012-06-21 06:33 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 12:49 . 2012-07-12 17:48 17807360 ----a-w- c:\windows\system32\mshtml.dll

2012-06-02 12:17 . 2012-07-12 17:48 10924032 ----a-w- c:\windows\system32\ieframe.dll

2012-06-02 12:12 . 2012-07-12 18:43 2311680 ----a-w- c:\windows\system32\jscript9.dll

2012-06-02 12:05 . 2012-07-12 18:43 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-06-02 12:05 . 2012-07-12 18:43 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-06-02 12:04 . 2012-07-12 18:43 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-06-02 12:04 . 2012-07-12 18:43 237056 ----a-w- c:\windows\system32\url.dll

2012-06-02 12:03 . 2012-07-12 18:43 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-06-02 12:01 . 2012-07-12 18:43 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-06-02 12:00 . 2012-07-12 18:43 818688 ----a-w- c:\windows\system32\jscript.dll

2012-06-02 11:59 . 2012-07-12 18:43 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-06-02 11:57 . 2012-07-12 18:43 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-06-02 11:57 . 2012-07-12 18:43 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-06-02 11:54 . 2012-07-12 18:43 248320 ----a-w- c:\windows\system32\ieui.dll

2012-06-02 08:33 . 2012-07-12 18:43 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-06-02 08:25 . 2012-07-12 18:43 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-06-02 08:25 . 2012-07-12 18:43 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-06-02 08:20 . 2012-07-12 18:43 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-06-02 08:16 . 2012-07-12 18:43 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-06-02 05:38 . 2012-07-11 06:19 95088 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:38 . 2012-07-11 06:19 152432 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:37 . 2012-07-11 06:19 459216 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:27 . 2012-07-11 06:19 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:27 . 2012-07-11 06:19 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:48 . 2012-07-11 06:19 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:48 . 2012-07-11 06:19 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:47 . 2012-07-11 06:19 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:42 . 2012-07-11 06:19 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-08-15_12.30.35 )))))))))))))))))))))))))))))))))))))))))

.

+ 2011-02-22 12:46 . 2012-08-15 12:31 68868 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-08-15 12:31 33370 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2011-08-13 14:20 . 2012-08-15 12:31 21844 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1115853856-1195314668-1870524670-1001_UserData.bin

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Windows Codecs]

@="{1EC23CFF-4C58-458f-924C-8519AEF61B32}"

[HKEY_CLASSES_ROOT\CLSID\{1EC23CFF-4C58-458f-924C-8519AEF61B32}]

2012-08-14 18:23 172032 ----a-w- c:\programdata\Windows Codecs\MediaShellOverlays.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [bU]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]

"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2010-11-12 296768]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-02-24 1078352]

"MDS_Menu"="c:\program files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" [bU]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [bU]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"HF_G_Jul"="c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe" [bU]

"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [bU]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe" [2009-07-14 73216]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-15 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-13 283200]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-02-24 347216]

S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-06 868224]

S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]

S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]

S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]

S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [2011-01-21 67624]

S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [2011-01-21 19496]

S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [2011-01-20 52264]

S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [2011-01-14 85544]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-11-12 138024]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2011-01-17 412712]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2012-08-15 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 10:50]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-10 2186856]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU]

"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-06 860040]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-12 167960]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-12 391704]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-12 418840]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

.

------- Bijkomende Scan -------

.

uStart Page = https://isearch.avg.com/?cid={4BE7BB38-D645-4924-A59D-47C5813159D3}&mid=509f89a0fe3947d1abe4cd3c4e3aa480-93140327d5ee4fb7b069a0795f5363137aeda013〈=en&ds=pp011&pr=sa&d=2012-07-24 12:27&v=12.1.0.21&sap=hp

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.16.4

FF - ProfilePath - c:\users\Bram J\AppData\Roaming\Mozilla\Firefox\Profiles\572zue3t.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/

FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid={4BE7BB38-D645-4924-A59D-47C5813159D3}&mid=509f89a0fe3947d1abe4cd3c4e3aa480-93140327d5ee4fb7b069a0795f5363137aeda013〈=nl&ds=AVG&pr=fr&d=2012-08-15 14:07&v=12.2.0.5&sap=ku&q=

FF - prefs.js: network.proxy.type - 0

FF - user.js: extentions.y2layers.installId - 17575d9c-1283-4a30-8f02-b10cadb79915

FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube

FF - user.js: extensions.autoDisableScopes - 14

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111304&tt=190712_n_mont_3012_4

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=

FF - user.js: extensions.BabylonToolbar.id - 1875b2f9000000000000ec55f9172059

FF - user.js: extensions.BabylonToolbar.instlDay - 15544

FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1

FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.118:24

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - base

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.admin - false

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

Toolbar-!{338B4DFE-2E2C-4338-9E41-E176D497299E} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)

AddRemove-Sportlink Club - c:\windows\system32\javaws.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1115853856-1195314668-1870524670-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (S-1-5-21-1115853856-1195314668-1870524670-1001)

@Denied: (2) (LocalSystem)

"Progid"="Outlook.File.eml.14"

.

[HKEY_USERS\S-1-5-21-1115853856-1195314668-1870524670-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (S-1-5-21-1115853856-1195314668-1870524670-1001)

@Denied: (2) (LocalSystem)

"Progid"="Outlook.File.vcf.14"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]

"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-08-15 15:05:47

ComboFix-quarantined-files.txt 2012-08-15 13:05

.

Pre-Run: 505.766.912.000 bytes beschikbaar

Post-Run: 505.464.082.432 bytes beschikbaar

.

- - End Of File - - 24B6EC23EE7880F3079A10285C6BD167

[kape]

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Firefox::

FF - ProfilePath - c:\users\Bram J\AppData\Roaming\Mozilla\Firefox\Profiles\572zue3t.default\

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111304&tt=190712_n_mont_3012_4

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=

FF - user.js: extensions.BabylonToolbar.id - 1875b2f9000000000000ec55f9172059

FF - user.js: extensions.BabylonToolbar.instlDay - 15544

FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1

FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.118:24

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - base

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.admin - false

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

[Apie3procent]

Logboek Combi Fix

ComboFix 12-08-14.05 - Bram J 15-08-2012 15:58:40.3.4 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.3948.2490 [GMT 2:00]

Gestart vanuit: c:\users\Bram J\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Bram J\Desktop\CFScript.txt

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-15 to 2012-08-15 ))))))))))))))))))))))))))))))

.

.

2012-08-15 14:01 . 2012-08-15 14:01 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-15 12:14 . 2012-08-15 12:14 -------- d-----w- c:\windows\SysWow64\drivers\AVG

2012-08-15 08:46 . 2012-08-15 08:46 388096 ----a-r- c:\users\Bram J\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-08-15 08:46 . 2012-08-15 08:46 -------- d-----w- c:\program files (x86)\Trend Micro

2012-08-14 18:31 . 2012-08-14 18:31 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-08-14 18:23 . 2012-08-14 18:25 -------- d-----w- c:\programdata\Windows Codecs

2012-08-14 16:57 . 2012-08-14 16:57 -------- d-----w- c:\users\Bram J\AppData\Local\Wajam

2012-08-14 16:46 . 2012-06-09 17:21 178688 ----a-w- c:\windows\SysWow64\unrar.dll

2012-07-27 07:41 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll

2012-07-27 07:41 . 2008-10-15 04:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll

2012-07-27 07:41 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll

2012-07-27 07:41 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll

2012-07-27 07:41 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll

2012-07-27 07:41 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll

2012-07-24 19:01 . 2012-08-01 07:55 -------- d-----w- c:\program files (x86)\GameSpy Arcade

2012-07-24 18:58 . 2012-07-24 18:58 -------- d-----w- c:\program files (x86)\Aspyr

2012-07-23 16:32 . 2012-07-23 16:32 -------- d-----w- c:\users\Bram J\AppData\Roaming\cerasus.media

2012-07-23 16:32 . 2012-07-23 16:32 -------- d-----w- C:\Downloads

2012-07-23 16:24 . 2012-01-20 12:14 18816 ----a-w- c:\windows\system32\roboot64.exe

2012-07-23 16:24 . 2012-07-23 16:41 -------- d-----w- c:\users\Bram J\AppData\Roaming\systweak

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-15 10:50 . 2012-04-03 06:09 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-15 10:50 . 2011-08-21 12:42 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-16 06:06 . 2012-07-16 06:06 476976 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2012-07-16 06:06 . 2011-09-28 20:27 472880 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-07-13 19:20 . 2012-07-13 19:20 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2012-06-29 15:34 . 2012-02-24 16:49 560184 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-06-12 03:02 . 2012-07-12 18:47 3147264 ----a-w- c:\windows\system32\win32k.sys

2012-06-09 05:30 . 2012-07-11 06:19 14165504 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 05:50 . 2012-07-11 06:19 2003968 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 05:50 . 2012-07-11 06:19 1880064 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 05:09 . 2012-07-11 06:19 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:09 . 2012-07-11 06:19 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-02 22:19 . 2012-06-21 06:33 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-21 06:33 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-21 06:33 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-21 06:33 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-21 06:33 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-21 06:33 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-21 06:33 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-06-21 06:33 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:15 . 2012-06-21 06:33 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 12:49 . 2012-07-12 17:48 17807360 ----a-w- c:\windows\system32\mshtml.dll

2012-06-02 12:17 . 2012-07-12 17:48 10924032 ----a-w- c:\windows\system32\ieframe.dll

2012-06-02 12:12 . 2012-07-12 18:43 2311680 ----a-w- c:\windows\system32\jscript9.dll

2012-06-02 12:05 . 2012-07-12 18:43 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-06-02 12:05 . 2012-07-12 18:43 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-06-02 12:04 . 2012-07-12 18:43 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-06-02 12:04 . 2012-07-12 18:43 237056 ----a-w- c:\windows\system32\url.dll

2012-06-02 12:03 . 2012-07-12 18:43 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-06-02 12:01 . 2012-07-12 18:43 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-06-02 12:00 . 2012-07-12 18:43 818688 ----a-w- c:\windows\system32\jscript.dll

2012-06-02 11:59 . 2012-07-12 18:43 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-06-02 11:57 . 2012-07-12 18:43 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-06-02 11:57 . 2012-07-12 18:43 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-06-02 11:54 . 2012-07-12 18:43 248320 ----a-w- c:\windows\system32\ieui.dll

2012-06-02 08:33 . 2012-07-12 18:43 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-06-02 08:25 . 2012-07-12 18:43 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-06-02 08:25 . 2012-07-12 18:43 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-06-02 08:20 . 2012-07-12 18:43 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-06-02 08:16 . 2012-07-12 18:43 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-06-02 05:38 . 2012-07-11 06:19 95088 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:38 . 2012-07-11 06:19 152432 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:37 . 2012-07-11 06:19 459216 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:27 . 2012-07-11 06:19 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:27 . 2012-07-11 06:19 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:48 . 2012-07-11 06:19 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:48 . 2012-07-11 06:19 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:47 . 2012-07-11 06:19 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:42 . 2012-07-11 06:19 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-08-15_12.30.35 )))))))))))))))))))))))))))))))))))))))))

.

+ 2011-02-22 12:46 . 2012-08-15 12:31 68868 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-08-15 12:31 33370 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2011-08-13 14:20 . 2012-08-15 12:31 21844 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1115853856-1195314668-1870524670-1001_UserData.bin

+ 2009-07-14 02:34 . 2012-08-15 12:45 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT

- 2009-07-14 02:34 . 2012-08-15 09:19 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Windows Codecs]

@="{1EC23CFF-4C58-458f-924C-8519AEF61B32}"

[HKEY_CLASSES_ROOT\CLSID\{1EC23CFF-4C58-458f-924C-8519AEF61B32}]

2012-08-14 18:23 172032 ----a-w- c:\programdata\Windows Codecs\MediaShellOverlays.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [bU]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]

"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2010-11-12 296768]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-02-24 1078352]

"MDS_Menu"="c:\program files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" [bU]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [bU]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"HF_G_Jul"="c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe" [bU]

"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [bU]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe" [2009-07-14 73216]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-15 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-13 283200]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-02-24 347216]

S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-06 868224]

S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]

S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]

S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]

S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [2011-01-21 67624]

S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [2011-01-21 19496]

S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [2011-01-20 52264]

S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [2011-01-14 85544]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-11-12 138024]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2011-01-17 412712]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2012-08-15 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 10:50]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-10 2186856]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU]

"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-06 860040]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-12 167960]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-12 391704]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-12 418840]

.

------- Bijkomende Scan -------

.

uStart Page = https://isearch.avg.com/?cid={4BE7BB38-D645-4924-A59D-47C5813159D3}&mid=509f89a0fe3947d1abe4cd3c4e3aa480-93140327d5ee4fb7b069a0795f5363137aeda013〈=en&ds=pp011&pr=sa&d=2012-07-24 12:27&v=12.1.0.21&sap=hp

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.16.4

FF - ProfilePath - c:\users\Bram J\AppData\Roaming\Mozilla\Firefox\Profiles\572zue3t.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/

FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid={4BE7BB38-D645-4924-A59D-47C5813159D3}&mid=509f89a0fe3947d1abe4cd3c4e3aa480-93140327d5ee4fb7b069a0795f5363137aeda013〈=nl&ds=AVG&pr=fr&d=2012-08-15 14:07&v=12.2.0.5&sap=ku&q=

FF - prefs.js: network.proxy.type - 0

FF - user.js: extentions.y2layers.installId - 17575d9c-1283-4a30-8f02-b10cadb79915

FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube

FF - user.js: extensions.autoDisableScopes - 14

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

Toolbar-!{338B4DFE-2E2C-4338-9E41-E176D497299E} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1115853856-1195314668-1870524670-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (S-1-5-21-1115853856-1195314668-1870524670-1001)

@Denied: (2) (LocalSystem)

"Progid"="Outlook.File.eml.14"

.

[HKEY_USERS\S-1-5-21-1115853856-1195314668-1870524670-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (S-1-5-21-1115853856-1195314668-1870524670-1001)

@Denied: (2) (LocalSystem)

"Progid"="Outlook.File.vcf.14"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]

"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-08-15 16:22:26

ComboFix-quarantined-files.txt 2012-08-15 14:22

ComboFix2.txt 2012-08-15 13:05

.

Pre-Run: 505.566.269.440 bytes beschikbaar

Post-Run: 505.499.561.984 bytes beschikbaar

.

- - End Of File - - 136BD1517E7DCDC1DCF1821DE36C4240

[Apie3procent]

Logboek TDSS Killer

16:25:55.0898 1476 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05

16:25:56.0148 1476 ============================================================

16:25:56.0148 1476 Current date / time: 2012/08/15 16:25:56.0148

16:25:56.0148 1476 SystemInfo:

16:25:56.0148 1476

16:25:56.0148 1476 OS Version: 6.1.7600 ServicePack: 0.0

16:25:56.0148 1476 Product type: Workstation

16:25:56.0148 1476 ComputerName: BRAMJ-PC

16:25:56.0148 1476 UserName: Bram J

16:25:56.0148 1476 Windows directory: C:\Windows

16:25:56.0148 1476 System windows directory: C:\Windows

16:25:56.0148 1476 Running under WOW64

16:25:56.0148 1476 Processor architecture: Intel x64

16:25:56.0148 1476 Number of processors: 4

16:25:56.0148 1476 Page size: 0x1000

16:25:56.0148 1476 Boot type: Normal boot

16:25:56.0148 1476 ============================================================

16:25:56.0601 1476 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:25:56.0611 1476 ============================================================

16:25:56.0611 1476 \Device\Harddisk0\DR0:

16:25:56.0611 1476 MBR partitions:

16:25:56.0611 1476 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000

16:25:56.0611 1476 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x48A25000

16:25:56.0611 1476 ============================================================

16:25:56.0631 1476 C: <-> \Device\Harddisk0\DR0\Partition2

16:25:56.0631 1476 ============================================================

16:25:56.0631 1476 Initialize success

16:25:56.0631 1476 ============================================================

16:26:03.0707 2616 ============================================================

16:26:03.0707 2616 Scan started

16:26:03.0707 2616 Mode: Manual;

16:26:03.0707 2616 ============================================================

16:26:04.0003 2616 ================ Scan services =============================

16:26:04.0175 2616 [ 1b00662092f9f9568b995902f0cc40d5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys

16:26:04.0190 2616 1394ohci - ok

16:26:04.0222 2616 [ 6f11e88748cdefd2f76aa215f97ddfe5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys

16:26:04.0222 2616 ACPI - ok

16:26:04.0237 2616 [ 63b05a0420ce4bf0e4af6dcc7cada254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys

16:26:04.0237 2616 AcpiPmi - ok

16:26:04.0346 2616 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

16:26:04.0346 2616 AdobeARMservice - ok

16:26:04.0554 2616 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

16:26:04.0564 2616 AdobeFlashPlayerUpdateSvc - ok

16:26:04.0604 2616 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

16:26:04.0614 2616 adp94xx - ok

16:26:04.0634 2616 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

16:26:04.0634 2616 adpahci - ok

16:26:04.0664 2616 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

16:26:04.0664 2616 adpu320 - ok

16:26:04.0684 2616 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

16:26:04.0694 2616 AeLookupSvc - ok

16:26:04.0754 2616 [ db9d6c6b2cd95a9ca414d045b627422e ] AFD C:\Windows\system32\drivers\afd.sys

16:26:04.0764 2616 AFD - ok

16:26:04.0804 2616 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys

16:26:04.0804 2616 agp440 - ok

16:26:04.0824 2616 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe

16:26:04.0824 2616 ALG - ok

16:26:04.0844 2616 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys

16:26:04.0844 2616 aliide - ok

16:26:04.0864 2616 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\DRIVERS\amdide.sys

16:26:04.0864 2616 amdide - ok

16:26:04.0884 2616 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

16:26:04.0884 2616 AmdK8 - ok

16:26:04.0894 2616 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

16:26:04.0894 2616 AmdPPM - ok

16:26:04.0924 2616 [ ec7ebab00a4d8448bab68d1e49b4beb9 ] amdsata C:\Windows\system32\drivers\amdsata.sys

16:26:04.0924 2616 amdsata - ok

16:26:04.0954 2616 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

16:26:04.0954 2616 amdsbs - ok

16:26:04.0974 2616 [ db27766102c7bf7e95140a2aa81d042e ] amdxata C:\Windows\system32\drivers\amdxata.sys

16:26:04.0974 2616 amdxata - ok

16:26:04.0974 2616 [ 42fd751b27fa0e9c69bb39f39e409594 ] AppID C:\Windows\system32\drivers\appid.sys

16:26:04.0984 2616 AppID - ok

16:26:05.0004 2616 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

16:26:05.0004 2616 AppIDSvc - ok

16:26:05.0024 2616 [ d065be66822847b7f127d1f90158376e ] Appinfo C:\Windows\System32\appinfo.dll

16:26:05.0024 2616 Appinfo - ok

16:26:05.0054 2616 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys

16:26:05.0054 2616 arc - ok

16:26:05.0054 2616 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

16:26:05.0054 2616 arcsas - ok

16:26:05.0074 2616 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

16:26:05.0074 2616 AsyncMac - ok

16:26:05.0094 2616 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\DRIVERS\atapi.sys

16:26:05.0094 2616 atapi - ok

16:26:05.0164 2616 [ c8679a07267f030704168e45e27c3d43 ] athr C:\Windows\system32\DRIVERS\athrx.sys

16:26:05.0174 2616 athr - ok

16:26:05.0214 2616 [ e1ffd1f7b043aef0acc9e7593043fd4c ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

16:26:05.0214 2616 AudioEndpointBuilder - ok

16:26:05.0234 2616 [ e1ffd1f7b043aef0acc9e7593043fd4c ] AudioSrv C:\Windows\System32\Audiosrv.dll

16:26:05.0234 2616 AudioSrv - ok

16:26:05.0284 2616 [ b20b5fa5ca050e9926e4d1db81501b32 ] AxInstSV C:\Windows\System32\AxInstSV.dll

16:26:05.0284 2616 AxInstSV - ok

16:26:05.0334 2616 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

16:26:05.0344 2616 b06bdrv - ok

16:26:05.0384 2616 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

16:26:05.0384 2616 b57nd60a - ok

16:26:05.0434 2616 [ a424cb46a145e5aabf15621550976df2 ] b57xdbd C:\Windows\system32\DRIVERS\b57xdbd.sys

16:26:05.0444 2616 b57xdbd - ok

16:26:05.0454 2616 [ be4e6fd5a898812b85d5817ad9754a9f ] b57xdmp C:\Windows\system32\DRIVERS\b57xdmp.sys

16:26:05.0454 2616 b57xdmp - ok

16:26:05.0474 2616 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll

16:26:05.0484 2616 BDESVC - ok

16:26:05.0494 2616 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

16:26:05.0494 2616 Beep - ok

16:26:05.0534 2616 [ 4992c609a6315671463e30f6512bc022 ] BFE C:\Windows\System32\bfe.dll

16:26:05.0534 2616 BFE - ok

16:26:05.0564 2616 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

16:26:05.0564 2616 blbdrive - ok

16:26:05.0594 2616 [ 19d20159708e152267e53b66677a4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

16:26:05.0604 2616 bowser - ok

16:26:05.0614 2616 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

16:26:05.0614 2616 BrFiltLo - ok

16:26:05.0614 2616 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

16:26:05.0624 2616 BrFiltUp - ok

16:26:05.0634 2616 [ 5c2f352a4e961d72518261257aae204b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

16:26:05.0634 2616 BridgeMP - ok

16:26:05.0644 2616 [ 94fbc06f294d58d02361918418f996e3 ] Browser C:\Windows\System32\browser.dll

16:26:05.0644 2616 Browser - ok

16:26:05.0654 2616 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys

16:26:05.0654 2616 Brserid - ok

16:26:05.0654 2616 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

16:26:05.0654 2616 BrSerWdm - ok

16:26:05.0664 2616 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

16:26:05.0664 2616 BrUsbMdm - ok

16:26:05.0664 2616 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

16:26:05.0664 2616 BrUsbSer - ok

16:26:05.0694 2616 [ 520408cfdb56de8cdb44b2f11b9c5b5c ] bScsiMSa C:\Windows\system32\DRIVERS\bScsiMSa.sys

16:26:05.0694 2616 bScsiMSa - ok

16:26:05.0724 2616 [ 9f880f03f4a72215c8b77fd51322c297 ] bScsiSDa C:\Windows\system32\DRIVERS\bScsiSDa.sys

16:26:05.0724 2616 bScsiSDa - ok

16:26:05.0774 2616 [ cf98190a94f62e405c8cb255018b2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys

16:26:05.0774 2616 BthEnum - ok

16:26:05.0794 2616 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

16:26:05.0794 2616 BTHMODEM - ok

16:26:05.0834 2616 [ 02dd601b708dd0667e1331fa8518e9ff ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

16:26:05.0834 2616 BthPan - ok

16:26:05.0874 2616 [ 21084ceb85280468c9aca3c805c0f8cf ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys

16:26:05.0884 2616 BTHPORT - ok

16:26:05.0914 2616 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll

16:26:05.0914 2616 bthserv - ok

16:26:05.0934 2616 [ 8504842634dd144c075b6b0c982ccec4 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys

16:26:05.0934 2616 BTHUSB - ok

16:26:05.0964 2616 catchme - ok

16:26:05.0994 2616 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

16:26:05.0994 2616 cdfs - ok

16:26:06.0004 2616 [ 83d2d75e1efb81b3450c18131443f7db ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

16:26:06.0004 2616 cdrom - ok

16:26:06.0044 2616 [ 312e2f82af11e79906898ac3e3d58a1f ] CertPropSvc C:\Windows\System32\certprop.dll

16:26:06.0044 2616 CertPropSvc - ok

16:26:06.0064 2616 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys

16:26:06.0064 2616 circlass - ok

16:26:06.0084 2616 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys

16:26:06.0094 2616 CLFS - ok

16:26:06.0164 2616 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:26:06.0164 2616 clr_optimization_v2.0.50727_32 - ok

16:26:06.0194 2616 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:26:06.0194 2616 clr_optimization_v2.0.50727_64 - ok

16:26:06.0244 2616 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:26:06.0254 2616 clr_optimization_v4.0.30319_32 - ok

16:26:06.0304 2616 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:26:06.0304 2616 clr_optimization_v4.0.30319_64 - ok

16:26:06.0324 2616 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

16:26:06.0324 2616 CmBatt - ok

16:26:06.0334 2616 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys

16:26:06.0334 2616 cmdide - ok

16:26:06.0384 2616 [ ca7720b73446fddec5c69519c1174c98 ] CNG C:\Windows\system32\Drivers\cng.sys

16:26:06.0384 2616 CNG - ok

16:26:06.0414 2616 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

16:26:06.0414 2616 Compbatt - ok

16:26:06.0434 2616 [ f26b3a86f6fa87ca360b879581ab4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

16:26:06.0434 2616 CompositeBus - ok

16:26:06.0444 2616 COMSysApp - ok

16:26:06.0464 2616 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

16:26:06.0464 2616 crcdisk - ok

16:26:06.0494 2616 [ f02786b66375292e58c8777082d4396d ] CryptSvc C:\Windows\system32\cryptsvc.dll

16:26:06.0494 2616 CryptSvc - ok

16:26:06.0534 2616 [ 7266972e86890e2b30c0c322e906b027 ] DcomLaunch C:\Windows\system32\rpcss.dll

16:26:06.0534 2616 DcomLaunch - ok

16:26:06.0564 2616 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll

16:26:06.0564 2616 defragsvc - ok

16:26:06.0604 2616 [ 9c253ce7311ca60fc11c774692a13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

16:26:06.0604 2616 DfsC - ok

16:26:06.0634 2616 [ ce3b9562d997f69b330d181a8875960f ] Dhcp C:\Windows\system32\dhcpcore.dll

16:26:06.0634 2616 Dhcp - ok

16:26:06.0664 2616 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys

16:26:06.0664 2616 discache - ok

16:26:06.0694 2616 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys

16:26:06.0704 2616 Disk - ok

16:26:06.0724 2616 [ 85cf424c74a1d5ec33533e1dbff9920a ] Dnscache C:\Windows\System32\dnsrslvr.dll

16:26:06.0724 2616 Dnscache - ok

16:26:06.0754 2616 [ 14452acdb09b70964c8c21bf80a13acb ] dot3svc C:\Windows\System32\dot3svc.dll

16:26:06.0764 2616 dot3svc - ok

16:26:06.0784 2616 [ 8c2ba6bea949ee6e68385f5692bafb94 ] DPS C:\Windows\system32\dps.dll

16:26:06.0784 2616 DPS - ok

16:26:06.0804 2616 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

16:26:06.0804 2616 drmkaud - ok

16:26:06.0894 2616 [ 228938f848948a0b42bf521f6829a24f ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe

16:26:06.0904 2616 DsiWMIService - ok

16:26:06.0964 2616 [ 46571ed73ae84469dca53081d33cf3c8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys

16:26:06.0974 2616 dtsoftbus01 - ok

16:26:07.0024 2616 [ 1633b9abf52784a1331476397a48cbef ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

16:26:07.0044 2616 DXGKrnl - ok

16:26:07.0084 2616 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll

16:26:07.0084 2616 EapHost - ok

16:26:07.0194 2616 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

16:26:07.0224 2616 ebdrv - ok

16:26:07.0284 2616 [ 156f6159457d0aa7e59b62681b56eb90 ] EFS C:\Windows\System32\lsass.exe

16:26:07.0284 2616 EFS - ok

16:26:07.0364 2616 [ 47c071994c3f649f23d9cd075ac9304a ] ehRecvr C:\Windows\ehome\ehRecvr.exe

16:26:07.0364 2616 ehRecvr - ok

16:26:07.0374 2616 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe

16:26:07.0384 2616 ehSched - ok

16:26:07.0424 2616 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

16:26:07.0434 2616 elxstor - ok

16:26:07.0534 2616 [ 52be4d6c72802ceedcc9997ce8d2fd85 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

16:26:07.0544 2616 ePowerSvc - ok

16:26:07.0544 2616 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys

16:26:07.0544 2616 ErrDev - ok

16:26:07.0604 2616 [ 9d8739a2a2173c9d27c499a3fc6eda3f ] ETD C:\Windows\system32\DRIVERS\ETD.sys

16:26:07.0604 2616 ETD - ok

16:26:07.0624 2616 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll

16:26:07.0624 2616 EventSystem - ok

16:26:07.0639 2616 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys

16:26:07.0639 2616 exfat - ok

16:26:07.0655 2616 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys

16:26:07.0655 2616 fastfat - ok

16:26:07.0717 2616 [ d607b2f1bee3992aa6c2c92c0a2f0855 ] Fax C:\Windows\system32\fxssvc.exe

16:26:07.0733 2616 Fax - ok

16:26:07.0733 2616 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys

16:26:07.0733 2616 fdc - ok

16:26:07.0780 2616 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll

16:26:07.0780 2616 fdPHost - ok

16:26:07.0795 2616 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

16:26:07.0795 2616 FDResPub - ok

16:26:07.0811 2616 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

16:26:07.0811 2616 FileInfo - ok

16:26:07.0811 2616 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

16:26:07.0811 2616 Filetrace - ok

16:26:07.0858 2616 [ bb0667b0171b632b97ea759515476f07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

16:26:07.0858 2616 FLEXnet Licensing Service - ok

16:26:07.0858 2616 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

16:26:07.0873 2616 flpydisk - ok

16:26:07.0889 2616 [ f7866af72abbaf84b1fa5aa195378c59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

16:26:07.0889 2616 FltMgr - ok

16:26:07.0920 2616 [ cb5e4b9c319e3c6bb363eb7e58a4a051 ] FontCache C:\Windows\system32\FntCache.dll

16:26:07.0936 2616 FontCache - ok

16:26:07.0982 2616 [ 8d89e3131c27fdd6932189cb785e1b7a ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:26:07.0982 2616 FontCache3.0.0.0 - ok

16:26:07.0998 2616 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

16:26:07.0998 2616 FsDepends - ok

16:26:08.0029 2616 [ d3e3f93d67821a2db2b3d9fac2dc2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

16:26:08.0029 2616 Fs_Rec - ok

16:26:08.0060 2616 [ ae87ba80d0ec3b57126ed2cdc15b24ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

16:26:08.0060 2616 fvevol - ok

16:26:08.0092 2616 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

16:26:08.0092 2616 gagp30kx - ok

16:26:08.0123 2616 [ fe5ab4525bc2ec68b9119a6e5d40128b ] gpsvc C:\Windows\System32\gpsvc.dll

16:26:08.0123 2616 gpsvc - ok

16:26:08.0168 2616 [ 0191dee9b9eb7902af2cf4f67301095d ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

16:26:08.0168 2616 GREGService - ok

16:26:08.0178 2616 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

16:26:08.0188 2616 hcw85cir - ok

16:26:08.0218 2616 [ 6410f6f415b2a5a9037224c41da8bf12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

16:26:08.0228 2616 HdAudAddService - ok

16:26:08.0258 2616 [ 0a49913402747a0b67de940fb42cbdbb ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

16:26:08.0258 2616 HDAudBus - ok

16:26:08.0278 2616 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

16:26:08.0278 2616 HidBatt - ok

16:26:08.0288 2616 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

16:26:08.0288 2616 HidBth - ok

16:26:08.0298 2616 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

16:26:08.0298 2616 HidIr - ok

16:26:08.0328 2616 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll

16:26:08.0328 2616 hidserv - ok

16:26:08.0358 2616 [ b3bf6b5b50006def50b66306d99fcf6f ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

16:26:08.0358 2616 HidUsb - ok

16:26:08.0378 2616 [ efa58ede58dd74388ffd04cb32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll

16:26:08.0378 2616 hkmsvc - ok

16:26:08.0408 2616 [ 046b2673767ca626e2cfb7fdf735e9e8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

16:26:08.0408 2616 HomeGroupListener - ok

16:26:08.0458 2616 [ 06a7422224d9865a5613710a089987df ] HomeGroupProvider C:\Windows\system32\provsvc.dll

16:26:08.0458 2616 HomeGroupProvider - ok

16:26:08.0468 2616 [ 0886d440058f203eba0e1825e4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys

16:26:08.0468 2616 HpSAMD - ok

16:26:08.0508 2616 [ cee049cac4efa7f4e1e4ad014414a5d4 ] HTTP C:\Windows\system32\drivers\HTTP.sys

16:26:08.0518 2616 HTTP - ok

16:26:08.0528 2616 [ f17766a19145f111856378df337a5d79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

16:26:08.0528 2616 hwpolicy - ok

16:26:08.0548 2616 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

16:26:08.0548 2616 i8042prt - ok

16:26:08.0588 2616 [ f7ce9be72edac499b713eca6dae5d26f ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

16:26:08.0588 2616 iaStor - ok

16:26:08.0648 2616 [ b25f192ea1f84a316eb7c19efcccf33d ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

16:26:08.0648 2616 IAStorDataMgrSvc - ok

16:26:08.0678 2616 [ b75e45c564e944a2657167d197ab29da ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

16:26:08.0678 2616 iaStorV - ok

16:26:08.0728 2616 [ 2f2be70d3e02b6fa877921ab9516d43c ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:26:08.0748 2616 idsvc - ok

16:26:09.0028 2616 [ 795c99dc4f574c97c03d0bb39cf099ee ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

16:26:09.0098 2616 igfx - ok

16:26:09.0108 2616 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

16:26:09.0118 2616 iirsp - ok

16:26:09.0148 2616 [ c5b4683680df085b57bc53e5ef34861f ] IKEEXT C:\Windows\System32\ikeext.dll

16:26:09.0148 2616 IKEEXT - ok

16:26:09.0258 2616 [ dd1fc331286a33f396945115ae4e5e8a ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

16:26:09.0288 2616 IntcAzAudAddService - ok

16:26:09.0338 2616 [ fc727061c0f47c8059e88e05d5c8e381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

16:26:09.0338 2616 IntcDAud - ok

16:26:09.0348 2616 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\DRIVERS\intelide.sys

16:26:09.0348 2616 intelide - ok

16:26:09.0378 2616 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

16:26:09.0378 2616 intelppm - ok

16:26:09.0398 2616 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll

16:26:09.0398 2616 IPBusEnum - ok

16:26:09.0408 2616 [ 722dd294df62483cecaae6e094b4d695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:26:09.0418 2616 IpFilterDriver - ok

16:26:09.0458 2616 [ f8e058d17363ec580e4b7232778b6cb5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

16:26:09.0468 2616 iphlpsvc - ok

16:26:09.0498 2616 [ e2b4a4494db7cb9b89b55ca268c337c5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys

16:26:09.0498 2616 IPMIDRV - ok

16:26:09.0518 2616 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

16:26:09.0528 2616 IPNAT - ok

16:26:09.0548 2616 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

16:26:09.0548 2616 IRENUM - ok

16:26:09.0548 2616 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys

16:26:09.0548 2616 isapnp - ok

16:26:09.0588 2616 [ fa4d2557de56d45b0a346f93564be6e1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

16:26:09.0598 2616 iScsiPrt - ok

16:26:09.0628 2616 [ 0469bff65bbdee9e46d0c45ee32a08bd ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys

16:26:09.0638 2616 k57nd60a - ok

16:26:09.0668 2616 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

16:26:09.0668 2616 kbdclass - ok

16:26:09.0678 2616 [ 6def98f8541e1b5dceb2c822a11f7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

16:26:09.0678 2616 kbdhid - ok

16:26:09.0688 2616 [ 156f6159457d0aa7e59b62681b56eb90 ] KeyIso C:\Windows\system32\lsass.exe

16:26:09.0698 2616 KeyIso - ok

16:26:09.0738 2616 [ 4f4b5fde429416877de7143044582eb5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

16:26:09.0738 2616 KSecDD - ok

16:26:09.0748 2616 [ 6f40465a44ecdc1731befafec5bdd03c ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

16:26:09.0758 2616 KSecPkg - ok

16:26:09.0778 2616 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

16:26:09.0778 2616 ksthunk - ok

16:26:09.0828 2616 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll

16:26:09.0838 2616 KtmRm - ok

16:26:09.0868 2616 [ 81f1d04d4d0e433099365127375fd501 ] LanmanServer C:\Windows\System32\srvsvc.dll

16:26:09.0878 2616 LanmanServer - ok

16:26:09.0898 2616 [ 27026eac8818e8a6c00a1cad2f11d29a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

16:26:09.0898 2616 LanmanWorkstation - ok

16:26:09.0928 2616 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

16:26:09.0928 2616 lltdio - ok

16:26:09.0948 2616 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll

16:26:09.0958 2616 lltdsvc - ok

16:26:09.0978 2616 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll

16:26:09.0978 2616 lmhosts - ok

16:26:10.0028 2616 [ 50c7ce53ef461870410355f1f2e7d515 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

16:26:10.0028 2616 LMS - ok

16:26:10.0058 2616 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

16:26:10.0068 2616 LSI_FC - ok

16:26:10.0068 2616 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

16:26:10.0078 2616 LSI_SAS - ok

16:26:10.0078 2616 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

16:26:10.0078 2616 LSI_SAS2 - ok

16:26:10.0088 2616 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

16:26:10.0088 2616 LSI_SCSI - ok

16:26:10.0108 2616 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys

16:26:10.0108 2616 luafv - ok

16:26:10.0138 2616 [ f84c8f1000bc11e3b7b23cbd3baff111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

16:26:10.0138 2616 Mcx2Svc - ok

16:26:10.0148 2616 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

16:26:10.0148 2616 megasas - ok

16:26:10.0158 2616 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

16:26:10.0158 2616 MegaSR - ok

16:26:10.0178 2616 [ a6518dcc42f7a6e999bb3bea8fd87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

16:26:10.0178 2616 MEIx64 - ok

16:26:10.0268 2616 Microsoft SharePoint Workspace Audit Service - ok

16:26:10.0288 2616 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll

16:26:10.0288 2616 MMCSS - ok

16:26:10.0298 2616 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys

16:26:10.0298 2616 Modem - ok

16:26:10.0308 2616 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys

16:26:10.0308 2616 monitor - ok

16:26:10.0328 2616 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

16:26:10.0328 2616 mouclass - ok

16:26:10.0338 2616 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

16:26:10.0338 2616 mouhid - ok

16:26:10.0358 2616 [ 791af66c4d0e7c90a3646066386fb571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

16:26:10.0358 2616 mountmgr - ok

16:26:10.0378 2616 [ 609d1d87649ecc19796f4d76d4c15cea ] mpio C:\Windows\system32\DRIVERS\mpio.sys

16:26:10.0378 2616 mpio - ok

16:26:10.0398 2616 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

16:26:10.0398 2616 mpsdrv - ok

16:26:10.0448 2616 [ aecab449567d1846dad63ece49e893e3 ] MpsSvc C:\Windows\system32\mpssvc.dll

16:26:10.0468 2616 MpsSvc - ok

16:26:10.0468 2616 [ 30524261bb51d96d6fcbac20c810183c ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

16:26:10.0478 2616 MRxDAV - ok

16:26:10.0498 2616 [ 040d62a9d8ad28922632137acdd984f2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

16:26:10.0498 2616 mrxsmb - ok

16:26:10.0518 2616 [ f0067552f8f9b33d7c59403ab808a3cb ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:26:10.0528 2616 mrxsmb10 - ok

16:26:10.0548 2616 [ 3c142d31de9f2f193218a53fe2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:26:10.0548 2616 mrxsmb20 - ok

16:26:10.0568 2616 [ 5c37497276e3b3a5488b23a326a754b7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys

16:26:10.0568 2616 msahci - ok

16:26:10.0578 2616 [ 8d27b597229aed79430fb9db3bcbfbd0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys

16:26:10.0578 2616 msdsm - ok

16:26:10.0598 2616 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe

16:26:10.0598 2616 MSDTC - ok

16:26:10.0608 2616 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

16:26:10.0608 2616 Msfs - ok

16:26:10.0628 2616 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

16:26:10.0628 2616 mshidkmdf - ok

16:26:10.0638 2616 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys

16:26:10.0638 2616 msisadrv - ok

16:26:10.0658 2616 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

16:26:10.0668 2616 MSiSCSI - ok

16:26:10.0668 2616 msiserver - ok

16:26:10.0688 2616 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

16:26:10.0688 2616 MSKSSRV - ok

16:26:10.0698 2616 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

16:26:10.0708 2616 MSPCLOCK - ok

16:26:10.0718 2616 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

16:26:10.0718 2616 MSPQM - ok

16:26:10.0738 2616 [ 89cb141aa8616d8c6a4610fa26c60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

16:26:10.0748 2616 MsRPC - ok

16:26:10.0768 2616 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

16:26:10.0768 2616 mssmbios - ok

16:26:10.0788 2616 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

16:26:10.0788 2616 MSTEE - ok

16:26:10.0798 2616 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

16:26:10.0798 2616 MTConfig - ok

16:26:10.0818 2616 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys

16:26:10.0818 2616 Mup - ok

16:26:10.0868 2616 [ 4987e079a4530fa737a128be54b63b12 ] napagent C:\Windows\system32\qagentRT.dll

16:26:10.0878 2616 napagent - ok

16:26:10.0908 2616 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

16:26:10.0908 2616 NativeWifiP - ok

16:26:10.0955 2616 [ a3151b3463eea7e47f618f115d0d142e ] NDIS C:\Windows\system32\drivers\ndis.sys

16:26:10.0971 2616 NDIS - ok

16:26:10.0986 2616 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

16:26:10.0986 2616 NdisCap - ok

16:26:11.0002 2616 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

16:26:11.0002 2616 NdisTapi - ok

16:26:11.0018 2616 [ f105ba1e22bf1f2ee8f005d4305e4bec ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

16:26:11.0018 2616 Ndisuio - ok

16:26:11.0033 2616 [ 557dfab9ca1fcb036ac77564c010dad3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

16:26:11.0033 2616 NdisWan - ok

16:26:11.0049 2616 [ 659b74fb74b86228d6338d643cd3e3cf ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

16:26:11.0049 2616 NDProxy - ok

16:26:11.0064 2616 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

16:26:11.0064 2616 NetBIOS - ok

16:26:11.0080 2616 [ 9162b273a44ab9dce5b44362731d062a ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

16:26:11.0080 2616 NetBT - ok

16:26:11.0096 2616 [ 156f6159457d0aa7e59b62681b56eb90 ] Netlogon C:\Windows\system32\lsass.exe

16:26:11.0096 2616 Netlogon - ok

16:26:11.0127 2616 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll

16:26:11.0127 2616 Netman - ok

16:26:11.0142 2616 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll

16:26:11.0142 2616 netprofm - ok

16:26:11.0189 2616 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:26:11.0189 2616 NetTcpPortSharing - ok

16:26:11.0205 2616 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

16:26:11.0205 2616 nfrd960 - ok

16:26:11.0252 2616 [ d9a0ce66046d6efa0c61baa885cba0a8 ] NlaSvc C:\Windows\System32\nlasvc.dll

16:26:11.0252 2616 NlaSvc - ok

16:26:11.0267 2616 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

16:26:11.0267 2616 Npfs - ok

16:26:11.0283 2616 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll

16:26:11.0283 2616 nsi - ok

16:26:11.0283 2616 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

16:26:11.0283 2616 nsiproxy - ok

16:26:11.0361 2616 [ 378e0e0dfea67d98ae6ea53adbbd76bc ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

16:26:11.0376 2616 Ntfs - ok

16:26:11.0439 2616 [ 8f59a2506af43f96f5397b3c79938ae9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

16:26:11.0454 2616 NTI IScheduleSvc - ok

16:26:11.0486 2616 [ ee3ba1024594d5d09e314f206b94069e ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys

16:26:11.0486 2616 NTIDrvr - ok

16:26:11.0486 2616 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys

16:26:11.0486 2616 Null - ok

16:26:11.0532 2616 [ 786db821bfd57c0551dbbe4f75384a7d ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys

16:26:11.0532 2616 nusb3hub - ok

16:26:11.0579 2616 [ daa8005caf745042bb427a1ed7433354 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys

16:26:11.0579 2616 nusb3xhc - ok

16:26:11.0626 2616 [ a4d9c9a608a97f59307c2f2600edc6a4 ] nvraid C:\Windows\system32\drivers\nvraid.sys

16:26:11.0626 2616 nvraid - ok

16:26:11.0642 2616 [ 6c1d5f70e7a6a3fd1c90d840edc048b9 ] nvstor C:\Windows\system32\drivers\nvstor.sys

16:26:11.0642 2616 nvstor - ok

16:26:11.0657 2616 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys

16:26:11.0657 2616 nv_agp - ok

16:26:11.0673 2616 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

16:26:11.0688 2616 ohci1394 - ok

16:26:11.0766 2616 [ 9d10f99a6712e28f8acd5641e3a7ea6b ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:26:11.0766 2616 ose - ok

16:26:11.0985 2616 [ 61bffb5f57ad12f83ab64b7181829b34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

16:26:12.0016 2616 osppsvc - ok

16:26:12.0032 2616 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

16:26:12.0047 2616 p2pimsvc - ok

16:26:12.0063 2616 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll

16:26:12.0063 2616 p2psvc - ok

16:26:12.0063 2616 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

16:26:12.0063 2616 Parport - ok

16:26:12.0094 2616 [ 90061b1acfe8ccaa5345750ffe08d8b8 ] partmgr C:\Windows\system32\drivers\partmgr.sys

16:26:12.0094 2616 partmgr - ok

16:26:12.0094 2616 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

16:26:12.0094 2616 PcaSvc - ok

16:26:12.0110 2616 [ f36f6504009f2fb0dfd1b17a116ad74b ] pci C:\Windows\system32\DRIVERS\pci.sys

16:26:12.0110 2616 pci - ok

16:26:12.0125 2616 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\DRIVERS\pciide.sys

16:26:12.0141 2616 pciide - ok

16:26:12.0141 2616 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

16:26:12.0156 2616 pcmcia - ok

16:26:12.0172 2616 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys

16:26:12.0172 2616 pcw - ok

16:26:12.0203 2616 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys

16:26:12.0203 2616 PEAUTH - ok

16:26:12.0297 2616 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe

16:26:12.0312 2616 PerfHost - ok

16:26:12.0359 2616 [ 557e9a86f65f0de18c9b6751dfe9d3f1 ] pla C:\Windows\system32\pla.dll

16:26:12.0375 2616 pla - ok

16:26:12.0406 2616 [ 98b1721b8718164293b9701b98c52d77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

16:26:12.0422 2616 PlugPlay - ok

16:26:12.0437 2616 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

16:26:12.0437 2616 PNRPAutoReg - ok

16:26:12.0453 2616 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

16:26:12.0453 2616 PNRPsvc - ok

16:26:12.0484 2616 [ 166eb40d1f5b47e615de3d0fffe5f243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

16:26:12.0484 2616 PolicyAgent - ok

16:26:12.0531 2616 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll

16:26:12.0546 2616 Power - ok

16:26:12.0562 2616 [ 27cc19e81ba5e3403c48302127bda717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

16:26:12.0562 2616 PptpMiniport - ok

16:26:12.0578 2616 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys

16:26:12.0578 2616 Processor - ok

16:26:12.0609 2616 [ 97293447431311c06703368ad0f6c4be ] ProfSvc C:\Windows\system32\profsvc.dll

16:26:12.0624 2616 ProfSvc - ok

16:26:12.0624 2616 [ 156f6159457d0aa7e59b62681b56eb90 ] ProtectedStorage C:\Windows\system32\lsass.exe

16:26:12.0624 2616 ProtectedStorage - ok

16:26:12.0656 2616 [ ee992183bd8eaefd9973f352e587a299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys

16:26:12.0656 2616 Psched - ok

16:26:12.0702 2616 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

16:26:12.0718 2616 ql2300 - ok

16:26:12.0749 2616 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

16:26:12.0749 2616 ql40xx - ok

16:26:12.0780 2616 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll

16:26:12.0780 2616 QWAVE - ok

16:26:12.0796 2616 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

16:26:12.0796 2616 QWAVEdrv - ok

16:26:12.0812 2616 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

16:26:12.0812 2616 RasAcd - ok

16:26:12.0827 2616 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

16:26:12.0827 2616 RasAgileVpn - ok

16:26:12.0843 2616 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll

16:26:12.0843 2616 RasAuto - ok

16:26:12.0858 2616 [ 87a6e852a22991580d6d39adc4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

16:26:12.0858 2616 Rasl2tp - ok

16:26:12.0890 2616 [ 47394ed3d16d053f5906efe5ab51cc83 ] RasMan C:\Windows\System32\rasmans.dll

16:26:12.0890 2616 RasMan - ok

16:26:12.0905 2616 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

16:26:12.0905 2616 RasPppoe - ok

16:26:12.0921 2616 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

16:26:12.0921 2616 RasSstp - ok

16:26:12.0936 2616 [ 3bac8142102c15d59a87757c1d41dce5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

16:26:12.0936 2616 rdbss - ok

16:26:12.0968 2616 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

16:26:12.0968 2616 rdpbus - ok

16:26:12.0968 2616 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

16:26:12.0983 2616 RDPCDD - ok

16:26:12.0999 2616 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

16:26:12.0999 2616 RDPENCDD - ok

16:26:13.0014 2616 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

16:26:13.0014 2616 RDPREFMP - ok

16:26:13.0061 2616 [ 447de7e3dea39d422c1504f245b668b1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

16:26:13.0061 2616 RDPWD - ok

16:26:13.0077 2616 [ e5dc9ba9e439d6dbdd79f8caacb5bf01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

16:26:13.0077 2616 rdyboost - ok

16:26:13.0139 2616 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll

16:26:13.0139 2616 RemoteAccess - ok

16:26:13.0155 2616 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

16:26:13.0155 2616 RemoteRegistry - ok

16:26:13.0217 2616 [ 3dd798846e2c28102b922c56e71b7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

16:26:13.0217 2616 RFCOMM - ok

16:26:13.0233 2616 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

16:26:13.0233 2616 RpcEptMapper - ok

16:26:13.0264 2616 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe

16:26:13.0264 2616 RpcLocator - ok

16:26:13.0295 2616 [ 7266972e86890e2b30c0c322e906b027 ] RpcSs C:\Windows\system32\rpcss.dll

16:26:13.0311 2616 RpcSs - ok

16:26:13.0358 2616 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

16:26:13.0358 2616 rspndr - ok

16:26:13.0373 2616 [ 156f6159457d0aa7e59b62681b56eb90 ] SamSs C:\Windows\system32\lsass.exe

16:26:13.0373 2616 SamSs - ok

16:26:13.0389 2616 [ e3bbb89983daf5622c1d50cf49f28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys

16:26:13.0389 2616 sbp2port - ok

16:26:13.0420 2616 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll

16:26:13.0420 2616 SCardSvr - ok

16:26:13.0451 2616 [ c94da20c7e3ba1dca269bc8460d98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

16:26:13.0451 2616 scfilter - ok

16:26:13.0498 2616 [ 624d0f5ff99428bb90a5b8a4123e918e ] Schedule C:\Windows\system32\schedsvc.dll

16:26:13.0514 2616 Schedule - ok

16:26:13.0545 2616 [ 312e2f82af11e79906898ac3e3d58a1f ] SCPolicySvc C:\Windows\System32\certprop.dll

16:26:13.0545 2616 SCPolicySvc - ok

16:26:13.0560 2616 [ 2c8d162efaf73abd36d8bcbb6340cae7 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

16:26:13.0560 2616 sdbus - ok

16:26:13.0576 2616 [ 765a27c3279ce11d14cb9e4f5869fca5 ] SDRSVC C:\Windows\System32\SDRSVC.dll

16:26:13.0576 2616 SDRSVC - ok

16:26:13.0592 2616 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

16:26:13.0592 2616 secdrv - ok

16:26:13.0607 2616 [ 463b386ebc70f98da5dff85f7e654346 ] seclogon C:\Windows\system32\seclogon.dll

16:26:13.0607 2616 seclogon - ok

16:26:13.0623 2616 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll

16:26:13.0623 2616 SENS - ok

16:26:13.0638 2616 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

16:26:13.0638 2616 SensrSvc - ok

16:26:13.0638 2616 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

16:26:13.0654 2616 Serenum - ok

16:26:13.0654 2616 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

16:26:13.0654 2616 Serial - ok

16:26:13.0670 2616 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

16:26:13.0670 2616 sermouse - ok

16:26:13.0685 2616 [ c3bc61ce47ff6f4e88ab8a3b429a36af ] SessionEnv C:\Windows\system32\sessenv.dll

16:26:13.0685 2616 SessionEnv - ok

16:26:13.0685 2616 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys

16:26:13.0685 2616 sffdisk - ok

16:26:13.0685 2616 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys

16:26:13.0685 2616 sffp_mmc - ok

16:26:13.0701 2616 [ 178298f767fe638c9fedcbdef58bb5e4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys

16:26:13.0701 2616 sffp_sd - ok

16:26:13.0701 2616 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

16:26:13.0701 2616 sfloppy - ok

16:26:13.0758 2616 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll

16:26:13.0768 2616 SharedAccess - ok

16:26:13.0778 2616 [ 0298ac45d0efffb2db4baa7dd186e7bf ] ShellHWDetection C:\Windows\System32\shsvcs.dll

16:26:13.0788 2616 ShellHWDetection - ok

16:26:13.0798 2616 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

16:26:13.0798 2616 SiSRaid2 - ok

16:26:13.0798 2616 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

16:26:13.0808 2616 SiSRaid4 - ok

16:26:13.0818 2616 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

16:26:13.0818 2616 Smb - ok

16:26:13.0838 2616 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe

16:26:13.0838 2616 SNMPTRAP - ok

16:26:13.0848 2616 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys

16:26:13.0848 2616 spldr - ok

16:26:13.0878 2616 [ f8e1fa03cb70d54a9892ac88b91d1e7b ] Spooler C:\Windows\System32\spoolsv.exe

16:26:13.0878 2616 Spooler - ok

16:26:13.0948 2616 [ 913d843498553a1bc8f8dbad6358e49f ] sppsvc C:\Windows\system32\sppsvc.exe

16:26:13.0968 2616 sppsvc - ok

16:26:13.0988 2616 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

16:26:13.0988 2616 sppuinotify - ok

16:26:14.0078 2616 [ a15860e920b02c9a7ce8f3a6c2ff1e3a ] sptd C:\Windows\System32\Drivers\sptd.sys

16:26:14.0088 2616 sptd - ok

16:26:14.0128 2616 [ 2408c0366d96bcdf63e8f1c78e4a29c5 ] srv C:\Windows\system32\DRIVERS\srv.sys

16:26:14.0128 2616 srv - ok

16:26:14.0158 2616 [ 76548f7b818881b47d8d1ae1be9c11f8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

16:26:14.0158 2616 srv2 - ok

16:26:14.0178 2616 [ 0af6e19d39c70844c5caa8fb0183c36e ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

16:26:14.0188 2616 srvnet - ok

16:26:14.0188 2616 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

16:26:14.0198 2616 SSDPSRV - ok

16:26:14.0208 2616 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll

16:26:14.0208 2616 SstpSvc - ok

16:26:14.0228 2616 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

16:26:14.0228 2616 stexstor - ok

16:26:14.0268 2616 [ 52d0e33b681bd0f33fdc08812fee4f7d ] stisvc C:\Windows\System32\wiaservc.dll

16:26:14.0278 2616 stisvc - ok

16:26:14.0278 2616 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

16:26:14.0278 2616 swenum - ok

16:26:14.0298 2616 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll

16:26:14.0298 2616 swprv - ok

16:26:14.0348 2616 [ 3c1284516a62078fb68f768de4f1a7be ] SysMain C:\Windows\system32\sysmain.dll

16:26:14.0358 2616 SysMain - ok

16:26:14.0408 2616 [ 238935c3cf2854886dc7cbb2a0e2cc66 ] TabletInputService C:\Windows\System32\TabSvc.dll

16:26:14.0408 2616 TabletInputService - ok

16:26:14.0418 2616 [ 884264ac597b690c5707c89723bb8e7b ] TapiSrv C:\Windows\System32\tapisrv.dll

16:26:14.0418 2616 TapiSrv - ok

16:26:14.0428 2616 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll

16:26:14.0438 2616 TBS - ok

16:26:14.0508 2616 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

16:26:14.0518 2616 Tcpip - ok

16:26:14.0638 2616 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

16:26:14.0658 2616 TCPIP6 - ok

16:26:14.0718 2616 [ 76d078af6f587b162d50210f761eb9ed ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

16:26:14.0728 2616 tcpipreg - ok

16:26:14.0748 2616 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

16:26:14.0748 2616 TDPIPE - ok

16:26:14.0768 2616 [ 7518f7bcfd4b308abc9192bacaf6c970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

16:26:14.0768 2616 TDTCP - ok

16:26:14.0798 2616 [ 079125c4b17b01fcaeebce0bcb290c0f ] tdx C:\Windows\system32\DRIVERS\tdx.sys

16:26:14.0798 2616 tdx - ok

16:26:14.0818 2616 [ c448651339196c0e869a355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

16:26:14.0818 2616 TermDD - ok

16:26:14.0848 2616 [ 0f05ec2887bfe197ad82a13287d2f404 ] TermService C:\Windows\System32\termsrv.dll

16:26:14.0858 2616 TermService - ok

16:26:14.0878 2616 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll

16:26:14.0878 2616 Themes - ok

16:26:14.0888 2616 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll

16:26:14.0888 2616 THREADORDER - ok

16:26:14.0908 2616 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll

16:26:14.0908 2616 TrkWks - ok

16:26:14.0968 2616 [ 840f7fb849f5887a49ba18c13b2da920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

16:26:14.0968 2616 TrustedInstaller - ok

16:26:14.0978 2616 [ 61b96c26131e37b24e93327a0bd1fb95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

16:26:14.0978 2616 tssecsrv - ok

16:26:15.0028 2616 [ 3836171a2cdf3af8ef10856db9835a70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

16:26:15.0028 2616 tunnel - ok

16:26:15.0088 2616 [ 48743b69ea47c020a792d8649f753f44 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys

16:26:15.0088 2616 TurboB - ok

16:26:15.0118 2616 [ 759f59e3ea3802ff23f93dcdb6fe9171 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe

16:26:15.0118 2616 TurboBoost - ok

16:26:15.0138 2616 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

16:26:15.0138 2616 uagp35 - ok

16:26:15.0158 2616 [ a17d5e1a6df4eab0a480f2c490de4c9d ] UBHelper C:\Windows\system32\drivers\UBHelper.sys

16:26:15.0158 2616 UBHelper - ok

16:26:15.0178 2616 [ d47baead86c65d4f4069d7ce0a4edceb ] udfs C:\Windows\system32\DRIVERS\udfs.sys

16:26:15.0188 2616 udfs - ok

16:26:15.0208 2616 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

16:26:15.0208 2616 UI0Detect - ok

16:26:15.0228 2616 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys

16:26:15.0228 2616 uliagpkx - ok

16:26:15.0248 2616 [ eab6c35e62b1b0db0d1b48b671d3a117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

16:26:15.0248 2616 umbus - ok

16:26:15.0268 2616 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

16:26:15.0268 2616 UmPass - ok

16:26:15.0378 2616 [ 374ebda379a8f38e0cfc2211611e7167 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

16:26:15.0408 2616 UNS - ok

16:26:15.0448 2616 [ f9ec9acd504d823d9b9ca98a4f8d3ca2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe

16:26:15.0448 2616 Updater Service - ok

16:26:15.0468 2616 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll

16:26:15.0478 2616 upnphost - ok

16:26:15.0498 2616 [ 537a4e03d7103c12d42dfd8ffdb5bdc9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

16:26:15.0498 2616 usbccgp - ok

16:26:15.0518 2616 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys

16:26:15.0518 2616 usbcir - ok

16:26:15.0538 2616 [ fbb21ebe49f6d560db37ac25fbc68e66 ] usbehci C:\Windows\system32\drivers\usbehci.sys

16:26:15.0538 2616 usbehci - ok

16:26:15.0558 2616 [ 6b7a8a99c4a459e73c286a6763ea24cc ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

16:26:15.0558 2616 usbhub - ok

16:26:15.0578 2616 [ 8c88aa7617b4cbc2e4bed61d26b33a27 ] usbohci C:\Windows\system32\drivers\usbohci.sys

16:26:15.0578 2616 usbohci - ok

16:26:15.0588 2616 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

16:26:15.0598 2616 usbprint - ok

16:26:15.0628 2616 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

16:26:15.0628 2616 usbscan - ok

16:26:15.0658 2616 [ f39983647bc1f3e6100778ddfe9dce29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:26:15.0658 2616 USBSTOR - ok

16:26:15.0668 2616 [ 0b5b3b2df3fd1709618acfa50b8392b0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

16:26:15.0668 2616 usbuhci - ok

16:26:15.0708 2616 [ 7cb8c573c6e4a2714402cc0a36eab4fe ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

16:26:15.0708 2616 usbvideo - ok

16:26:15.0758 2616 [ 70d05ee263568a742d14e1876df80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys

16:26:15.0758 2616 usb_rndisx - ok

16:26:15.0778 2616 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll

16:26:15.0778 2616 UxSms - ok

16:26:15.0793 2616 [ 156f6159457d0aa7e59b62681b56eb90 ] VaultSvc C:\Windows\system32\lsass.exe

16:26:15.0793 2616 VaultSvc - ok

16:26:15.0809 2616 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys

16:26:15.0809 2616 vdrvroot - ok

16:26:15.0840 2616 [ 44d73e0bbc1d3c8981304ba15135c2f2 ] vds C:\Windows\System32\vds.exe

16:26:15.0840 2616 vds - ok

16:26:15.0856 2616 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

16:26:15.0856 2616 vga - ok

16:26:15.0871 2616 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys

16:26:15.0871 2616 VgaSave - ok

16:26:15.0887 2616 [ c82e748660f62a242b2dfac1442f22a4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys

16:26:15.0887 2616 vhdmp - ok

16:26:15.0902 2616 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys

16:26:15.0902 2616 viaide - ok

16:26:15.0918 2616 [ 2b1a3dae2b4e70dbba822b7a03fbd4a3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys

16:26:15.0918 2616 volmgr - ok

16:26:15.0934 2616 [ 99b0cbb569ca79acaed8c91461d765fb ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

16:26:15.0934 2616 volmgrx - ok

16:26:15.0949 2616 [ 58f82eed8ca24b461441f9c3e4f0bf5c ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys

16:26:15.0949 2616 volsnap - ok

16:26:15.0965 2616 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

16:26:15.0980 2616 vsmraid - ok

16:26:16.0027 2616 [ 787898bf9fb6d7bd87a36e2d95c899ba ] VSS C:\Windows\system32\vssvc.exe

16:26:16.0027 2616 VSS - ok

16:26:16.0058 2616 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

16:26:16.0058 2616 vwifibus - ok

16:26:16.0074 2616 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

16:26:16.0074 2616 vwififlt - ok

16:26:16.0090 2616 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll

16:26:16.0090 2616 W32Time - ok

16:26:16.0090 2616 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

16:26:16.0090 2616 WacomPen - ok

16:26:16.0121 2616 [ 47ca49400643effd3f1c9a27e1d69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

16:26:16.0121 2616 WANARP - ok

16:26:16.0121 2616 [ 47ca49400643effd3f1c9a27e1d69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

16:26:16.0121 2616 Wanarpv6 - ok

16:26:16.0168 2616 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

16:26:16.0183 2616 WatAdminSvc - ok

16:26:16.0214 2616 [ 5ab1bb85bd8b5089cc5d64200dedae68 ] wbengine C:\Windows\system32\wbengine.exe

16:26:16.0230 2616 wbengine - ok

16:26:16.0246 2616 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

16:26:16.0246 2616 WbioSrvc - ok

16:26:16.0277 2616 [ dd1bae8ebfc653824d29ccf8c9054d68 ] wcncsvc C:\Windows\System32\wcncsvc.dll

16:26:16.0292 2616 wcncsvc - ok

16:26:16.0308 2616 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

16:26:16.0308 2616 WcsPlugInService - ok

16:26:16.0324 2616 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys

16:26:16.0324 2616 Wd - ok

16:26:16.0355 2616 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

16:26:16.0355 2616 Wdf01000 - ok

16:26:16.0370 2616 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll

16:26:16.0370 2616 WdiServiceHost - ok

16:26:16.0370 2616 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll

16:26:16.0386 2616 WdiSystemHost - ok

16:26:16.0417 2616 [ 733006127f235be7c35354ebee7b9a7b ] WebClient C:\Windows\System32\webclnt.dll

16:26:16.0417 2616 WebClient - ok

16:26:16.0448 2616 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll

16:26:16.0464 2616 Wecsvc - ok

16:26:16.0464 2616 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

16:26:16.0480 2616 wercplsupport - ok

16:26:16.0495 2616 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll

16:26:16.0495 2616 WerSvc - ok

16:26:16.0511 2616 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

16:26:16.0511 2616 WfpLwf - ok

16:26:16.0542 2616 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys

16:26:16.0542 2616 WIMMount - ok

16:26:16.0573 2616 WinDefend - ok

16:26:16.0589 2616 WinHttpAutoProxySvc - ok

16:26:16.0636 2616 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

16:26:16.0636 2616 Winmgmt - ok

16:26:16.0729 2616 [ 41fbb751936b387f9179e7f03a74fe29 ] WinRM C:\Windows\system32\WsmSvc.dll

16:26:16.0745 2616 WinRM - ok

16:26:16.0792 2616 [ 817eaff5d38674edd7713b9dfb8e9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

16:26:16.0792 2616 WinUsb - ok

16:26:16.0838 2616 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll

16:26:16.0854 2616 Wlansvc - ok

16:26:16.0901 2616 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

16:26:16.0901 2616 wlcrasvc - ok

16:26:16.0994 2616 [ 7e47c328fc4768cb8beafbcfafa70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

16:26:17.0026 2616 wlidsvc - ok

16:26:17.0041 2616 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

16:26:17.0041 2616 WmiAcpi - ok

16:26:17.0057 2616 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

16:26:17.0067 2616 wmiApSrv - ok

16:26:17.0087 2616 WMPNetworkSvc - ok

16:26:17.0097 2616 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll

16:26:17.0097 2616 WPCSvc - ok

16:26:17.0117 2616 [ 2e57ddf2880a7e52e76f41c7e96d327b ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

16:26:17.0127 2616 WPDBusEnum - ok

16:26:17.0127 2616 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

16:26:17.0127 2616 ws2ifsl - ok

16:26:17.0157 2616 [ 8f9f3969933c02da96eb0f84576db43e ] wscsvc C:\Windows\system32\wscsvc.dll

16:26:17.0157 2616 wscsvc - ok

16:26:17.0167 2616 WSearch - ok

16:26:17.0267 2616 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll

16:26:17.0287 2616 wuauserv - ok

16:26:17.0307 2616 [ 7cadc74271dd6461c452c271b30bd378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

16:26:17.0307 2616 WudfPf - ok

16:26:17.0357 2616 [ 3b197af0fff08aa66b6b2241ca538d64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

16:26:17.0357 2616 WUDFRd - ok

16:26:17.0377 2616 [ b551d6637aa0e132c18ac6e504f7b79b ] wudfsvc C:\Windows\System32\WUDFSvc.dll

16:26:17.0387 2616 wudfsvc - ok

16:26:17.0407 2616 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll

16:26:17.0417 2616 WwanSvc - ok

16:26:17.0447 2616 ================ Scan global ===============================

16:26:17.0477 2616 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll

16:26:17.0507 2616 (0cb6ebf4b461a6043353c570bd72a1e1) C:\Windows\system32\winsrv.dll

16:26:17.0517 2616 (0cb6ebf4b461a6043353c570bd72a1e1) C:\Windows\system32\winsrv.dll

16:26:17.0537 2616 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll

16:26:17.0577 2616 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe

16:26:17.0587 2616 [Global] - ok

16:26:17.0587 2616 ================ Scan MBR ==================================

16:26:17.0597 2616 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

16:26:18.0037 2616 \Device\Harddisk0\DR0 - ok

16:26:18.0037 2616 ================ Scan VBR ==================================

16:26:18.0037 2616 Boot (0x1200) (76c2f8ce5610acec54a19456ee52d8ee) \Device\Harddisk0\DR0\Partition1

16:26:18.0037 2616 \Device\Harddisk0\DR0\Partition1 - ok

16:26:18.0057 2616 Boot (0x1200) (ebe5245d94395090c926254bc7ed3338) \Device\Harddisk0\DR0\Partition2

16:26:18.0057 2616 \Device\Harddisk0\DR0\Partition2 - ok

16:26:18.0057 2616 ============================================================

16:26:18.0057 2616 Scan finished

16:26:18.0057 2616 ============================================================

16:26:18.0057 3632 Detected object count: 0

16:26:18.0057 3632 Actual detected object count: 0

[kape]

En krijg je van AVG nu nog meldingen over een Trojaantje ?