Ga naar inhoud

Werfault.exe

CorrieL

Door CorrieL
in Archief Windows Algemeen

 Delen

Aanbevolen berichten

kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Link naar reactie
Delen op andere sites
CorrieL Groentje

CorrieL

Geplaatst:
  • Auteur
Geplaatst:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Rob en Corrie at 2013-10-20 16:36:30

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 126 GB (62%) free of 202 GB

Total RAM: 6055 MB (85% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

C:\Windows\System32\svchost.exe -k secsvcs

ctfmon.exe

"C:\Windows\explorer.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_09/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="1468.1.448820345\679227957" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_09/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --disable-html-notifications --disable-webgl --disable-pepper-3d --disable-gl-multisampling --disable-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-video-decode --channel="1468.2.409203038\2082821605" /prefetch:673131151

"C:\Users\Rob en Corrie\Downloads\RSITx64 (6).exe"

C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\ASUS SmartLogon Console Sensor.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\Scheduled scanning task.job

C:\Windows\tasks\SLOW-PCfighter64-Rob en Corrie-Notification.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]

Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-10-16 651968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]

Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-10-16 1067712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-07-27 545264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]

Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-10-16 512192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-07-27 193520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]

URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-10-16 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{215BA832-75A3-426E-A4FC-7C5B58CE6A10}]

Kaspersky Passsword Manager Toolbar - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll [2013-10-16 2396480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]

Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-10-16 536256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]

Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-10-16 880320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]

CIESpeechBHO Class - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll [2010-11-26 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]

Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2013-10-16 426176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]

Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}]

Browsing Protection Class - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll [2013-09-10 555968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]

URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2013-10-16 485568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll [2013-09-10 555968]

{215BA832-75A3-426E-A4FC-7C5B58CE6A10} - Kaspersky Passsword Manager Toolbar - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll [2013-10-16 2396480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []

"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-10-13 2168424]

"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-05-03 324096]

"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]

"PAC7311_Monitor"=C:\Windows\PixArt\PAC7311\Monitor.exe [2006-11-03 319488]

"fssui"=C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [2012-03-08 884584]

"AtherosBtStack"=C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe [2010-11-26 613536]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]

"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2010-11-03 10228224]

"snp2uvc"=C:\Windows\vsnp2uvc.exe [2010-01-21 909824]

"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]

"AthBtTray"=C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe [2010-11-26 379040]

"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]

"MsmqIntCert"=regsvr32 /s mqrt.dll []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Syncables"=C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-07-19 370480]

"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-03-22 248208]

"MyTomTomSA.exe"=C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [2013-05-23 455608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-10-13 11485800]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]

"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]

"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

"SonicMasterTray"=C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [2010-07-10 984400]

"FLxHCIm"=C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [2011-01-21 40448]

"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]

"VAWinAgent"=C:\ExpressGateUtil\VAWinAgent.exe [2011-01-17 191304]

"RemoteControl10"=C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]

"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-11-12 75048]

"UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2010-11-25 222504]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"CommonToolkitTray"=C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [2013-02-13 1425952]

"sfagent"=C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe [2011-12-20 1197704]

"F-Secure TNB"=C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe [2011-08-23 1655464]

"F-Secure Manager"=C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE [2009-11-18 201128]

"ASUS Screen Saver Protector"=C:\Windows\AsScrPro.exe [2011-04-23 3058304]

"KPN Assistent"=C:\Program Files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe [2013-06-12 38142582]

"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-03 103720]

"MFARestart"=C:\ProgramData\MFAData\pack\avgrunasx.exe [2013-08-20 287792]

"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2013-10-16 356128]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2012-12-14 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=0

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"mixer2"=wdmaud.drv

"midi2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux2"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-20 16:36:30 ----D---- C:\Program Files\trend micro

2013-10-16 17:03:41 ----D---- C:\rsit

2013-10-16 12:09:48 ----A---- C:\Windows\system32\klfphc.dll

2013-10-16 12:08:58 ----A---- C:\Windows\system32\drivers\CSVirtualDiskDrv.sys

2013-10-16 12:08:56 ----A---- C:\Windows\system32\drivers\CSCrySec.sys

2013-10-16 12:08:20 ----D---- C:\Windows\ELAMBKUP

2013-10-16 12:08:13 ----D---- C:\Program Files (x86)\Kaspersky Lab

2013-10-16 12:07:51 ----A---- C:\Windows\system32\drivers\klif.sys

2013-10-16 12:07:51 ----A---- C:\Windows\system32\drivers\klflt.sys

2013-10-15 21:46:29 ----D---- C:\ProgramData\Kaspersky Lab

2013-10-15 20:45:32 ----A---- C:\Windows\system32\iisRtl.dll

2013-10-15 20:45:30 ----A---- C:\Windows\SYSWOW64\iisRtl.dll

2013-10-15 20:45:30 ----A---- C:\Windows\system32\admwprox.dll

2013-10-15 20:45:29 ----A---- C:\Windows\SYSWOW64\admwprox.dll

2013-10-15 20:45:27 ----A---- C:\Windows\SYSWOW64\iisreset.exe

2013-10-15 20:45:27 ----A---- C:\Windows\system32\iisreset.exe

2013-10-15 20:45:27 ----A---- C:\Windows\system32\ahadmin.dll

2013-10-15 20:45:26 ----A---- C:\Windows\SYSWOW64\wamregps.dll

2013-10-15 20:45:26 ----A---- C:\Windows\SYSWOW64\ahadmin.dll

2013-10-15 20:45:26 ----A---- C:\Windows\system32\wamregps.dll

2013-10-15 20:45:25 ----A---- C:\Windows\SYSWOW64\iisrstap.dll

2013-10-15 20:45:25 ----A---- C:\Windows\system32\iisrstap.dll

2013-10-15 20:14:42 ----D---- C:\Windows\SYSWOW64\BestPractices

2013-10-15 20:14:38 ----D---- C:\Windows\system32\msmq

2013-10-15 20:14:38 ----D---- C:\Windows\system32\BestPractices

2013-10-15 20:14:32 ----D---- C:\inetpub

2013-10-14 21:26:35 ----N---- C:\bootsqm.dat

2013-10-12 21:16:12 ----D---- C:\Program Files (x86)\AVG

2013-10-12 21:07:27 ----HD---- C:\ProgramData\Common Files

2013-10-12 21:07:27 ----D---- C:\ProgramData\MFAData

2013-10-12 17:59:45 ----D---- C:\Users\Rob en Corrie\AppData\Roaming\Agics

2013-10-12 17:46:28 ----D---- C:\Users\Rob en Corrie\AppData\Roaming\ParetoLogic

2013-10-12 17:46:28 ----D---- C:\Users\Rob en Corrie\AppData\Roaming\DriverCure

2013-10-12 17:46:19 ----D---- C:\ProgramData\ParetoLogic

2013-10-11 22:07:20 ----A---- C:\Windows\ntbtlog.txt

2013-10-10 22:40:27 ----D---- C:\Program Files (x86)\Vittalia

2013-10-09 16:01:01 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-10-09 16:01:01 ----A---- C:\Windows\system32\ieui.dll

2013-10-09 16:01:00 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2013-10-09 16:01:00 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2013-10-09 16:01:00 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2013-10-09 16:01:00 ----A---- C:\Windows\system32\iesetup.dll

2013-10-09 16:01:00 ----A---- C:\Windows\system32\iernonce.dll

2013-10-09 16:00:59 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-10-09 16:00:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-10-09 16:00:59 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-10-09 16:00:59 ----A---- C:\Windows\system32\iesysprep.dll

2013-10-09 16:00:59 ----A---- C:\Windows\system32\ie4uinit.exe

2013-10-09 16:00:58 ----A---- C:\Windows\system32\iertutil.dll

2013-10-09 16:00:57 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-10-09 16:00:57 ----A---- C:\Windows\system32\msfeeds.dll

2013-10-09 16:00:56 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-10-09 16:00:56 ----A---- C:\Windows\system32\jscript.dll

2013-10-09 16:00:55 ----A---- C:\Windows\system32\jscript9.dll

2013-10-09 16:00:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-10-09 16:00:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-10-09 16:00:53 ----A---- C:\Windows\system32\urlmon.dll

2013-10-09 16:00:52 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-10-09 16:00:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-10-09 16:00:52 ----A---- C:\Windows\system32\jsproxy.dll

2013-10-09 16:00:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-10-09 16:00:51 ----A---- C:\Windows\system32\wininet.dll

2013-10-09 16:00:50 ----A---- C:\Windows\system32\ieframe.dll

2013-10-09 16:00:49 ----A---- C:\Windows\system32\mshtml.dll

2013-10-09 16:00:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-10-09 15:28:23 ----A---- C:\Windows\system32\comctl32.dll

2013-10-09 15:28:22 ----A---- C:\Windows\SYSWOW64\comctl32.dll

2013-10-09 15:28:13 ----A---- C:\Windows\SYSWOW64\lpk.dll

2013-10-09 15:28:13 ----A---- C:\Windows\SYSWOW64\dciman32.dll

2013-10-09 15:28:13 ----A---- C:\Windows\SYSWOW64\atmfd.dll

2013-10-09 15:28:13 ----A---- C:\Windows\system32\lpk.dll

2013-10-09 15:28:13 ----A---- C:\Windows\system32\dciman32.dll

2013-10-09 15:28:13 ----A---- C:\Windows\system32\atmfd.dll

2013-10-09 15:28:12 ----A---- C:\Windows\SYSWOW64\fontsub.dll

2013-10-09 15:28:12 ----A---- C:\Windows\system32\fontsub.dll

2013-10-09 15:28:11 ----A---- C:\Windows\SYSWOW64\atmlib.dll

2013-10-09 15:28:11 ----A---- C:\Windows\system32\atmlib.dll

2013-10-09 15:28:09 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2013-10-09 15:28:06 ----A---- C:\Windows\system32\drivers\usbvideo.sys

2013-10-09 15:28:06 ----A---- C:\Windows\system32\drivers\usbcir.sys

2013-10-09 15:28:06 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys

2013-10-09 15:28:04 ----A---- C:\Windows\system32\drivers\usbscan.sys

2013-10-09 15:28:04 ----A---- C:\Windows\system32\drivers\hidparse.sys

2013-10-09 15:28:04 ----A---- C:\Windows\system32\drivers\hidclass.sys

2013-10-09 15:27:49 ----A---- C:\Windows\SYSWOW64\WebClnt.dll

2013-10-09 15:27:49 ----A---- C:\Windows\system32\WebClnt.dll

2013-10-09 15:27:49 ----A---- C:\Windows\system32\davclnt.dll

2013-10-09 15:27:48 ----A---- C:\Windows\SYSWOW64\davclnt.dll

2013-10-09 15:27:48 ----A---- C:\Windows\system32\drivers\mrxdav.sys

2013-10-09 15:27:43 ----A---- C:\Windows\system32\mswsock.dll

2013-10-09 15:27:43 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-10-09 15:27:42 ----A---- C:\Windows\system32\drivers\afd.sys

2013-10-09 15:27:41 ----A---- C:\Windows\SYSWOW64\mswsock.dll

2013-10-09 15:27:38 ----A---- C:\Windows\system32\win32k.sys

2013-10-09 15:27:10 ----A---- C:\Windows\system32\ntoskrnl.exe

2013-10-09 15:27:09 ----A---- C:\Windows\system32\advapi32.dll

2013-10-09 15:27:06 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2013-10-09 15:27:05 ----A---- C:\Windows\system32\tdh.dll

2013-10-09 15:27:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2013-10-09 15:27:03 ----A---- C:\Windows\SYSWOW64\tdh.dll

2013-10-09 15:27:02 ----A---- C:\Windows\SYSWOW64\advapi32.dll

2013-10-09 15:27:01 ----A---- C:\Windows\system32\ntdll.dll

2013-10-09 15:27:00 ----A---- C:\Windows\SYSWOW64\ntdll.dll

2013-10-09 15:27:00 ----A---- C:\Windows\system32\wow64.dll

2013-10-09 15:26:51 ----A---- C:\Windows\SYSWOW64\wow32.dll

2013-10-09 15:26:51 ----A---- C:\Windows\SYSWOW64\setup16.exe

2013-10-09 15:26:51 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll

2013-10-09 15:26:51 ----A---- C:\Windows\SYSWOW64\instnm.exe

2013-10-09 15:26:50 ----A---- C:\Windows\SYSWOW64\user.exe

2013-10-09 15:26:26 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 15:26:26 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 15:26:24 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2013-10-09 15:26:19 ----A---- C:\Windows\system32\scavengeui.dll

2013-10-09 15:26:08 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2013-10-09 15:26:08 ----A---- C:\Windows\system32\drivers\usbport.sys

2013-10-09 15:26:08 ----A---- C:\Windows\system32\drivers\usbohci.sys

2013-10-09 15:26:08 ----A---- C:\Windows\system32\drivers\usbhub.sys

2013-10-09 15:26:08 ----A---- C:\Windows\system32\drivers\usbehci.sys

2013-10-09 15:26:08 ----A---- C:\Windows\system32\drivers\usbd.sys

2013-10-09 15:26:08 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2013-10-02 14:04:47 ----A---- C:\Windows\system32\drivers\RapportKE64.sys

2013-10-02 14:03:54 ----D---- C:\Program Files (x86)\Trusteer

======List of files/folders modified in the last 1 month======

2013-10-20 16:36:30 ----RD---- C:\Program Files

2013-10-20 16:36:30 ----D---- C:\Windows\Temp

2013-10-20 16:26:36 ----D---- C:\Windows\system32\inetsrv

2013-10-20 16:26:34 ----D---- C:\Windows\system32\config

2013-10-19 18:51:01 ----SHD---- C:\Windows\Installer

2013-10-19 18:48:55 ----D---- C:\Windows\system32\Tasks

2013-10-19 18:46:47 ----D---- C:\Windows\system32\drivers

2013-10-19 17:47:28 ----D---- C:\Windows\registration

2013-10-19 17:42:15 ----SD---- C:\Users\Rob en Corrie\AppData\Roaming\Microsoft

2013-10-17 19:32:42 ----D---- C:\Windows\Prefetch

2013-10-16 21:04:14 ----D---- C:\Windows

2013-10-16 21:01:45 ----D---- C:\Windows\Tasks

2013-10-16 20:49:53 ----D---- C:\Windows\SysWOW64

2013-10-16 20:49:53 ----D---- C:\Windows\System32

2013-10-16 16:16:34 ----SHD---- C:\$Recycle.Bin

2013-10-16 16:16:11 ----D---- C:\Windows\SYSWOW64\NV

2013-10-16 16:16:11 ----D---- C:\Windows\system32\NV

2013-10-16 16:16:10 ----D---- C:\ProgramData\NVIDIA

2013-10-16 15:47:47 ----D---- C:\Temp

2013-10-16 15:45:18 ----D---- C:\Program Files\NVIDIA Corporation

2013-10-16 14:11:56 ----D---- C:\ProgramData\Skype

2013-10-16 13:44:22 ----A---- C:\Windows\system32\AutoRunFilter.ini

2013-10-16 13:10:15 ----A---- C:\Windows\system32\ServiceFilter.ini

2013-10-16 13:07:25 ----SHD---- C:\System Volume Information

2013-10-16 13:07:14 ----D---- C:\Windows\system32\catroot

2013-10-16 12:09:45 ----D---- C:\Windows\inf

2013-10-16 12:09:44 ----D---- C:\Windows\system32\DriverStore

2013-10-16 12:08:58 ----DC---- C:\Windows\system32\DRVSTORE

2013-10-16 12:08:15 ----D---- C:\Program Files (x86)\Common Files

2013-10-16 12:08:13 ----D---- C:\Program Files (x86)

2013-10-16 11:43:11 ----D---- C:\ProgramData

2013-10-15 21:55:04 ----RSD---- C:\Windows\assembly

2013-10-15 21:55:04 ----D---- C:\Windows\Microsoft.NET

2013-10-15 21:14:54 ----D---- C:\Windows\winsxs

2013-10-15 21:12:46 ----D---- C:\Windows\SYSWOW64\migration

2013-10-15 21:12:46 ----D---- C:\Windows\SYSWOW64\inetsrv

2013-10-15 21:12:45 ----D---- C:\Windows\system32\migration

2013-10-15 20:55:00 ----D---- C:\ProgramData\Adobe

2013-10-15 20:48:30 ----D---- C:\Users\Rob en Corrie\AppData\Roaming\SoftGrid Client

2013-10-15 20:45:18 ----D---- C:\Windows\system32\catroot2

2013-10-15 20:16:48 ----RD---- C:\Users

2013-10-15 20:16:46 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-10-15 20:16:40 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2013-10-15 20:14:42 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-10-15 20:14:42 ----D---- C:\Program Files\Common Files\Microsoft Shared

2013-10-15 20:14:38 ----D---- C:\Windows\system32\wbem

2013-10-15 20:14:38 ----D---- C:\Windows\system32\nl-NL

2013-10-15 20:14:38 ----D---- C:\Windows\system32\drivers\etc

2013-10-15 20:14:38 ----D---- C:\Windows\system32\0413

2013-10-15 20:14:38 ----D---- C:\Windows\PolicyDefinitions

2013-10-14 19:20:45 ----A---- C:\Windows\system32\acovcnt.exe

2013-10-12 22:55:06 ----D---- C:\Windows\system32\wfp

2013-10-12 22:55:06 ----D---- C:\Windows\ASUS

2013-10-12 22:55:04 ----D---- C:\Windows\system32\CodeIntegrity

2013-10-12 22:55:02 ----D---- C:\Windows\Setup

2013-10-12 22:55:02 ----D---- C:\ProgramData\P4G

2013-10-12 22:55:01 ----HD---- C:\ExpressGateUtil

2013-10-12 22:55:00 ----D---- C:\Program Files\Google

2013-10-12 22:54:40 ----D---- C:\Program Files (x86)\Google

2013-10-12 21:05:06 ----D---- C:\Windows\system32\NDF

2013-10-12 20:54:03 ----D---- C:\Windows\system32\wdi

2013-10-12 18:56:56 ----D---- C:\Users\Rob en Corrie\AppData\Roaming\HTC Sync

2013-10-12 14:06:40 ----D---- C:\Users\Rob en Corrie\AppData\Roaming\Dropbox

2013-10-11 22:21:14 ----D---- C:\Windows\system32\LogFiles

2013-10-11 21:30:17 ----D---- C:\ProgramData\Google

2013-10-11 21:25:52 ----D---- C:\Windows\Panther

2013-10-11 21:25:52 ----D---- C:\Windows\ModemLogs

2013-10-11 21:25:51 ----D---- C:\Windows\Minidump

2013-10-11 21:25:51 ----D---- C:\Windows\Logs

2013-10-11 21:25:51 ----D---- C:\Windows\debug

2013-10-09 18:48:50 ----D---- C:\Program Files (x86)\Internet Explorer

2013-10-09 18:48:40 ----D---- C:\Program Files\Internet Explorer

2013-10-09 18:48:25 ----D---- C:\Windows\AppPatch

2013-10-09 18:46:48 ----D---- C:\Program Files\Microsoft Silverlight

2013-10-09 18:46:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2013-10-09 15:52:47 ----D---- C:\Windows\system32\MRT

2013-10-09 15:50:49 ----A---- C:\Windows\system32\MRT.exe

2013-10-09 15:19:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2013-09-23 14:00:04 ----D---- C:\Windows\system32\Macromed

2013-09-23 14:00:04 ----D---- C:\Windows\system32\drivers\UMDF

2013-09-23 13:59:34 ----RHD---- C:\MSOCache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 CSCrySec;InfoWatch Encrypt Sector Library driver; C:\Windows\system32\DRIVERS\CSCrySec.sys [2011-06-02 84536]

R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2012-08-15 56016]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-14 437272]

R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-10-16 7717984]

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2012-08-02 28504]

R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-10-16 54368]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]

R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-11-26 28832]

R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]

R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys [2011-01-21 161280]

R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\DRIVERS\FLxHCIh.sys [2011-01-21 50176]

R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-21 15416]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]

R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

S0 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2013-09-10 295696]

S1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]

S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [2011-06-02 66616]

S1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files (x86)\PC Veilig\HIPS\drivers\fshs.sys [2009-11-18 59784]

S1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2011-08-23 50384]

S1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2009-11-18 94024]

S1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files (x86)\PC Veilig\Anti-Virus\minifilter\fsvista.sys [2009-11-18 16768]

S1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-10-16 626272]

S1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2013-10-16 178448]

S1 RapportCerberus_56758;RapportCerberus_56758; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [2013-10-02 589872]

S1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-09-10 265872]

S1 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-09-10 384432]

S2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]

S2 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]

S2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]

S2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-04-17 13832]

S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-05-03 44032]

S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-11-26 36000]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-11-26 298144]

S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-11-26 201376]

S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-11-26 55456]

S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-11-26 154272]

S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-11-26 275616]

S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]

S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]

S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]

S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2010-11-04 58128]

S3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\PC Veilig\Anti-Virus\minifilter\fsgk.sys [2013-07-10 202176]

S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]

S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]

S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]

S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-10-13 2515432]

S3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]

S3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2013-10-16 29280]

S3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-16 29280]

S3 MQAC;@mqutil.dll,-6101; C:\Windows\system32\drivers\mqac.sys [2009-07-14 189440]

S3 PAC7311;Trust WB-3400T Webcam; C:\Windows\system32\DRIVERS\PA707UCM.SYS [2007-03-14 524800]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

S3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]

S3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]

S3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]

S3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2010-09-07 1800832]

S3 tap0901;avast! SecureLine TAP Adapter; C:\Windows\system32\DRIVERS\tap0901.sys [2013-04-30 40616]

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]

S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]

S2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-01-25 379520]

S2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]

S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-25 151552]

S2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]

S2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]

S2 AVP;Kaspersky Anti-Virus-service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2013-10-16 356128]

S2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-03 897088]

S2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-03 983104]

S2 CDMA Device Service;CDMA Device Service; C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe [2011-08-02 159232]

S2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 19456]

S2 CLKMSVC10_38F51D56;CyberLink Product - 2011/04/23 12:59:39; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-13 241648]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 CSObjectsSrv;CryptoStorage control service; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2012-12-21 819040]

S2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]

S2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe [2009-11-18 221608]

S2 FSMA;F-Secure Management Agent; C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE [2009-11-18 188840]

S2 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]

S2 ftpsvc;@%windir%\system32\inetsrv\ftpres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11 136176]

S2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2012-12-12 87368]

S2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\Windows\system32\inetsrv\inetinfo.exe [2010-11-20 15872]

S2 iprip;@%Systemroot%\system32\iprip.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S2 MSMQ;@mqutil.dll,-6102; C:\Windows\system32\mqsvc.exe [2009-07-14 9216]

S2 MSMQTriggers;@mqutil.dll,-6203; C:\Windows\system32\mqtgsvc.exe [2010-11-20 189440]

S2 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]

S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-08 1258856]

S2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]

S2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-09-10 1435928]

S2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]

S2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 10240]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]

S2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2010-11-20 49664]

S2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe [2011-12-20 215688]

S2 Suite Service;Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [2011-12-13 1324680]

S2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-03-22 93072]

S2 TurboBoost;Intel® Turbo Boost Technology Monitor; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]

S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]

S3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]

S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]

S3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files (x86)\PC Veilig\FWES\Program\fsdfwd.exe [2009-11-18 846248]

S3 FSORSPClient;F-Secure ORSP Client; C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe [2013-06-05 60352]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11 136176]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-11 194032]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]

S3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]

-----------------EOF-----------------

Dit is gedaan in de veilige modus, anders was het onmogelijk dit uit te voeren, omdat pc steeds met werfault fout komt en alles afsluit. Hoop dat jullie hier wat aan hebben.

Link naar reactie
Delen op andere sites
CorrieL Groentje

CorrieL

Geplaatst:
  • Auteur
Geplaatst:

Het heeft heel wat voeten in de aarde gehad, om het bestand werfault.exe te vinden, omdat verkenner het niet doet. Bij alle zoek acties krijg ik de foutmelding dat verkenner het niet doet en slaat de pc vast. Na heel wat keertjes opnieuw opstarten heb ik uiteindelijk in de veilige modus bij systeembeheer een zoekactie op de c-schijf kunnen uitvoeren naar werfault.exe. Er kwamen heel veel regels op verschillende locaties te voorschijn. Een daarvan was inderdaad C:\Windows\System32, maar zoals ik al zei, nog heel veel regels meer. In een stuk of 8 van die regels stond vooraan de regel een monitor afgebeeld, met daarin een gele driehoek en een uitroepteken daarin met daar doorheen een groene V.

Ik hoop dat je hier wat mee kan.

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.