Trojans

[EnzoD]

Ik ging even scannen met mbam en kwam deze trojan tegen.

Mbam log

Malwarebytes Anti-Malware 1.65.0.1400

Malwarebytes : Free anti-malware download

Databaseversie: v2012.10.06.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Enzo :: ENZO-PC [administrator]

6/10/2012 21:47:45

mbam-log-2012-10-06 (21-50-05).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 222248

Verstreken tijd: 2 minuut/minuten, 5 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 1

C:\Program Files (x86)\Steam\bin\avutil-51.dll (Trojan.Fakesig) -> Geen actie ondernomen.

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 1

C:\Program Files (x86)\Steam\bin\avutil-51.dll (Trojan.Fakesig) -> Geen actie ondernomen.

(einde)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:51:10, on 6/10/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Enzo\Desktop\HijackThis.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [ROC_ROC_NT] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - Global Startup: WiFi Station.lnk = C:\Program Files (x86)\Hercules\WiFi Station\WiFiStation.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11971 bytes

[kape]

Bij Malwarebytes heb je blijkbaar niet gekozen om de Trojan te verwijderen. "Geen actie ondernomen" lijkt alvast in die richting te wijzen. Herhaal Malwarebytes nog eens en kies nu wél voor "verwijderen".

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

[EnzoD]

Bedankt Kape om te antwoorden maar die trojans blijven zelfs al verwijder ik die en start ik pc opnieuw op ze blijven.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:25:29, on 7/10/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Users\Enzo\Desktop\HijackThis.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [ROC_ROC_NT] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: WiFi Station.lnk = C:\Program Files (x86)\Hercules\WiFi Station\WiFiStation.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12148 bytes

[kape]

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

[EnzoD]

21:04:51.0908 6516 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24

21:04:52.0005 6516 ============================================================

21:04:52.0005 6516 Current date / time: 2012/10/07 21:04:52.0005

21:04:52.0005 6516 SystemInfo:

21:04:52.0005 6516

21:04:52.0005 6516 OS Version: 6.1.7601 ServicePack: 1.0

21:04:52.0005 6516 Product type: Workstation

21:04:52.0005 6516 ComputerName: ENZO-PC

21:04:52.0005 6516 UserName: Enzo

21:04:52.0005 6516 Windows directory: C:\Windows

21:04:52.0005 6516 System windows directory: C:\Windows

21:04:52.0005 6516 Running under WOW64

21:04:52.0005 6516 Processor architecture: Intel x64

21:04:52.0005 6516 Number of processors: 8

21:04:52.0005 6516 Page size: 0x1000

21:04:52.0005 6516 Boot type: Normal boot

21:04:52.0005 6516 ============================================================

21:04:52.0448 6516 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:04:52.0464 6516 ============================================================

21:04:52.0464 6516 \Device\Harddisk0\DR0:

21:04:52.0465 6516 MBR partitions:

21:04:52.0465 6516 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

21:04:52.0465 6516 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6E0D3800

21:04:52.0465 6516 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6E106000, BlocksNum 0x6400000

21:04:52.0465 6516 ============================================================

21:04:52.0478 6516 C: <-> \Device\Harddisk0\DR0\Partition2

21:04:52.0511 6516 D: <-> \Device\Harddisk0\DR0\Partition3

21:04:52.0511 6516 ============================================================

21:04:52.0512 6516 Initialize success

21:04:52.0512 6516 ============================================================

21:05:00.0996 1700 ============================================================

21:05:00.0996 1700 Scan started

21:05:00.0996 1700 Mode: Manual;

21:05:00.0996 1700 ============================================================

21:05:01.0751 1700 ================ Scan system memory ========================

21:05:01.0752 1700 System memory - ok

21:05:01.0752 1700 ================ Scan services =============================

21:05:01.0886 1700 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

21:05:01.0891 1700 1394ohci - ok

21:05:01.0915 1700 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

21:05:01.0920 1700 ACPI - ok

21:05:01.0944 1700 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

21:05:01.0947 1700 AcpiPmi - ok

21:05:02.0070 1700 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

21:05:02.0071 1700 AdobeARMservice - ok

21:05:02.0122 1700 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

21:05:02.0124 1700 AdobeFlashPlayerUpdateSvc - ok

21:05:02.0141 1700 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

21:05:02.0147 1700 adp94xx - ok

21:05:02.0175 1700 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

21:05:02.0180 1700 adpahci - ok

21:05:02.0200 1700 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

21:05:02.0204 1700 adpu320 - ok

21:05:02.0227 1700 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

21:05:02.0229 1700 AeLookupSvc - ok

21:05:02.0261 1700 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

21:05:02.0267 1700 AFD - ok

21:05:02.0283 1700 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

21:05:02.0286 1700 agp440 - ok

21:05:02.0296 1700 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

21:05:02.0299 1700 ALG - ok

21:05:02.0320 1700 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

21:05:02.0322 1700 aliide - ok

21:05:02.0338 1700 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

21:05:02.0347 1700 amdide - ok

21:05:02.0375 1700 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

21:05:02.0377 1700 AmdK8 - ok

21:05:02.0400 1700 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

21:05:02.0403 1700 AmdPPM - ok

21:05:02.0431 1700 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

21:05:02.0435 1700 amdsata - ok

21:05:02.0460 1700 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

21:05:02.0463 1700 amdsbs - ok

21:05:02.0477 1700 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

21:05:02.0479 1700 amdxata - ok

21:05:02.0501 1700 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

21:05:02.0505 1700 AppID - ok

21:05:02.0515 1700 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

21:05:02.0517 1700 AppIDSvc - ok

21:05:02.0532 1700 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

21:05:02.0535 1700 Appinfo - ok

21:05:02.0576 1700 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

21:05:02.0577 1700 Apple Mobile Device - ok

21:05:02.0591 1700 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

21:05:02.0593 1700 arc - ok

21:05:02.0603 1700 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

21:05:02.0606 1700 arcsas - ok

21:05:02.0619 1700 [ D6D2BB2F4F5868549DDE75F3146BC84E ] asmthub3 C:\Windows\system32\drivers\asmthub3.sys

21:05:02.0620 1700 asmthub3 - ok

21:05:02.0643 1700 [ 1E758172367DC2A3653F16586D62A3F0 ] asmtxhci C:\Windows\system32\drivers\asmtxhci.sys

21:05:02.0649 1700 asmtxhci - ok

21:05:02.0713 1700 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

21:05:02.0714 1700 aspnet_state - ok

21:05:02.0729 1700 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

21:05:02.0732 1700 AsyncMac - ok

21:05:02.0757 1700 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

21:05:02.0759 1700 atapi - ok

21:05:02.0775 1700 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

21:05:02.0782 1700 AudioEndpointBuilder - ok

21:05:02.0791 1700 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

21:05:02.0795 1700 AudioSrv - ok

21:05:02.0960 1700 [ 1D7D0D5D33D8B1507EC5FBFE332E5657 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

21:05:02.0978 1700 AVGIDSAgent - ok

21:05:03.0001 1700 [ 5FD4D6C35738899905E16E5284981427 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys

21:05:03.0003 1700 AVGIDSDriver - ok

21:05:03.0013 1700 [ 132251CBBB95062E12FF21E212EB8FB4 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys

21:05:03.0015 1700 AVGIDSHA - ok

21:05:03.0045 1700 [ 996FCACE7A8EFD926C8BB2C70A40C83F ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys

21:05:03.0047 1700 Avgldx64 - ok

21:05:03.0074 1700 [ 3E0E2D8CD63C58A37CF81704E83459DD ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys

21:05:03.0077 1700 Avgloga - ok

21:05:03.0112 1700 [ DC353C527816297BD11B13EA60C9BE75 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys

21:05:03.0114 1700 Avgmfx64 - ok

21:05:03.0139 1700 [ 639CBC2F67FB25F9AB31957D9BF5CF8F ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys

21:05:03.0142 1700 Avgrkx64 - ok

21:05:03.0155 1700 [ 1917293728A872BF520952F69E024FE6 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys

21:05:03.0158 1700 Avgtdia - ok

21:05:03.0169 1700 [ DE24B2CA078FC6A7EAA53B1DFD3F61CF ] avgtp C:\Windows\system32\drivers\avgtpx64.sys

21:05:03.0172 1700 avgtp - ok

21:05:03.0190 1700 [ 42F11F37CC06D9AB6528AF2E215B8799 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

21:05:03.0192 1700 avgwd - ok

21:05:03.0201 1700 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

21:05:03.0204 1700 AxInstSV - ok

21:05:03.0226 1700 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

21:05:03.0231 1700 b06bdrv - ok

21:05:03.0244 1700 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

21:05:03.0248 1700 b57nd60a - ok

21:05:03.0263 1700 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

21:05:03.0266 1700 BDESVC - ok

21:05:03.0282 1700 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

21:05:03.0284 1700 Beep - ok

21:05:03.0312 1700 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

21:05:03.0319 1700 BFE - ok

21:05:03.0340 1700 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

21:05:03.0373 1700 BITS - ok

21:05:03.0403 1700 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

21:05:03.0406 1700 blbdrive - ok

21:05:03.0468 1700 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

21:05:03.0472 1700 Bonjour Service - ok

21:05:03.0499 1700 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

21:05:03.0502 1700 bowser - ok

21:05:03.0524 1700 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

21:05:03.0526 1700 BrFiltLo - ok

21:05:03.0545 1700 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

21:05:03.0553 1700 BrFiltUp - ok

21:05:03.0564 1700 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

21:05:03.0567 1700 Browser - ok

21:05:03.0579 1700 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

21:05:03.0584 1700 Brserid - ok

21:05:03.0596 1700 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

21:05:03.0599 1700 BrSerWdm - ok

21:05:03.0622 1700 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

21:05:03.0625 1700 BrUsbMdm - ok

21:05:03.0642 1700 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

21:05:03.0644 1700 BrUsbSer - ok

21:05:03.0654 1700 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

21:05:03.0657 1700 BTHMODEM - ok

21:05:03.0675 1700 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

21:05:03.0677 1700 bthserv - ok

21:05:03.0697 1700 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

21:05:03.0700 1700 cdfs - ok

21:05:03.0711 1700 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

21:05:03.0713 1700 cdrom - ok

21:05:03.0735 1700 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

21:05:03.0738 1700 CertPropSvc - ok

21:05:03.0755 1700 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

21:05:03.0758 1700 circlass - ok

21:05:03.0772 1700 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

21:05:03.0776 1700 CLFS - ok

21:05:03.0816 1700 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:05:03.0819 1700 clr_optimization_v2.0.50727_32 - ok

21:05:03.0841 1700 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

21:05:03.0844 1700 clr_optimization_v2.0.50727_64 - ok

21:05:03.0892 1700 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:05:03.0894 1700 clr_optimization_v4.0.30319_32 - ok

21:05:03.0912 1700 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

21:05:03.0928 1700 clr_optimization_v4.0.30319_64 - ok

21:05:03.0939 1700 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

21:05:03.0948 1700 CmBatt - ok

21:05:03.0968 1700 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

21:05:03.0970 1700 cmdide - ok

21:05:03.0992 1700 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

21:05:03.0997 1700 CNG - ok

21:05:04.0004 1700 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

21:05:04.0006 1700 Compbatt - ok

21:05:04.0018 1700 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

21:05:04.0020 1700 CompositeBus - ok

21:05:04.0023 1700 COMSysApp - ok

21:05:04.0039 1700 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

21:05:04.0041 1700 crcdisk - ok

21:05:04.0062 1700 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

21:05:04.0065 1700 CryptSvc - ok

21:05:04.0095 1700 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

21:05:04.0101 1700 DcomLaunch - ok

21:05:04.0110 1700 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

21:05:04.0114 1700 defragsvc - ok

21:05:04.0125 1700 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

21:05:04.0128 1700 DfsC - ok

21:05:04.0143 1700 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

21:05:04.0147 1700 Dhcp - ok

21:05:04.0151 1700 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

21:05:04.0152 1700 discache - ok

21:05:04.0187 1700 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

21:05:04.0190 1700 Disk - ok

21:05:04.0216 1700 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

21:05:04.0219 1700 Dnscache - ok

21:05:04.0231 1700 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

21:05:04.0235 1700 dot3svc - ok

21:05:04.0240 1700 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

21:05:04.0242 1700 DPS - ok

21:05:04.0269 1700 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

21:05:04.0271 1700 drmkaud - ok

21:05:04.0289 1700 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

21:05:04.0299 1700 DXGKrnl - ok

21:05:04.0320 1700 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

21:05:04.0323 1700 EapHost - ok

21:05:04.0368 1700 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

21:05:04.0415 1700 ebdrv - ok

21:05:04.0435 1700 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

21:05:04.0437 1700 EFS - ok

21:05:04.0464 1700 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

21:05:04.0470 1700 ehRecvr - ok

21:05:04.0477 1700 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

21:05:04.0480 1700 ehSched - ok

21:05:04.0498 1700 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

21:05:04.0504 1700 elxstor - ok

21:05:04.0523 1700 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

21:05:04.0525 1700 ErrDev - ok

21:05:04.0547 1700 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

21:05:04.0551 1700 EventSystem - ok

21:05:04.0561 1700 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

21:05:04.0564 1700 exfat - ok

21:05:04.0580 1700 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

21:05:04.0583 1700 fastfat - ok

21:05:04.0602 1700 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

21:05:04.0610 1700 Fax - ok

21:05:04.0626 1700 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

21:05:04.0628 1700 fdc - ok

21:05:04.0637 1700 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

21:05:04.0639 1700 fdPHost - ok

21:05:04.0645 1700 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

21:05:04.0647 1700 FDResPub - ok

21:05:04.0654 1700 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

21:05:04.0657 1700 FileInfo - ok

21:05:04.0662 1700 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

21:05:04.0664 1700 Filetrace - ok

21:05:04.0671 1700 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

21:05:04.0673 1700 flpydisk - ok

21:05:04.0679 1700 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

21:05:04.0683 1700 FltMgr - ok

21:05:04.0707 1700 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

21:05:04.0724 1700 FontCache - ok

21:05:04.0753 1700 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

21:05:04.0755 1700 FontCache3.0.0.0 - ok

21:05:04.0766 1700 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

21:05:04.0768 1700 FsDepends - ok

21:05:04.0789 1700 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

21:05:04.0791 1700 Fs_Rec - ok

21:05:04.0796 1700 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

21:05:04.0799 1700 fvevol - ok

21:05:04.0807 1700 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

21:05:04.0810 1700 gagp30kx - ok

21:05:04.0833 1700 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

21:05:04.0834 1700 GEARAspiWDM - ok

21:05:04.0857 1700 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

21:05:04.0865 1700 gpsvc - ok

21:05:04.0908 1700 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:05:04.0909 1700 gupdate - ok

21:05:04.0913 1700 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:05:04.0914 1700 gupdatem - ok

21:05:04.0925 1700 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

21:05:04.0928 1700 hcw85cir - ok

21:05:04.0951 1700 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

21:05:04.0955 1700 HdAudAddService - ok

21:05:04.0970 1700 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

21:05:04.0972 1700 HDAudBus - ok

21:05:04.0993 1700 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

21:05:04.0995 1700 HidBatt - ok

21:05:05.0007 1700 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

21:05:05.0010 1700 HidBth - ok

21:05:05.0020 1700 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

21:05:05.0022 1700 HidIr - ok

21:05:05.0032 1700 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

21:05:05.0033 1700 hidserv - ok

21:05:05.0057 1700 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

21:05:05.0059 1700 HidUsb - ok

21:05:05.0084 1700 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

21:05:05.0087 1700 hkmsvc - ok

21:05:05.0096 1700 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

21:05:05.0101 1700 HomeGroupListener - ok

21:05:05.0113 1700 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

21:05:05.0117 1700 HomeGroupProvider - ok

21:05:05.0127 1700 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

21:05:05.0130 1700 HpSAMD - ok

21:05:05.0147 1700 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

21:05:05.0155 1700 HTTP - ok

21:05:05.0169 1700 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

21:05:05.0170 1700 hwpolicy - ok

21:05:05.0189 1700 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

21:05:05.0192 1700 i8042prt - ok

21:05:05.0206 1700 [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor C:\Windows\system32\drivers\iaStor.sys

21:05:05.0209 1700 iaStor - ok

21:05:05.0249 1700 [ 545462D0DBE24AF379BA869B7C185CCD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

21:05:05.0250 1700 IAStorDataMgrSvc - ok

21:05:05.0270 1700 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

21:05:05.0276 1700 iaStorV - ok

21:05:05.0306 1700 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

21:05:05.0313 1700 idsvc - ok

21:05:05.0390 1700 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

21:05:05.0452 1700 igfx - ok

21:05:05.0475 1700 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

21:05:05.0477 1700 iirsp - ok

21:05:05.0495 1700 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

21:05:05.0502 1700 IKEEXT - ok

21:05:05.0582 1700 [ 21F54139C93FC595902B58ED947D47D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

21:05:05.0638 1700 IntcAzAudAddService - ok

21:05:05.0685 1700 [ 0043EC20C06FD9FE339B5D37474B731E ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

21:05:05.0688 1700 Intel® Capability Licensing Service Interface - ok

21:05:05.0709 1700 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

21:05:05.0710 1700 intelide - ok

21:05:05.0719 1700 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

21:05:05.0720 1700 intelppm - ok

21:05:05.0729 1700 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

21:05:05.0731 1700 IPBusEnum - ok

21:05:05.0744 1700 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:05:05.0747 1700 IpFilterDriver - ok

21:05:05.0763 1700 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

21:05:05.0768 1700 iphlpsvc - ok

21:05:05.0789 1700 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

21:05:05.0791 1700 IPMIDRV - ok

21:05:05.0794 1700 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

21:05:05.0796 1700 IPNAT - ok

21:05:05.0822 1700 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

21:05:05.0826 1700 iPod Service - ok

21:05:05.0842 1700 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

21:05:05.0844 1700 IRENUM - ok

21:05:05.0856 1700 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

21:05:05.0857 1700 isapnp - ok

21:05:05.0867 1700 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

21:05:05.0870 1700 iScsiPrt - ok

21:05:05.0885 1700 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

21:05:05.0886 1700 kbdclass - ok

21:05:05.0903 1700 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

21:05:05.0905 1700 kbdhid - ok

21:05:05.0918 1700 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

21:05:05.0919 1700 KeyIso - ok

21:05:05.0943 1700 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

21:05:05.0945 1700 KSecDD - ok

21:05:05.0955 1700 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

21:05:05.0958 1700 KSecPkg - ok

21:05:05.0965 1700 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

21:05:05.0967 1700 ksthunk - ok

21:05:05.0979 1700 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

21:05:05.0985 1700 KtmRm - ok

21:05:06.0003 1700 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

21:05:06.0006 1700 LanmanServer - ok

21:05:06.0026 1700 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

21:05:06.0029 1700 LanmanWorkstation - ok

21:05:06.0044 1700 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

21:05:06.0045 1700 lltdio - ok

21:05:06.0055 1700 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

21:05:06.0058 1700 lltdsvc - ok

21:05:06.0066 1700 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

21:05:06.0068 1700 lmhosts - ok

21:05:06.0105 1700 [ EE41A1785162D3C1DB7A574D9BC2019D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

21:05:06.0106 1700 LMS - ok

21:05:06.0120 1700 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

21:05:06.0122 1700 LSI_FC - ok

21:05:06.0136 1700 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

21:05:06.0138 1700 LSI_SAS - ok

21:05:06.0152 1700 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

21:05:06.0154 1700 LSI_SAS2 - ok

21:05:06.0163 1700 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

21:05:06.0166 1700 LSI_SCSI - ok

21:05:06.0173 1700 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

21:05:06.0175 1700 luafv - ok

21:05:06.0184 1700 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

21:05:06.0187 1700 Mcx2Svc - ok

21:05:06.0201 1700 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

21:05:06.0202 1700 megasas - ok

21:05:06.0229 1700 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

21:05:06.0234 1700 MegaSR - ok

21:05:06.0254 1700 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys

21:05:06.0256 1700 MEIx64 - ok

21:05:06.0277 1700 [ 8A43D23ACE2E8C95A2D87B6E9599DEDA ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

21:05:06.0278 1700 MemeoBackgroundService - ok

21:05:06.0327 1700 Microsoft SharePoint Workspace Audit Service - ok

21:05:06.0338 1700 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

21:05:06.0341 1700 MMCSS - ok

21:05:06.0350 1700 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

21:05:06.0352 1700 Modem - ok

21:05:06.0361 1700 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

21:05:06.0362 1700 monitor - ok

21:05:06.0376 1700 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

21:05:06.0378 1700 mouclass - ok

21:05:06.0398 1700 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

21:05:06.0399 1700 mouhid - ok

21:05:06.0411 1700 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

21:05:06.0414 1700 mountmgr - ok

21:05:06.0423 1700 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

21:05:06.0426 1700 mpio - ok

21:05:06.0432 1700 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

21:05:06.0434 1700 mpsdrv - ok

21:05:06.0450 1700 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

21:05:06.0459 1700 MpsSvc - ok

21:05:06.0467 1700 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

21:05:06.0469 1700 MRxDAV - ok

21:05:06.0492 1700 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

21:05:06.0494 1700 mrxsmb - ok

21:05:06.0504 1700 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:05:06.0507 1700 mrxsmb10 - ok

21:05:06.0520 1700 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:05:06.0523 1700 mrxsmb20 - ok

21:05:06.0537 1700 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

21:05:06.0539 1700 msahci - ok

21:05:06.0552 1700 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

21:05:06.0554 1700 msdsm - ok

21:05:06.0562 1700 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

21:05:06.0565 1700 MSDTC - ok

21:05:06.0581 1700 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

21:05:06.0583 1700 Msfs - ok

21:05:06.0590 1700 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

21:05:06.0592 1700 mshidkmdf - ok

21:05:06.0602 1700 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

21:05:06.0604 1700 msisadrv - ok

21:05:06.0618 1700 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

21:05:06.0621 1700 MSiSCSI - ok

21:05:06.0624 1700 msiserver - ok

21:05:06.0633 1700 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

21:05:06.0635 1700 MSKSSRV - ok

21:05:06.0639 1700 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

21:05:06.0640 1700 MSPCLOCK - ok

21:05:06.0652 1700 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

21:05:06.0653 1700 MSPQM - ok

21:05:06.0669 1700 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

21:05:06.0673 1700 MsRPC - ok

21:05:06.0692 1700 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

21:05:06.0693 1700 mssmbios - ok

21:05:06.0723 1700 MSSQL$SQLEXPRESS - ok

21:05:06.0764 1700 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

21:05:06.0765 1700 MSSQLServerADHelper100 - ok

21:05:06.0773 1700 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

21:05:06.0775 1700 MSTEE - ok

21:05:06.0787 1700 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

21:05:06.0789 1700 MTConfig - ok

21:05:06.0798 1700 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

21:05:06.0800 1700 Mup - ok

21:05:06.0816 1700 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

21:05:06.0822 1700 napagent - ok

21:05:06.0849 1700 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

21:05:06.0852 1700 NativeWifiP - ok

21:05:06.0889 1700 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

21:05:06.0900 1700 NDIS - ok

21:05:06.0912 1700 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

21:05:06.0915 1700 NdisCap - ok

21:05:06.0925 1700 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

21:05:06.0927 1700 NdisTapi - ok

21:05:06.0941 1700 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

21:05:06.0943 1700 Ndisuio - ok

21:05:06.0951 1700 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

21:05:06.0954 1700 NdisWan - ok

21:05:06.0963 1700 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

21:05:06.0966 1700 NDProxy - ok

21:05:06.0972 1700 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

21:05:06.0974 1700 NetBIOS - ok

21:05:06.0987 1700 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

21:05:06.0990 1700 NetBT - ok

21:05:07.0001 1700 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

21:05:07.0003 1700 Netlogon - ok

21:05:07.0014 1700 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

21:05:07.0020 1700 Netman - ok

21:05:07.0052 1700 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:05:07.0054 1700 NetMsmqActivator - ok

21:05:07.0059 1700 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:05:07.0060 1700 NetPipeActivator - ok

21:05:07.0080 1700 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

21:05:07.0087 1700 netprofm - ok

21:05:07.0122 1700 [ B69D6BB680C85243AF0263B3E01D5E77 ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys

21:05:07.0130 1700 netr7364 - ok

21:05:07.0135 1700 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:05:07.0137 1700 NetTcpActivator - ok

21:05:07.0141 1700 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:05:07.0142 1700 NetTcpPortSharing - ok

21:05:07.0174 1700 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

21:05:07.0176 1700 nfrd960 - ok

21:05:07.0191 1700 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

21:05:07.0196 1700 NlaSvc - ok

21:05:07.0204 1700 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

21:05:07.0207 1700 Npfs - ok

21:05:07.0218 1700 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

21:05:07.0222 1700 nsi - ok

21:05:07.0234 1700 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

21:05:07.0235 1700 nsiproxy - ok

21:05:07.0278 1700 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

21:05:07.0304 1700 Ntfs - ok

21:05:07.0317 1700 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

21:05:07.0320 1700 Null - ok

21:05:07.0362 1700 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys

21:05:07.0367 1700 NVENETFD - ok

21:05:07.0404 1700 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys

21:05:07.0413 1700 NVHDA - ok

21:05:07.0593 1700 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

21:05:07.0767 1700 nvlddmkm - ok

21:05:07.0790 1700 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

21:05:07.0791 1700 nvraid - ok

21:05:07.0797 1700 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

21:05:07.0798 1700 nvstor - ok

21:05:07.0856 1700 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

21:05:07.0866 1700 nvUpdatusService - ok

21:05:07.0895 1700 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

21:05:07.0906 1700 nv_agp - ok

21:05:07.0929 1700 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

21:05:07.0932 1700 ohci1394 - ok

21:05:07.0988 1700 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:05:07.0991 1700 ose64 - ok

21:05:08.0088 1700 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

21:05:08.0145 1700 osppsvc - ok

21:05:08.0169 1700 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

21:05:08.0172 1700 p2pimsvc - ok

21:05:08.0184 1700 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

21:05:08.0189 1700 p2psvc - ok

21:05:08.0207 1700 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

21:05:08.0210 1700 Parport - ok

21:05:08.0224 1700 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

21:05:08.0227 1700 partmgr - ok

21:05:08.0233 1700 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

21:05:08.0237 1700 PcaSvc - ok

21:05:08.0243 1700 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

21:05:08.0246 1700 pci - ok

21:05:08.0262 1700 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

21:05:08.0263 1700 pciide - ok

21:05:08.0282 1700 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

21:05:08.0285 1700 pcmcia - ok

21:05:08.0309 1700 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

21:05:08.0310 1700 pcw - ok

21:05:08.0322 1700 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

21:05:08.0328 1700 PEAUTH - ok

21:05:08.0374 1700 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

21:05:08.0375 1700 PerfHost - ok

21:05:08.0402 1700 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

21:05:08.0420 1700 pla - ok

21:05:08.0450 1700 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

21:05:08.0455 1700 PlugPlay - ok

21:05:08.0461 1700 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

21:05:08.0464 1700 PNRPAutoReg - ok

21:05:08.0469 1700 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

21:05:08.0471 1700 PNRPsvc - ok

21:05:08.0491 1700 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

21:05:08.0495 1700 PolicyAgent - ok

21:05:08.0516 1700 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

21:05:08.0518 1700 Power - ok

21:05:08.0537 1700 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

21:05:08.0540 1700 PptpMiniport - ok

21:05:08.0550 1700 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

21:05:08.0552 1700 Processor - ok

21:05:08.0570 1700 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

21:05:08.0573 1700 ProfSvc - ok

21:05:08.0585 1700 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

21:05:08.0586 1700 ProtectedStorage - ok

21:05:08.0612 1700 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

21:05:08.0613 1700 Psched - ok

21:05:08.0639 1700 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

21:05:08.0656 1700 ql2300 - ok

21:05:08.0665 1700 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

21:05:08.0667 1700 ql40xx - ok

21:05:08.0681 1700 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

21:05:08.0685 1700 QWAVE - ok

21:05:08.0698 1700 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

21:05:08.0700 1700 QWAVEdrv - ok

21:05:08.0710 1700 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

21:05:08.0711 1700 RasAcd - ok

21:05:08.0732 1700 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

21:05:08.0733 1700 RasAgileVpn - ok

21:05:08.0742 1700 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

21:05:08.0745 1700 RasAuto - ok

21:05:08.0751 1700 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

21:05:08.0753 1700 Rasl2tp - ok

21:05:08.0762 1700 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

21:05:08.0766 1700 RasMan - ok

21:05:08.0773 1700 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

21:05:08.0775 1700 RasPppoe - ok

21:05:08.0778 1700 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

21:05:08.0779 1700 RasSstp - ok

21:05:08.0784 1700 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

21:05:08.0787 1700 rdbss - ok

21:05:08.0802 1700 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

21:05:08.0804 1700 rdpbus - ok

21:05:08.0815 1700 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

21:05:08.0816 1700 RDPCDD - ok

21:05:08.0820 1700 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

21:05:08.0820 1700 RDPENCDD - ok

21:05:08.0824 1700 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

21:05:08.0825 1700 RDPREFMP - ok

21:05:08.0849 1700 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

21:05:08.0852 1700 RDPWD - ok

21:05:08.0864 1700 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

21:05:08.0867 1700 rdyboost - ok

21:05:08.0875 1700 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

21:05:08.0878 1700 RemoteAccess - ok

21:05:08.0885 1700 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

21:05:08.0888 1700 RemoteRegistry - ok

21:05:08.0894 1700 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

21:05:08.0897 1700 RpcEptMapper - ok

21:05:08.0903 1700 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

21:05:08.0905 1700 RpcLocator - ok

21:05:08.0919 1700 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

21:05:08.0922 1700 RpcSs - ok

21:05:08.0945 1700 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys

21:05:08.0948 1700 RsFx0103 - ok

21:05:08.0962 1700 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

21:05:08.0964 1700 rspndr - ok

21:05:09.0002 1700 [ 39A719875F572241C585A629EE62EB14 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

21:05:09.0008 1700 RTL8167 - ok

21:05:09.0044 1700 [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys

21:05:09.0050 1700 RTL8192su - ok

21:05:09.0060 1700 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

21:05:09.0060 1700 SamSs - ok

21:05:09.0083 1700 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

21:05:09.0084 1700 sbp2port - ok

21:05:09.0092 1700 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

21:05:09.0095 1700 SCardSvr - ok

21:05:09.0120 1700 [ B2F50286DC82B93C013E3FC57BA1A956 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys

21:05:09.0128 1700 SCDEmu - ok

21:05:09.0139 1700 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

21:05:09.0140 1700 scfilter - ok

21:05:09.0158 1700 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

21:05:09.0170 1700 Schedule - ok

21:05:09.0193 1700 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

21:05:09.0193 1700 SCPolicySvc - ok

21:05:09.0202 1700 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

21:05:09.0205 1700 SDRSVC - ok

21:05:09.0215 1700 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

21:05:09.0216 1700 secdrv - ok

21:05:09.0227 1700 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

21:05:09.0230 1700 seclogon - ok

21:05:09.0235 1700 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

21:05:09.0237 1700 SENS - ok

21:05:09.0248 1700 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

21:05:09.0251 1700 SensrSvc - ok

21:05:09.0263 1700 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys

21:05:09.0264 1700 Serenum - ok

21:05:09.0291 1700 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys

21:05:09.0295 1700 Serial - ok

21:05:09.0315 1700 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

21:05:09.0318 1700 sermouse - ok

21:05:09.0339 1700 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

21:05:09.0344 1700 SessionEnv - ok

21:05:09.0363 1700 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

21:05:09.0365 1700 sffdisk - ok

21:05:09.0376 1700 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

21:05:09.0378 1700 sffp_mmc - ok

21:05:09.0384 1700 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

21:05:09.0386 1700 sffp_sd - ok

21:05:09.0399 1700 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

21:05:09.0401 1700 sfloppy - ok

21:05:09.0418 1700 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

21:05:09.0422 1700 SharedAccess - ok

21:05:09.0434 1700 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

21:05:09.0439 1700 ShellHWDetection - ok

21:05:09.0451 1700 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

21:05:09.0453 1700 SiSRaid2 - ok

21:05:09.0467 1700 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

21:05:09.0470 1700 SiSRaid4 - ok

21:05:09.0485 1700 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

21:05:09.0487 1700 Smb - ok

21:05:09.0496 1700 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

21:05:09.0498 1700 SNMPTRAP - ok

21:05:09.0506 1700 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

21:05:09.0508 1700 spldr - ok

21:05:09.0527 1700 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

21:05:09.0533 1700 Spooler - ok

21:05:09.0583 1700 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

21:05:09.0645 1700 sppsvc - ok

21:05:09.0669 1700 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

21:05:09.0672 1700 sppuinotify - ok

21:05:09.0694 1700 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE

21:05:09.0696 1700 SQLAgent$SQLEXPRESS - ok

21:05:09.0724 1700 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

21:05:09.0727 1700 SQLBrowser - ok

21:05:09.0748 1700 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

21:05:09.0750 1700 SQLWriter - ok

21:05:09.0776 1700 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

21:05:09.0781 1700 srv - ok

21:05:09.0792 1700 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

21:05:09.0796 1700 srv2 - ok

21:05:09.0811 1700 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

21:05:09.0813 1700 srvnet - ok

21:05:09.0821 1700 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

21:05:09.0824 1700 SSDPSRV - ok

21:05:09.0834 1700 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

21:05:09.0836 1700 SstpSvc - ok

21:05:09.0862 1700 Steam Client Service - ok

21:05:09.0891 1700 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

21:05:09.0894 1700 Stereo Service - ok

21:05:09.0903 1700 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

21:05:09.0905 1700 stexstor - ok

21:05:09.0924 1700 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

21:05:09.0932 1700 stisvc - ok

21:05:09.0944 1700 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

21:05:09.0946 1700 swenum - ok

21:05:09.0960 1700 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

21:05:09.0966 1700 swprv - ok

21:05:09.0990 1700 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

21:05:10.0016 1700 SysMain - ok

21:05:10.0030 1700 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

21:05:10.0034 1700 TabletInputService - ok

21:05:10.0040 1700 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

21:05:10.0046 1700 TapiSrv - ok

21:05:10.0052 1700 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

21:05:10.0054 1700 TBS - ok

21:05:10.0095 1700 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys

21:05:10.0122 1700 Tcpip - ok

21:05:10.0153 1700 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

21:05:10.0164 1700 TCPIP6 - ok

21:05:10.0185 1700 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

21:05:10.0186 1700 tcpipreg - ok

21:05:10.0198 1700 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

21:05:10.0205 1700 TDPIPE - ok

21:05:10.0227 1700 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

21:05:10.0228 1700 TDTCP - ok

21:05:10.0243 1700 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

21:05:10.0246 1700 tdx - ok

21:05:10.0262 1700 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

21:05:10.0264 1700 TermDD - ok

21:05:10.0277 1700 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

21:05:10.0284 1700 TermService - ok

21:05:10.0290 1700 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

21:05:10.0292 1700 Themes - ok

21:05:10.0305 1700 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

21:05:10.0307 1700 THREADORDER - ok

21:05:10.0315 1700 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

21:05:10.0318 1700 TrkWks - ok

21:05:10.0352 1700 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

21:05:10.0353 1700 TrustedInstaller - ok

21:05:10.0361 1700 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

21:05:10.0363 1700 tssecsrv - ok

21:05:10.0375 1700 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

21:05:10.0378 1700 TsUsbFlt - ok

21:05:10.0391 1700 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

21:05:10.0392 1700 TsUsbGD - ok

21:05:10.0411 1700 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

21:05:10.0414 1700 tunnel - ok

21:05:10.0432 1700 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

21:05:10.0434 1700 uagp35 - ok

21:05:10.0451 1700 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

21:05:10.0455 1700 udfs - ok

21:05:10.0460 1700 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

21:05:10.0463 1700 UI0Detect - ok

21:05:10.0485 1700 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

21:05:10.0488 1700 uliagpkx - ok

21:05:10.0506 1700 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

21:05:10.0508 1700 umbus - ok

21:05:10.0532 1700 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys

21:05:10.0534 1700 UmPass - ok

21:05:10.0599 1700 [ 507E96F4BF60BBFBC7FFDC6E2F4A01C9 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

21:05:10.0603 1700 UNS - ok

21:05:10.0615 1700 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

21:05:10.0621 1700 upnphost - ok

21:05:10.0647 1700 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

21:05:10.0649 1700 USBAAPL64 - ok

21:05:10.0655 1700 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

21:05:10.0658 1700 usbccgp - ok

21:05:10.0667 1700 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

21:05:10.0670 1700 usbcir - ok

21:05:10.0684 1700 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

21:05:10.0687 1700 usbehci - ok

21:05:10.0710 1700 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys

21:05:10.0715 1700 usbhub - ok

21:05:10.0723 1700 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

21:05:10.0725 1700 usbohci - ok

21:05:10.0738 1700 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys

21:05:10.0741 1700 usbprint - ok

21:05:10.0752 1700 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:05:10.0755 1700 USBSTOR - ok

21:05:10.0769 1700 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

21:05:10.0772 1700 usbuhci - ok

21:05:10.0781 1700 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

21:05:10.0785 1700 UxSms - ok

21:05:10.0794 1700 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

21:05:10.0795 1700 VaultSvc - ok

21:05:10.0814 1700 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

21:05:10.0816 1700 vdrvroot - ok

21:05:10.0832 1700 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

21:05:10.0839 1700 vds - ok

21:05:10.0847 1700 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

21:05:10.0849 1700 vga - ok

21:05:10.0862 1700 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

21:05:10.0864 1700 VgaSave - ok

21:05:10.0888 1700 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

21:05:10.0891 1700 vhdmp - ok

21:05:10.0899 1700 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

21:05:10.0906 1700 viaide - ok

21:05:10.0931 1700 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

21:05:10.0934 1700 volmgr - ok

21:05:10.0948 1700 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

21:05:10.0952 1700 volmgrx - ok

21:05:10.0958 1700 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

21:05:10.0963 1700 volsnap - ok

21:05:10.0979 1700 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

21:05:10.0981 1700 vsmraid - ok

21:05:11.0014 1700 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

21:05:11.0042 1700 VSS - ok

21:05:11.0080 1700 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

21:05:11.0085 1700 vToolbarUpdater12.2.6 - ok

21:05:11.0100 1700 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

21:05:11.0102 1700 vwifibus - ok

21:05:11.0124 1700 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

21:05:11.0127 1700 vwififlt - ok

21:05:11.0138 1700 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

21:05:11.0144 1700 W32Time - ok

21:05:11.0159 1700 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

21:05:11.0161 1700 WacomPen - ok

21:05:11.0169 1700 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

21:05:11.0171 1700 WANARP - ok

21:05:11.0175 1700 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

21:05:11.0176 1700 Wanarpv6 - ok

21:05:11.0207 1700 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

21:05:11.0223 1700 WatAdminSvc - ok

21:05:11.0248 1700 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

21:05:11.0275 1700 wbengine - ok

21:05:11.0290 1700 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

21:05:11.0294 1700 WbioSrvc - ok

21:05:11.0301 1700 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

21:05:11.0307 1700 wcncsvc - ok

21:05:11.0315 1700 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

21:05:11.0319 1700 WcsPlugInService - ok

21:05:11.0339 1700 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

21:05:11.0341 1700 Wd - ok

21:05:11.0356 1700 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

21:05:11.0373 1700 Wdf01000 - ok

21:05:11.0386 1700 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

21:05:11.0390 1700 WdiServiceHost - ok

21:05:11.0393 1700 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

21:05:11.0395 1700 WdiSystemHost - ok

21:05:11.0407 1700 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

21:05:11.0412 1700 WebClient - ok

21:05:11.0417 1700 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

21:05:11.0421 1700 Wecsvc - ok

21:05:11.0429 1700 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

21:05:11.0433 1700 wercplsupport - ok

21:05:11.0445 1700 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

21:05:11.0448 1700 WerSvc - ok

21:05:11.0461 1700 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

21:05:11.0463 1700 WfpLwf - ok

21:05:11.0470 1700 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

21:05:11.0472 1700 WIMMount - ok

21:05:11.0488 1700 WinDefend - ok

21:05:11.0493 1700 WinHttpAutoProxySvc - ok

21:05:11.0522 1700 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

21:05:11.0526 1700 Winmgmt - ok

21:05:11.0563 1700 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

21:05:11.0599 1700 WinRM - ok

21:05:11.0622 1700 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

21:05:11.0633 1700 Wlansvc - ok

21:05:11.0661 1700 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

21:05:11.0662 1700 wlcrasvc - ok

21:05:11.0712 1700 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

21:05:11.0727 1700 wlidsvc - ok

21:05:11.0749 1700 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

21:05:11.0751 1700 WmiAcpi - ok

21:05:11.0772 1700 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

21:05:11.0774 1700 wmiApSrv - ok

21:05:11.0777 1700 WMPNetworkSvc - ok

21:05:11.0780 1700 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

21:05:11.0782 1700 WPCSvc - ok

21:05:11.0790 1700 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

21:05:11.0793 1700 WPDBusEnum - ok

21:05:11.0804 1700 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

21:05:11.0806 1700 ws2ifsl - ok

21:05:11.0816 1700 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

21:05:11.0819 1700 wscsvc - ok

21:05:11.0821 1700 WSearch - ok

21:05:11.0845 1700 [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys

21:05:11.0848 1700 wsvd - ok

21:05:11.0894 1700 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

21:05:11.0929 1700 wuauserv - ok

21:05:11.0938 1700 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

21:05:11.0941 1700 WudfPf - ok

21:05:11.0964 1700 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

21:05:11.0966 1700 WUDFRd - ok

21:05:11.0973 1700 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

21:05:11.0975 1700 wudfsvc - ok

21:05:11.0986 1700 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

21:05:12.0001 1700 WwanSvc - ok

21:05:12.0023 1700 ================ Scan global ===============================

21:05:12.0038 1700 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

21:05:12.0058 1700 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

21:05:12.0063 1700 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

21:05:12.0073 1700 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

21:05:12.0087 1700 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

21:05:12.0091 1700 [Global] - ok

21:05:12.0091 1700 ================ Scan MBR ==================================

21:05:12.0099 1700 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0

21:05:13.0518 1700 \Device\Harddisk0\DR0 - ok

21:05:13.0518 1700 ================ Scan VBR ==================================

21:05:13.0519 1700 [ 913C5FD3FD3C91C9E697E1A8D059FF2C ] \Device\Harddisk0\DR0\Partition1

21:05:13.0520 1700 \Device\Harddisk0\DR0\Partition1 - ok

21:05:13.0531 1700 [ 4993626D5E885B3541AE4E9A7F708F20 ] \Device\Harddisk0\DR0\Partition2

21:05:13.0532 1700 \Device\Harddisk0\DR0\Partition2 - ok

21:05:13.0552 1700 [ A39A13EC2C80736C96AE795F1E13A7A9 ] \Device\Harddisk0\DR0\Partition3

21:05:13.0553 1700 \Device\Harddisk0\DR0\Partition3 - ok

21:05:13.0553 1700 ============================================================

21:05:13.0553 1700 Scan finished

21:05:13.0553 1700 ============================================================

21:05:13.0558 7392 Detected object count: 0

21:05:13.0558 7392 Actual detected object count: 0

[kape]

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

[EnzoD]

ComboFix 12-10-04.02 - Enzo 07/10/2012 23:42:13.1.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.8159.5146 [GMT 2:00]

Gestart vanuit: c:\users\Enzo\Downloads\ComboFix.exe

AV: AVG Anti-Virus 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG Anti-Virus 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-07 to 2012-10-07 ))))))))))))))))))))))))))))))

.

.

2012-10-07 21:45 . 2012-10-07 21:45 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-10-07 21:45 . 2012-10-07 21:45 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-09-30 21:58 . 2012-09-30 21:58 -------- d-----w- c:\users\Enzo\AppData\Roaming\Atari

2012-09-30 21:57 . 2012-09-30 21:57 -------- d-----w- c:\program files (x86)\Common Files\PocketSoft

2012-09-30 21:57 . 2002-02-27 15:50 197120 ----a-w- c:\windows\patchw32.dll

2012-09-30 21:53 . 2012-09-30 21:53 -------- d-----w- c:\program files (x86)\Atari

2012-09-30 21:52 . 2002-12-05 12:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll

2012-09-30 21:52 . 2002-12-02 13:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe

2012-09-30 21:52 . 2002-12-02 11:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll

2012-09-30 21:52 . 2002-12-02 11:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll

2012-09-30 21:52 . 2002-12-05 12:12 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll

2012-09-30 21:52 . 2012-09-30 21:52 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll

2012-09-30 21:52 . 2012-09-30 21:52 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll

2012-09-30 17:07 . 2012-09-30 17:07 -------- d-----w- c:\users\Enzo\AppData\Roaming\Sierra

2012-09-30 16:56 . 2012-09-30 16:56 -------- d-----w- c:\program files (x86)\Sierra

2012-09-30 16:55 . 2004-04-18 21:42 733184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll

2012-09-30 16:55 . 2004-04-18 21:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll

2012-09-30 16:55 . 2004-04-18 21:39 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll

2012-09-30 16:55 . 2004-04-18 21:39 172032 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll

2012-09-30 16:55 . 2004-04-18 21:39 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe

2012-09-30 16:55 . 2012-09-30 16:55 303236 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll

2012-09-30 16:55 . 2012-09-30 16:55 180356 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll

2012-09-26 07:13 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2012-09-24 15:12 . 2012-09-24 15:12 -------- d-----w- C:\.jagex_cache_32

2012-09-23 21:57 . 2012-08-24 10:10 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-09-23 21:57 . 2012-08-24 10:09 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-09-23 21:57 . 2012-08-24 06:43 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-09-23 21:57 . 2012-08-24 07:34 140936 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll

2012-09-21 16:13 . 2012-09-21 16:13 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software

2012-09-21 16:12 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D6EB400D-EE5C-4E55-9927-B18FCBA7BCEC}\mpengine.dll

2012-09-19 13:16 . 2012-08-21 11:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-09-19 13:16 . 2012-09-19 13:16 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-09-19 13:16 . 2012-09-19 13:16 -------- d-----w- c:\program files\iTunes

2012-09-19 13:16 . 2012-09-19 13:16 -------- d-----w- c:\program files\iPod

2012-09-18 18:10 . 2012-09-18 18:10 -------- d-----w- c:\users\Enzo\AppData\Local\Adobe

2012-09-17 16:58 . 2012-09-17 16:58 56672 ----a-w- c:\windows\system32\drivers\avgidsha.sys

2012-09-15 20:12 . 2012-09-15 20:12 -------- d-----w- c:\users\Enzo\AppData\Roaming\AVG2013

2012-09-15 20:11 . 2012-09-15 20:11 -------- d-----w- c:\users\Enzo\AppData\Roaming\TuneUp Software

2012-09-15 20:11 . 2012-09-15 20:11 -------- d-----w- c:\users\Enzo\AppData\Local\AVG Secure Search

2012-09-15 20:11 . 2012-09-15 20:11 -------- d-----w- c:\programdata\AVG Secure Search

2012-09-15 20:11 . 2012-09-15 20:11 31080 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2012-09-15 20:11 . 2012-09-15 20:11 -------- d-----w- c:\program files (x86)\AVG Secure Search

2012-09-15 20:11 . 2012-09-15 20:11 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search

2012-09-15 20:10 . 2012-09-15 20:11 -------- d-----w- c:\programdata\AVG2013

2012-09-15 20:10 . 2012-09-15 20:10 -------- d-----w- C:\$AVG

2012-09-15 20:10 . 2012-09-15 20:10 -------- d-----w- c:\program files (x86)\AVG

2012-09-15 20:03 . 2012-09-15 20:13 -------- d-----w- c:\users\Enzo\AppData\Local\Avg2013

2012-09-15 20:03 . 2012-09-15 20:03 -------- d-----w- c:\users\Enzo\AppData\Local\MFAData

2012-09-14 15:39 . 2012-09-29 18:36 -------- d-----w- c:\program files\CCleaner

2012-09-14 03:34 . 2012-09-14 03:34 105312 ----a-w- c:\windows\system32\drivers\avgmfx64.sys

2012-09-12 11:34 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys

2012-09-12 11:34 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll

2012-09-12 11:34 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll

2012-09-12 11:34 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys

2012-09-12 11:34 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-09-12 11:34 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys

2012-09-12 11:34 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-09-12 09:47 . 2012-09-12 09:47 199520 ----a-w- c:\windows\system32\drivers\avgtdia.sys

2012-09-12 09:47 . 2012-09-12 09:47 175968 ----a-w- c:\windows\system32\drivers\avgldx64.sys

2012-09-08 23:09 . 2012-09-08 23:09 -------- d-----w- c:\users\Enzo\AppData\Local\TechSmith

2012-09-08 23:08 . 2012-09-08 23:08 -------- d-----w- c:\users\Enzo\Aptana Rubles

2012-09-08 23:08 . 2012-09-08 23:09 -------- d-----w- c:\users\Enzo\AppData\Roaming\Titanium

2012-09-08 23:08 . 2012-09-08 23:08 -------- d-----w- c:\users\Enzo\.eclipse

2012-09-08 23:07 . 2012-09-08 23:07 -------- d-----w- c:\users\Enzo\AppData\Local\Titanium Studio

2012-09-08 23:07 . 2010-03-04 15:27 411480 ----a-w- c:\windows\SysWow64\tsccvid.dll

2012-09-08 23:07 . 2012-09-08 23:07 -------- d-----w- c:\windows\SysWow64\QuickTime

2012-09-08 23:07 . 2012-09-08 23:07 -------- d-----w- c:\programdata\TechSmith

2012-09-08 22:50 . 2012-09-08 22:54 -------- d-----w- c:\users\Enzo\AppData\Local\Temporary Projects

2012-09-08 22:48 . 2009-07-22 08:17 78872 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll

2012-09-08 22:48 . 2009-07-22 08:17 50200 ----a-w- c:\windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll

2012-09-08 22:48 . 2009-07-22 08:17 79896 ----a-w- c:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll

2012-09-08 22:48 . 2009-07-22 08:17 111640 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll

2012-09-08 22:47 . 2012-09-08 22:47 -------- d-----w- c:\windows\system32\RsFx

2012-09-08 22:47 . 2012-09-08 22:47 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 9.0

2012-09-08 22:47 . 2012-09-08 22:47 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0

2012-09-08 22:47 . 2012-09-08 22:47 -------- d-----w- c:\windows\SysWow64\1033

2012-09-08 22:47 . 2012-09-08 22:47 -------- d-----w- c:\windows\system32\1033

2012-09-08 22:47 . 2012-09-08 22:47 -------- d-----w- c:\program files\Microsoft.NET

2012-09-08 22:45 . 2012-09-08 22:48 -------- d-----w- c:\program files\Microsoft SQL Server

2012-09-08 22:44 . 2012-09-08 22:47 -------- d-----w- c:\program files (x86)\Microsoft SQL Server

2012-09-08 22:44 . 2012-09-08 22:44 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services

2012-09-08 22:44 . 2012-09-09 20:45 205984 ----a-w- c:\programdata\Microsoft\VBExpress\10.0\1033\ResourceCache.dll

2012-09-08 22:43 . 2012-09-08 22:49 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0

2012-09-08 22:43 . 2012-09-08 22:43 -------- d-----w- c:\windows\symbols

2012-09-08 22:43 . 2012-09-08 22:43 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0

2012-09-08 22:43 . 2012-09-08 22:43 -------- d-----w- c:\program files\Microsoft Help Viewer

2012-09-08 22:43 . 2012-09-08 22:43 -------- d-----w- c:\program files (x86)\Microsoft SDKs

2012-09-08 22:17 . 2012-09-08 22:17 -------- d-----w- c:\program files\Common Files\DESIGNER

2012-09-08 22:16 . 2012-09-08 22:16 -------- d-----w- c:\program files\Microsoft Synchronization Services

2012-09-08 22:16 . 2012-09-08 22:16 -------- d-----w- c:\windows\PCHEALTH

2012-09-08 22:16 . 2012-09-08 22:16 -------- d-----w- c:\program files\Microsoft Sync Framework

2012-09-08 22:16 . 2012-09-08 22:16 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2012-09-08 22:15 . 2012-09-08 22:15 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8

2012-09-08 22:15 . 2012-09-08 22:15 -------- d-----w- c:\program files\Microsoft Analysis Services

2012-09-08 22:15 . 2012-09-08 22:15 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services

2012-09-08 22:15 . 2012-09-08 22:16 -------- d-----w- c:\program files\Microsoft Office

2012-09-08 22:14 . 2012-09-08 22:14 -------- d-----r- C:\MSOCache

2012-09-08 21:53 . 2012-09-08 21:53 -------- d-----w- c:\users\Enzo\AppData\Local\Microsoft Help

2012-09-08 21:53 . 2012-09-12 20:52 -------- d-----w- c:\programdata\Microsoft Help

2012-09-08 21:49 . 2011-06-15 08:30 93240 ----a-w- c:\windows\system32\drivers\scdemu.sys

2012-09-08 21:49 . 2012-09-08 21:49 -------- d-----w- c:\program files (x86)\PowerISO

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-09-21 17:02 . 2012-05-07 22:40 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-09-21 17:02 . 2011-12-01 21:26 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-09-07 15:04 . 2012-08-16 15:08 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-21 11:01 . 2012-08-16 15:35 125872 ----a-w- c:\windows\system32\GEARAspi64.dll

2012-08-21 11:01 . 2012-08-16 15:35 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll

2012-08-16 23:38 . 2012-08-16 23:38 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin

2012-08-13 14:40 . 2012-08-13 14:40 150880 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys

2012-08-10 02:52 . 2012-08-10 02:52 40288 ----a-w- c:\windows\system32\drivers\avgrkx64.sys

2012-08-09 11:56 . 2012-08-09 11:56 230240 ----a-w- c:\windows\system32\drivers\avgloga.sys

2012-07-18 18:15 . 2012-08-18 08:22 3148800 ----a-w- c:\windows\system32\win32k.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-09-15 20:11 1734240 ----a-w- c:\program files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll" [2012-09-15 1734240]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2012-10-03 1398680]

"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-08-16 1353080]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]

"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2011-06-15 307200]

"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-09-14 3039352]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-09-15 947808]

"ROC_ROC_NT"="c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe" [2012-09-15 856160]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

WiFi Station.lnk - c:\program files (x86)\Hercules\WiFi Station\WiFiStation.exe [2012-8-16 99624]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2013\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-08-20 5751928]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 136176]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 250288]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 136176]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-18 1255736]

R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2010-09-23 129008]

R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]

R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-09-17 56672]

S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-08-09 230240]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-08-10 40288]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-08-13 150880]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-09-12 175968]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-09-14 105312]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-12 199520]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-09-15 31080]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-08-20 184304]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]

S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-09-28 25824]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-03-28 363800]

S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-09-15 722528]

S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [2011-08-01 129000]

S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [2011-08-01 391144]

S3 MEIx64;Intel® Management Engine Interface ;c:\windows\system32\drivers\HECIx64.sys [2011-11-09 60184]

S3 netr7364;Hercules USB Wireless LAN Card Driver for Windows 7;c:\windows\system32\DRIVERS\netr7364.sys [2009-05-24 626176]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - 20995910

*Deregistered* - 20995910

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-07 17:02]

.

2012-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 14:40]

.

2012-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 14:40]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-13 12452968]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.1.1

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ChromeHTML"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ChromeHTML"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ChromeHTML"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ChromeHTML"

.

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ChromeHTML"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-10-07 23:46:41

ComboFix-quarantined-files.txt 2012-10-07 21:46

.

Pre-Run: 768.169.910.272 bytes beschikbaar

Post-Run: 768.036.085.760 bytes beschikbaar

.

- - End Of File - - ED1AC388B995F4F1CF9FBEED479169D4

[kape]

Download de Emsisoft Emergency Kit naar het bureaublad en pak het ZIP bestand uit.

• Open de map "EmsisoftEmergencyKit" en dubbelklik op "Start.exe"
  
• Klik nu op "Emergency Kit Scanner" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "Ja"
  
  
• Als de update gereed is en de melding "Update process is succesvol afgerond" verschijnt klikt u op "menu" en dan op "Scan PC"
  
• Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
  
• Klik Nu op de knop "Scan" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
  
• Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
  
• Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "verwijder geselecteerde" u zal nu de volgende melding krijgen maar klik hier op "Ja"
  
  
• Als het verwijderen gereed is klikt u op de knop "View report" en selecteert u het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
  
• Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
  
• Herstart nu de computer.
  

[EnzoD]

Hij vond niets en Mbam blijft zeggen dat hij 2 objecten heeft gedetecteerd=/

Emsisoft Emergency Kit - Versie 2.0

Laatste Update: 8/10/2012 17:24:20

Scaninstellingen:

Scantype: Diepe scan

Objecten: Rootkits, Geheugen, Sporen, C:\, D:\

Scan archieven: Aan

ADS Scan: Aan

Scan gestart: 8/10/2012 17:24:59

Gescand 595778

Gevonden 0

Scan geëindigd: 8/10/2012 17:42:04

Scantijd: 0:17:05

[kape]

Zet dat logje van Malwarebytes (met de foutmeldingen) dan eens in een volgende bericht.