Startpagina: about: blank

Willem

22-05-2012 03:48

Beste lezers en deskundigen,
Mijn antivirusprogramma: Bitdefender gaf aan dat er wat rommel en een trojan op de pc zaten en niet alles weg verwijderen.
Dit alles nadat ik wat backups op dvd van vroeger op de E schijf had gezet.
Ik heb met div programma s gescand, waarvan adaware 17 problemen vond en er 16 heeft kunnen fixen, spybot heeft 1 probleem gefixt, en ik bemerk eigenlijk geen probleem op de computer behalve dan dat de startpagina iedere keer veranderd in "about: blank.
Het maakt niet uit hoe vaak ik mijn startpagina weer opnieuw instel op “google.nl” iedere keer als ik de internetbrowser afsluit en weer opnieuw opstart komt er weer about: blank te staan. Ik ben nog niet in paniek, maar heb wel het idee dat dit niet klopt. Voor de zekerheid een hijackthislog gemaakt en nu maar afwachten of iemand van jullie mij uit mijn lijden kan verlossen.
Mvg,
Willem
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:47:04, on 22-5-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Bitdefender\Bitdefender 2012\antispam32\bdimguiaux.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
C:\Users\Willem\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: “C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Smart File Advisor\sfa.exe” /checkassoc
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG Secure Search\vprot.exe”
O4 - HKLM\..\Run: “C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe”
O4 - HKLM\..\RunOnce: %WINDIR%\SMINST\VistaLauncher.exe
O4 - HKCU\..\Run: “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: “C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-21-4143939538-3833764649-2899497851-1004\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-4143939538-3833764649-2899497851-1004\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra ‘Tools’ menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.myheritage.com/FP/ImageUploader/ImageUploader5.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 14700 bytes
Ben

22-05-2012 08:55

Hallo Willem,
Doe de volgende stappen;
1. Je heb een aantal virusscanners op je pc:
AVG
Bitdefender 2012
Verwijder de gene die je niet gebruikt.
Verwijder de volgende programma’s weer want die vertragen je pc.
2. Klik op Start > (Instellingen) > Configuratiescherm > Een programma verwijderen:
Adaware
Spybot-S&D
3. Plaats Hijackthis eerst nog even in een eigen map. B.v in C:\Hijack This. HijackThis maakt namelijk backups en misschien heb je deze in de toekomst nog nodig.
Start HijackThis;
Klik met de rechtermuis op het programma Hijackthis en kies voor “Uitvoeren als Administrator”
Kies voor ‘Do a system scan only’.
Selecteer alle regels die hier onder staan.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
Sluit alle open vensters(behalve HijackThis), klik daarna op Fix checked en bevestig het door in het volgende scherm op Ja te klikken.
4.Herstart je pc.
5. Download MalwareBytes' Anti-Malware en sla het op je bureaublad op.
Dubbelklik op mbam-setup.exe om het programma te installeren.
Zorg dat er na de installatie een vinkje is geplaatst bij:
• Update MalwareBytes' Anti-Malware
• Start MalwareBytes' Anti-Malware
Klik daarna op “Voltooien”.
Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.
Er zal een pupup vensterje komen met de vraag of je MBAM wil evalueren.
Klik hier op “Weigeren”.
• Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
• Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
• Ga daarna naar het tabblad "Scanner“, kies hier voor ”Snelle Scan".
• Druk vervolgens op "Scannen" om de scan te starten.
• Het scannen kan een tijdje duren, dus wees geduldig.
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.
6. Plaats hierna het Mbam en een nieuw HijackThis logje.
Gr.Ben
Antivirusprikbord
Willem

23-05-2012 00:52

Hallo Ben,
Het is net even iets anders gegaan als jij van mij vraagt te doen. Na het plaatsen van mijn topic ben ik op eigen houtje doorgegaan met zoeken naar een oplossing, misschien niet al te slim, maar ik gokte het er maar op. ik heb immers een backup klaar liggen voor als het echt helemaal fout zou gaan.
Om te beginnen heb ik het paardenmiddel Combofix gedownload en zijn werk laten doen. Combofix heeft het een en ander gevonden en verwijderd.
Hierna leek het even of mijn pc het helemaal niet meer deed. kon internet niet opstarten en ook mijn emailprogramma niet. ben ik maar naar bed gegaan. Vandaag pc weer opgestart en alles deed het weer prima, stap 1 en 2 uitgevoerd daarna mbam gedownload en ook een probeerversie van Gdata antivirus. Gdata vond inderdaad 3 virussen op de E schijf en die zijn inmiddels verwijderd. Daarna opnieuw een scan en pc weer schoon. Heb ook mbam zijn werk laten doen en zal hieronder van zowel mbam als hijackthis een logfile plaatsen. Ik denk dat de boel er al een heel stuk beter uitziet, maar die beoordeling laat ik liever aan jou over.
Groeten, Willem.
log van Mbam:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Databaseversie: v2012.05.22.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Willem :: WILLEM-PC
23-5-2012 0:37:42
mbam-log-2012-05-23 (00-37-42).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 244589
Verstreken tijd: 4 minuut/minuten, 25 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
en log van hijackthis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:29:29, on 23-5-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Users\Willem\Desktop\hijackthismap\HijackThis.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\SysWOW64\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: “C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Smart File Advisor\sfa.exe” /checkassoc
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG Secure Search\vprot.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
O4 - HKLM\..\RunOnce: %WINDIR%\SMINST\VistaLauncher.exe
O4 - HKCU\..\Run: “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-21-4143939538-3833764649-2899497851-1004\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-4143939538-3833764649-2899497851-1004\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra ‘Tools’ menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.myheritage.com/FP/ImageUploader/ImageUploader5.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 13809 bytes
Ben

23-05-2012 08:01

Hallo Willem,
Het is en blijft jou pc, dus je bent vrij met wat je er mee doet.
Maar het is en blijft belangrijk dat je een soort stappen plan volgt voordat je een Tool zoals bv. Combofix gaat gebruiken.
Combofix is geen redmiddel zoals veel mensen denken en na ComboFix moet er meestal nog wat gebeuren.
Verwijder als je Gdata blijft gebruiken AVG want twee virusscanner werken elkaar tegen.
In je HijackThis logje zie ik niks ergs meer.
Als je het Combofix logje nog heb plaats dat dan nog even dan kan ik die nog even bekijken!
Gr.Ben
http://members.home.nl/karin11/Avatars/Dieren/14.JPG
Antivirusprikbord
Willem

23-05-2012 15:35

Hoi, mijn antivirusprogramma heeft bovengenoemde site geblokkeerd ivm een virus… Moet toch niet gekker worden.
Ik heb nu een veilige site gezocht waar ik mijn logfile kon uploaden te weten: http://www.mijnbestand.nl/Bestand-R7JVIIRIAMAP.txt
Groeten,
Willem
Ben

23-05-2012 16:27

Hallo Willem,
(Dit bedoel ik nou )
* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op, maar start deze nog niet.
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
Open Kladblok.
Kopieer en plak het volgende (vetgedrukte, blauwe tekst) in een leeg venster:
Dirlook::
C:\Windows\System32\%APPDATA%
Sla dit op op je Bureaublad als CFScript.txt.
Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :
Dit zal ComboFix doen herstarten.
Na het herstarten van je computer, (indien het vraagt om te herstarten), kopieer en plak de inhoud van Combofix.txt in je volgende antwoord.
Desnoods in 2 delen.
Welke virusscanner behoud je nou? (zie geen actiefe)
Gr.Ben
Antivirusprikbord.nl
Willem

23-05-2012 23:45

Hallo Ben, ik heb je stappen opgevolgt, het is weer zo n enorm grote log, daarom toch maar even geupload, hoop niet dat je het erg vind.
Groeten,
Willem
http://www.mijnbestand.nl/Bestand-SU3848P6YOQD.txt
Hier wel een hijackthislog van zojuist:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:44:47, on 23-5-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Willem\Desktop\hijackthismap\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Smart File Advisor\sfa.exe” /checkassoc
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG Secure Search\vprot.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
O4 - HKLM\..\RunOnce: %WINDIR%\SMINST\VistaLauncher.exe
O4 - HKCU\..\Run: “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: “C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKUS\S-1-5-21-4143939538-3833764649-2899497851-1004\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-4143939538-3833764649-2899497851-1004\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra ‘Tools’ menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.myheritage.com/FP/ImageUploader/ImageUploader5.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 14076 bytes
Ben

24-05-2012 09:50

Hallo Willem,
Open kladblok.
Kopieer onderstaande (vetgedrukte, blauwe tekst) in het venster van kladblok.
@ECHO OFF
attrib -r -s -h “C:\WINDOWS\system32\%%APPDA~1\*” /S /D
attrib -r -s -h “C:\WINDOWS\system32\%%APPDA~1” /S /D
ren “C:\WINDOWS\system32\%%APPDA~1” appdata
RD /S /Q C:\WINDOWS\system32\appdata
Kies voor opslaan als: fix.bat op je bureaublad.
Opslaan als bestandstype: Alle bestanden
Rechtsklik Fix.bat en kies voor "Uitvoeren als administrator".
Plaats dit gemaakte logje straks in je antwoord.
Het volgende programma kan ernstige schade toebrengen wanneer je hem niet goed gebruikt.
Lees daarom de instructies grondig door.
Download TDSSKiller en sla het op je Bureaublad op.
• Pak de bestanden in tdsskiller.zip uit.
• Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
Windows 7 en Windows Vista gebruikers:
Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.
Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.
• Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op je Bureaublad op.
• Start TDSSkiller opnieuw.
• Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.
•
• Klik op de knop "Start Scan" en volg de instructies.
Note!
Als er "Threats" gevonden worden volgt er automatisch een vervolgscherm na de scan.
Bij een "Fail signature" melding hoef je geen actie te ondernemen.( Gebruik Skip.)
Standaard wordt bij een "Suspicious object" Skip ingevuld. Laat deze actie zo staan. Eventueel zeggen we later wat je hiermee moet doen.
Bij een "Malicious object" wordt er automatisch de actie Cure of Delete ingevuld.
Kies hierbij altijd voor Cure. Wanneer dit niet mogelijk is, selecteer dan Skip.
Alleen bij een "TDSS File System" kies je voor Delete als Cure niet mogelijk is.
Als je niet weet wat in te vullen, gebruik dan Skip en wacht even op wat we adviseren, voordat je iets Delete.
Klik nu op Continue om verder te gaan.
• Wanneer de scan klaar is klik je op de knop "Report".
• Er opent een kladblokbestand. Post de inhoud van dit bestand.
Herstart de pc als TDSSKiller die optie geeft. (Reboot now)
Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.___log.txt
Plaat nu de gemaakte logjes.
Gr.Ben
Antivirusprikbord.nl
Willem

24-05-2012 11:52

Hallo Ben,
Wat is er toch allemaal aan de hand in mijn computer? ik gebruik nu trouwens Gdata antivirus, weet niet waarom je dat niet terug kan vinden, hij staat gewoon aan en geeft aan dat alles in orde is. Ik heb je stappen weer opgevolgt waarvan hieronder het rapport.
Gr Willem
11:44:27.0017 3112 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
11:44:27.0204 3112 ============================================================
11:44:27.0204 3112 Current date / time: 2012/05/24 11:44:27.0204
11:44:27.0204 3112 SystemInfo:
11:44:27.0204 3112
11:44:27.0204 3112 OS Version: 6.1.7601 ServicePack: 1.0
11:44:27.0204 3112 Product type: Workstation
11:44:27.0204 3112 ComputerName: WILLEM-PC
11:44:27.0204 3112 UserName: Willem
11:44:27.0204 3112 Windows directory: C:\Windows
11:44:27.0204 3112 System windows directory: C:\Windows
11:44:27.0204 3112 Running under WOW64
11:44:27.0204 3112 Processor architecture: Intel x64
11:44:27.0204 3112 Number of processors: 4
11:44:27.0204 3112 Page size: 0x1000
11:44:27.0204 3112 Boot type: Normal boot
11:44:27.0204 3112 ============================================================
11:44:28.0109 3112 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000040
11:44:28.0125 3112 ============================================================
11:44:28.0125 3112 \Device\Harddisk0\DR0:
11:44:28.0125 3112 MBR partitions:
11:44:28.0125 3112 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23E86000
11:44:28.0125 3112 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23E86800, BlocksNum 0x1979800
11:44:28.0125 3112 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x25800800, BlocksNum 0x44400000
11:44:28.0156 3112 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x69C01000, BlocksNum 0x44E86000
11:44:28.0156 3112 ============================================================
11:44:28.0172 3112 C: <-> \Device\Harddisk0\DR0\Partition0
11:44:28.0203 3112 D: <-> \Device\Harddisk0\DR0\Partition2
11:44:28.0250 3112 E: <-> \Device\Harddisk0\DR0\Partition3
11:44:28.0265 3112 F: <-> \Device\Harddisk0\DR0\Partition1
11:44:28.0265 3112 ============================================================
11:44:28.0265 3112 Initialize success
11:44:28.0265 3112 ============================================================
11:44:35.0254 5288 ============================================================
11:44:35.0254 5288 Scan started
11:44:35.0254 5288 Mode: Manual; SigCheck; TDLFS;
11:44:35.0254 5288 ============================================================
11:44:35.0800 5288 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:44:35.0862 5288 1394ohci - ok
11:44:35.0894 5288 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:44:35.0894 5288 ACPI - ok
11:44:35.0909 5288 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:44:35.0925 5288 AcpiPmi - ok
11:44:35.0987 5288 AdobeActiveFileMonitor10.0 (047bd1eb681453a7fe492a71802ac9f3) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
11:44:36.0003 5288 AdobeActiveFileMonitor10.0 - ok
11:44:36.0081 5288 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:44:36.0096 5288 AdobeARMservice - ok
11:44:36.0206 5288 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:44:36.0221 5288 AdobeFlashPlayerUpdateSvc - ok
11:44:36.0252 5288 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:44:36.0268 5288 adp94xx - ok
11:44:36.0284 5288 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:44:36.0299 5288 adpahci - ok
11:44:36.0315 5288 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:44:36.0330 5288 adpu320 - ok
11:44:36.0346 5288 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:44:36.0377 5288 AeLookupSvc - ok
11:44:36.0424 5288 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:44:36.0440 5288 AFD - ok
11:44:36.0471 5288 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:44:36.0486 5288 agp440 - ok
11:44:36.0502 5288 aksdf (89cd44c10d9b4d87725ff07f18a5702f) C:\Windows\system32\drivers\aksdf.sys
11:44:36.0518 5288 aksdf - ok
11:44:36.0533 5288 aksfridge (ba0b6fd78ae88d39b9d3d984f295a137) C:\Windows\system32\drivers\aksfridge.sys
11:44:36.0549 5288 aksfridge - ok
11:44:36.0564 5288 akshasp (0b51c78fa897482730f226e833873f7a) C:\Windows\system32\DRIVERS\akshasp.sys
11:44:36.0580 5288 akshasp - ok
11:44:36.0596 5288 aksusb (884503ead99e5c16bf99c91ea7f2071d) C:\Windows\system32\DRIVERS\aksusb.sys
11:44:36.0611 5288 aksusb - ok
11:44:36.0627 5288 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:44:36.0642 5288 ALG - ok
11:44:36.0658 5288 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:44:36.0674 5288 aliide - ok
11:44:36.0705 5288 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:44:36.0720 5288 amdide - ok
11:44:36.0752 5288 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:44:36.0767 5288 AmdK8 - ok
11:44:36.0783 5288 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:44:36.0798 5288 AmdPPM - ok
11:44:36.0814 5288 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:44:36.0830 5288 amdsata - ok
11:44:36.0845 5288 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:44:36.0845 5288 amdsbs - ok
11:44:36.0861 5288 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:44:36.0876 5288 amdxata - ok
11:44:36.0908 5288 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
11:44:36.0923 5288 androidusb - ok
11:44:36.0954 5288 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:44:36.0986 5288 AppID - ok
11:44:37.0001 5288 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:44:37.0032 5288 AppIDSvc - ok
11:44:37.0064 5288 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:44:37.0079 5288 Appinfo - ok
11:44:37.0110 5288 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:44:37.0126 5288 arc - ok
11:44:37.0142 5288 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:44:37.0142 5288 arcsas - ok
11:44:37.0157 5288 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:44:37.0188 5288 AsyncMac - ok
11:44:37.0204 5288 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:44:37.0220 5288 atapi - ok
11:44:37.0266 5288 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:44:37.0313 5288 AudioEndpointBuilder - ok
11:44:37.0313 5288 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:44:37.0344 5288 AudioSrv - ok
11:44:37.0454 5288 AVKProxy (bf3b991e0e22f9e6a82ccf6512cb51d0) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
11:44:37.0485 5288 AVKProxy - ok
11:44:37.0516 5288 AVKService (29da2d5958b352022a1bb5ce6fdb427c) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
11:44:37.0547 5288 AVKService - ok
11:44:37.0610 5288 AVKWCtl (bd66948f382d077ac9833b6414d1f06e) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe
11:44:37.0641 5288 AVKWCtl - ok
11:44:37.0734 5288 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:44:37.0766 5288 AxInstSV - ok
11:44:37.0812 5288 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:44:37.0828 5288 b06bdrv - ok
11:44:37.0844 5288 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:44:37.0859 5288 b57nd60a - ok
11:44:37.0906 5288 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:44:37.0937 5288 BDESVC - ok
11:44:37.0953 5288 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:44:37.0984 5288 Beep - ok
11:44:38.0062 5288 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:44:38.0109 5288 BFE - ok
11:44:38.0156 5288 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
11:44:38.0202 5288 BITS - ok
11:44:38.0218 5288 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:44:38.0234 5288 blbdrive - ok
11:44:38.0249 5288 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:44:38.0265 5288 bowser - ok
11:44:38.0265 5288 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:44:38.0280 5288 BrFiltLo - ok
11:44:38.0296 5288 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:44:38.0312 5288 BrFiltUp - ok
11:44:38.0327 5288 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:44:38.0374 5288 BridgeMP - ok
11:44:38.0405 5288 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:44:38.0421 5288 Browser - ok
11:44:38.0436 5288 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:44:38.0452 5288 Brserid - ok
11:44:38.0468 5288 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:44:38.0483 5288 BrSerWdm - ok
11:44:38.0483 5288 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:44:38.0499 5288 BrUsbMdm - ok
11:44:38.0499 5288 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:44:38.0514 5288 BrUsbSer - ok
11:44:38.0546 5288 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
11:44:38.0561 5288 BthEnum - ok
11:44:38.0577 5288 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:44:38.0592 5288 BTHMODEM - ok
11:44:38.0592 5288 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
11:44:38.0608 5288 BthPan - ok
11:44:38.0639 5288 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
11:44:38.0655 5288 BTHPORT - ok
11:44:38.0670 5288 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:44:38.0702 5288 bthserv - ok
11:44:38.0717 5288 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
11:44:38.0717 5288 BTHUSB - ok
11:44:38.0748 5288 catchme - ok
11:44:38.0764 5288 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:44:38.0795 5288 cdfs - ok
11:44:38.0842 5288 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:44:38.0858 5288 cdrom - ok
11:44:38.0904 5288 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:44:38.0936 5288 CertPropSvc - ok
11:44:38.0951 5288 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:44:38.0951 5288 circlass - ok
11:44:38.0998 5288 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:44:39.0029 5288 CLFS - ok
11:44:39.0092 5288 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:44:39.0107 5288 clr_optimization_v2.0.50727_32 - ok
11:44:39.0138 5288 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:44:39.0154 5288 clr_optimization_v2.0.50727_64 - ok
11:44:39.0216 5288 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:44:39.0232 5288 clr_optimization_v4.0.30319_32 - ok
11:44:39.0263 5288 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:44:39.0279 5288 clr_optimization_v4.0.30319_64 - ok
11:44:39.0294 5288 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:44:39.0310 5288 CmBatt - ok
11:44:39.0326 5288 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:44:39.0341 5288 cmdide - ok
11:44:39.0357 5288 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:44:39.0388 5288 CNG - ok
11:44:39.0404 5288 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:44:39.0404 5288 Compbatt - ok
11:44:39.0435 5288 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:44:39.0450 5288 CompositeBus - ok
11:44:39.0450 5288 COMSysApp - ok
11:44:39.0513 5288 cpuz134 (17719a7f571d4cd08223f0b30f71b8b8) C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys
11:44:39.0528 5288 cpuz134 - ok
11:44:39.0528 5288 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:44:39.0544 5288 crcdisk - ok
11:44:39.0575 5288 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
11:44:39.0622 5288 CryptSvc - ok
11:44:39.0669 5288 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:44:39.0716 5288 DcomLaunch - ok
11:44:39.0731 5288 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:44:39.0778 5288 defragsvc - ok
11:44:39.0809 5288 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:44:39.0840 5288 DfsC - ok
11:44:39.0887 5288 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:44:39.0934 5288 Dhcp - ok
11:44:39.0934 5288 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:44:39.0965 5288 discache - ok
11:44:39.0981 5288 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:44:39.0996 5288 Disk - ok
11:44:40.0028 5288 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:44:40.0028 5288 Dnscache - ok
11:44:40.0074 5288 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:44:40.0137 5288 dot3svc - ok
11:44:40.0168 5288 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:44:40.0199 5288 DPS - ok
11:44:40.0215 5288 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:44:40.0230 5288 drmkaud - ok
11:44:40.0293 5288 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:44:40.0324 5288 DXGKrnl - ok
11:44:40.0340 5288 e1kexpress (04dddea79b9e616f50b9132752f656fc) C:\Windows\system32\DRIVERS\e1k62x64.sys
11:44:40.0355 5288 e1kexpress - ok
11:44:40.0386 5288 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:44:40.0418 5288 EapHost - ok
11:44:40.0511 5288 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:44:40.0558 5288 ebdrv - ok
11:44:40.0636 5288 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:44:40.0652 5288 EFS - ok
11:44:40.0730 5288 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:44:40.0761 5288 ehRecvr - ok
11:44:40.0776 5288 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:44:40.0792 5288 ehSched - ok
11:44:40.0854 5288 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:44:40.0870 5288 elxstor - ok
11:44:40.0886 5288 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:44:40.0901 5288 ErrDev - ok
11:44:40.0932 5288 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:44:40.0964 5288 EventSystem - ok
11:44:40.0979 5288 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:44:41.0010 5288 exfat - ok
11:44:41.0026 5288 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:44:41.0057 5288 fastfat - ok
11:44:41.0104 5288 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:44:41.0120 5288 Fax - ok
11:44:41.0135 5288 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:44:41.0151 5288 fdc - ok
11:44:41.0166 5288 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:44:41.0198 5288 fdPHost - ok
11:44:41.0213 5288 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:44:41.0229 5288 FDResPub - ok
11:44:41.0244 5288 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:44:41.0244 5288 FileInfo - ok
11:44:41.0260 5288 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:44:41.0291 5288 Filetrace - ok
11:44:41.0307 5288 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:44:41.0322 5288 flpydisk - ok
11:44:41.0354 5288 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:44:41.0369 5288 FltMgr - ok
11:44:41.0416 5288 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:44:41.0432 5288 FontCache - ok
11:44:41.0494 5288 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:44:41.0510 5288 FontCache3.0.0.0 - ok
11:44:41.0541 5288 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:44:41.0556 5288 FsDepends - ok
11:44:41.0572 5288 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:44:41.0588 5288 Fs_Rec - ok
11:44:41.0634 5288 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:44:41.0666 5288 fvevol - ok
11:44:41.0666 5288 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:44:41.0681 5288 gagp30kx - ok
11:44:41.0728 5288 GDBehave (116f4672a804da33e1159c005ae88b9c) C:\Windows\system32\drivers\GDBehave.sys
11:44:41.0744 5288 GDBehave - ok
11:44:41.0775 5288 GDMnIcpt (e02ac68f1fc31d38ead729e00bd68c93) C:\Windows\system32\drivers\MiniIcpt.sys
11:44:41.0806 5288 GDMnIcpt - ok
11:44:41.0822 5288 GDPkIcpt (290ddb8c97249f99569b77e9df2f76fc) C:\Windows\system32\drivers\PktIcpt.sys
11:44:41.0837 5288 GDPkIcpt - ok
11:44:41.0931 5288 GDScan (b7d4df09a86a5dc98f74a2fa2875c154) C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
11:44:41.0962 5288 GDScan - ok
11:44:41.0962 5288 gdwfpcd (e64c471dbd91adeb0b4c78c204326ecd) C:\Windows\system32\drivers\gdwfpcd64.sys
11:44:41.0978 5288 gdwfpcd - ok
11:44:41.0993 5288 GearAspiWDM (7508fcfb8d93556213f530dffaedec45) C:\Windows\system32\drivers\GEARAspiWDM.sys
11:44:42.0009 5288 GearAspiWDM - ok
11:44:42.0071 5288 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:44:42.0102 5288 gpsvc - ok
11:44:42.0118 5288 GRD (9580cbf03d2ee08bd1c0d701aae4092a) C:\Windows\system32\drivers\GRD.sys
11:44:42.0134 5288 GRD - ok
11:44:42.0165 5288 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:44:42.0180 5288 gupdate - ok
11:44:42.0180 5288 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:44:42.0180 5288 gupdatem - ok
11:44:42.0227 5288 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:44:42.0243 5288 gusvc - ok
11:44:42.0258 5288 hardlock (d8bf3c594bd17a37960362e6c6739b90) C:\Windows\system32\drivers\hardlock.sys
11:44:42.0274 5288 hardlock - ok
11:44:42.0274 5288 hasplms - ok
11:44:42.0290 5288 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:44:42.0305 5288 hcw85cir - ok
11:44:42.0336 5288 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:44:42.0352 5288 HdAudAddService - ok
11:44:42.0368 5288 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:44:42.0383 5288 HDAudBus - ok
11:44:42.0399 5288 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:44:42.0414 5288 HidBatt - ok
11:44:42.0430 5288 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:44:42.0446 5288 HidBth - ok
11:44:42.0461 5288 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:44:42.0477 5288 HidIr - ok
11:44:42.0492 5288 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
11:44:42.0524 5288 hidserv - ok
11:44:42.0539 5288 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:44:42.0555 5288 HidUsb - ok
11:44:42.0586 5288 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:44:42.0617 5288 hkmsvc - ok
11:44:42.0633 5288 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:44:42.0648 5288 HomeGroupListener - ok
11:44:42.0680 5288 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:44:42.0695 5288 HomeGroupProvider - ok
11:44:42.0726 5288 HookCentre (3cd18f0b3681fb267e67763cc3152d4e) C:\Windows\system32\drivers\HookCentre.sys
11:44:42.0726 5288 HookCentre - ok
11:44:42.0758 5288 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:44:42.0758 5288 HpSAMD - ok
11:44:42.0820 5288 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:44:42.0867 5288 HTTP - ok
11:44:42.0867 5288 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:44:42.0882 5288 hwpolicy - ok
11:44:42.0914 5288 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:44:42.0914 5288 i8042prt - ok
11:44:42.0960 5288 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:44:42.0992 5288 iaStorV - ok
11:44:43.0054 5288 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:44:43.0054 5288 IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:44:43.0054 5288 IDriverT - detected UnsignedFile.Multi.Generic (1)
11:44:43.0116 5288 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:44:43.0148 5288 idsvc - ok
11:44:43.0210 5288 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:44:43.0226 5288 iirsp - ok
11:44:43.0272 5288 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:44:43.0319 5288 IKEEXT - ok
11:44:43.0397 5288 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys
11:44:43.0444 5288 IntcAzAudAddService - ok
11:44:43.0506 5288 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:44:43.0506 5288 intelide - ok
11:44:43.0538 5288 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:44:43.0553 5288 intelppm - ok
11:44:43.0584 5288 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:44:43.0616 5288 IPBusEnum - ok
11:44:43.0662 5288 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:44:43.0694 5288 IpFilterDriver - ok
11:44:43.0725 5288 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:44:43.0756 5288 iphlpsvc - ok
11:44:43.0772 5288 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:44:43.0787 5288 IPMIDRV - ok
11:44:43.0803 5288 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:44:43.0834 5288 IPNAT - ok
11:44:43.0850 5288 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:44:43.0865 5288 IRENUM - ok
11:44:43.0881 5288 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:44:43.0896 5288 isapnp - ok
11:44:43.0912 5288 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:44:43.0928 5288 iScsiPrt - ok
11:44:43.0943 5288 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:44:43.0959 5288 kbdclass - ok
11:44:43.0974 5288 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:44:43.0990 5288 kbdhid - ok
11:44:44.0021 5288 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:44:44.0037 5288 KeyIso - ok
11:44:44.0052 5288 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:44:44.0068 5288 KSecDD - ok
11:44:44.0099 5288 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:44:44.0115 5288 KSecPkg - ok
11:44:44.0115 5288 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:44:44.0146 5288 ksthunk - ok
11:44:44.0177 5288 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:44:44.0224 5288 KtmRm - ok
11:44:44.0255 5288 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
11:44:44.0302 5288 LanmanServer - ok
11:44:44.0333 5288 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:44:44.0364 5288 LanmanWorkstation - ok
11:44:44.0396 5288 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:44:44.0427 5288 lltdio - ok
11:44:44.0442 5288 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:44:44.0474 5288 lltdsvc - ok
11:44:44.0474 5288 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:44:44.0505 5288 lmhosts - ok
11:44:44.0536 5288 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:44:44.0536 5288 LSI_FC - ok
11:44:44.0552 5288 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:44:44.0567 5288 LSI_SAS - ok
11:44:44.0583 5288 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:44:44.0583 5288 LSI_SAS2 - ok
11:44:44.0598 5288 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:44:44.0614 5288 LSI_SCSI - ok
11:44:44.0614 5288 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:44:44.0661 5288 luafv - ok
11:44:44.0723 5288 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
11:44:44.0739 5288 McciCMService ( UnsignedFile.Multi.Generic ) - warning
11:44:44.0739 5288 McciCMService - detected UnsignedFile.Multi.Generic (1)
11:44:44.0786 5288 McciCMService64 (be3d584d7c021eb7d89166eecb83c341) C:\Program Files\Common Files\Motive\McciCMService.exe
11:44:44.0801 5288 McciCMService64 ( UnsignedFile.Multi.Generic ) - warning
11:44:44.0801 5288 McciCMService64 - detected UnsignedFile.Multi.Generic (1)
11:44:44.0848 5288 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:44:44.0864 5288 Mcx2Svc - ok
11:44:44.0879 5288 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:44:44.0895 5288 megasas - ok
11:44:44.0910 5288 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:44:44.0926 5288 MegaSR - ok
11:44:44.0942 5288 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:44:44.0957 5288 MMCSS - ok
11:44:44.0973 5288 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:44:45.0004 5288 Modem - ok
11:44:45.0020 5288 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:44:45.0035 5288 monitor - ok
11:44:45.0051 5288 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
11:44:45.0066 5288 mouclass - ok
11:44:45.0066 5288 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:44:45.0082 5288 mouhid - ok
11:44:45.0113 5288 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:44:45.0113 5288 mountmgr - ok
11:44:45.0129 5288 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:44:45.0144 5288 mpio - ok
11:44:45.0160 5288 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:44:45.0176 5288 mpsdrv - ok
11:44:45.0222 5288 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:44:45.0269 5288 MpsSvc - ok
11:44:45.0363 5288 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
11:44:45.0363 5288 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
11:44:45.0363 5288 MREMP50 - detected UnsignedFile.Multi.Generic (1)
11:44:45.0394 5288 MREMP50a64 - ok
11:44:45.0394 5288 MREMPR5 - ok
11:44:45.0394 5288 MRENDIS5 - ok
11:44:45.0410 5288 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
11:44:45.0410 5288 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
11:44:45.0410 5288 MRESP50 - detected UnsignedFile.Multi.Generic (1)
11:44:45.0410 5288 MRESP50a64 - ok
11:44:45.0456 5288 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:44:45.0488 5288 MRxDAV - ok
11:44:45.0503 5288 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:44:45.0534 5288 mrxsmb - ok
11:44:45.0550 5288 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:44:45.0566 5288 mrxsmb10 - ok
11:44:45.0581 5288 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:44:45.0597 5288 mrxsmb20 - ok
Willem

24-05-2012 11:53

DEEL 2
11:44:45.0612 5288 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:44:45.0628 5288 msahci - ok
11:44:45.0644 5288 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:44:45.0659 5288 msdsm - ok
11:44:45.0675 5288 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:44:45.0690 5288 MSDTC - ok
11:44:45.0706 5288 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:44:45.0737 5288 Msfs - ok
11:44:45.0753 5288 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:44:45.0784 5288 mshidkmdf - ok
11:44:45.0784 5288 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:44:45.0800 5288 msisadrv - ok
11:44:45.0815 5288 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:44:45.0846 5288 MSiSCSI - ok
11:44:45.0846 5288 msiserver - ok
11:44:45.0862 5288 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:44:45.0893 5288 MSKSSRV - ok
11:44:45.0893 5288 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:44:45.0924 5288 MSPCLOCK - ok
11:44:45.0924 5288 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:44:45.0956 5288 MSPQM - ok
11:44:45.0971 5288 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:44:45.0987 5288 MsRPC - ok
11:44:46.0002 5288 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:44:46.0018 5288 mssmbios - ok
11:44:46.0018 5288 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:44:46.0049 5288 MSTEE - ok
11:44:46.0049 5288 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:44:46.0065 5288 MTConfig - ok
11:44:46.0096 5288 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:44:46.0112 5288 Mup - ok
11:44:46.0143 5288 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:44:46.0190 5288 napagent - ok
11:44:46.0205 5288 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:44:46.0236 5288 NativeWifiP - ok
11:44:46.0268 5288 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:44:46.0283 5288 NDIS - ok
11:44:46.0299 5288 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:44:46.0330 5288 NdisCap - ok
11:44:46.0346 5288 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:44:46.0377 5288 NdisTapi - ok
11:44:46.0408 5288 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:44:46.0439 5288 Ndisuio - ok
11:44:46.0470 5288 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:44:46.0502 5288 NdisWan - ok
11:44:46.0548 5288 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:44:46.0595 5288 NDProxy - ok
11:44:46.0611 5288 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:44:46.0626 5288 NetBIOS - ok
11:44:46.0658 5288 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:44:46.0704 5288 NetBT - ok
11:44:46.0720 5288 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:44:46.0720 5288 Netlogon - ok
11:44:46.0751 5288 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:44:46.0798 5288 Netman - ok
11:44:46.0814 5288 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:44:46.0860 5288 netprofm - ok
11:44:46.0907 5288 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:44:46.0938 5288 NetTcpPortSharing - ok
11:44:46.0954 5288 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:44:46.0970 5288 nfrd960 - ok
11:44:47.0016 5288 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:44:47.0063 5288 NlaSvc - ok
11:44:47.0079 5288 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:44:47.0094 5288 Npfs - ok
11:44:47.0126 5288 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:44:47.0157 5288 nsi - ok
11:44:47.0157 5288 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:44:47.0188 5288 nsiproxy - ok
11:44:47.0250 5288 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:44:47.0282 5288 Ntfs - ok
11:44:47.0344 5288 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:44:47.0391 5288 Null - ok
11:44:47.0796 5288 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:44:47.0984 5288 nvlddmkm - ok
11:44:48.0030 5288 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:44:48.0046 5288 nvraid - ok
11:44:48.0062 5288 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:44:48.0077 5288 nvstor - ok
11:44:48.0124 5288 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
11:44:48.0155 5288 nvsvc - ok
11:44:48.0264 5288 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:44:48.0296 5288 nvUpdatusService - ok
11:44:48.0358 5288 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:44:48.0374 5288 nv_agp - ok
11:44:48.0389 5288 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:44:48.0389 5288 ohci1394 - ok
11:44:48.0420 5288 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:44:48.0436 5288 p2pimsvc - ok
11:44:48.0452 5288 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:44:48.0483 5288 p2psvc - ok
11:44:48.0498 5288 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:44:48.0514 5288 Parport - ok
11:44:48.0530 5288 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:44:48.0545 5288 partmgr - ok
11:44:48.0561 5288 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:44:48.0576 5288 PcaSvc - ok
11:44:48.0592 5288 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:44:48.0608 5288 pci - ok
11:44:48.0608 5288 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:44:48.0623 5288 pciide - ok
11:44:48.0639 5288 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:44:48.0654 5288 pcmcia - ok
11:44:48.0686 5288 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:44:48.0686 5288 pcw - ok
11:44:48.0732 5288 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:44:48.0764 5288 PEAUTH - ok
11:44:48.0873 5288 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:44:48.0888 5288 PerfHost - ok
11:44:49.0044 5288 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:44:49.0076 5288 pla - ok
11:44:49.0122 5288 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:44:49.0138 5288 PlugPlay - ok
11:44:49.0154 5288 PnkBstrA - ok
11:44:49.0154 5288 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:44:49.0169 5288 PNRPAutoReg - ok
11:44:49.0200 5288 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:44:49.0216 5288 PNRPsvc - ok
11:44:49.0247 5288 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:44:49.0294 5288 PolicyAgent - ok
11:44:49.0325 5288 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:44:49.0356 5288 Power - ok
11:44:49.0419 5288 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:44:49.0466 5288 PptpMiniport - ok
11:44:49.0481 5288 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:44:49.0481 5288 Processor - ok
11:44:49.0497 5288 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
11:44:49.0528 5288 ProfSvc - ok
11:44:49.0544 5288 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:44:49.0559 5288 ProtectedStorage - ok
11:44:49.0606 5288 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:44:49.0637 5288 Psched - ok
11:44:49.0715 5288 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
11:44:49.0731 5288 PSI_SVC_2 - ok
11:44:49.0746 5288 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
11:44:49.0778 5288 PxHlpa64 - ok
11:44:49.0840 5288 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:44:49.0871 5288 ql2300 - ok
11:44:49.0934 5288 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:44:49.0949 5288 ql40xx - ok
11:44:49.0980 5288 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:44:49.0996 5288 QWAVE - ok
11:44:50.0012 5288 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:44:50.0027 5288 QWAVEdrv - ok
11:44:50.0027 5288 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:44:50.0058 5288 RasAcd - ok
11:44:50.0090 5288 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:44:50.0121 5288 RasAgileVpn - ok
11:44:50.0121 5288 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:44:50.0152 5288 RasAuto - ok
11:44:50.0168 5288 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:44:50.0199 5288 Rasl2tp - ok
11:44:50.0214 5288 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:44:50.0246 5288 RasMan - ok
11:44:50.0261 5288 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:44:50.0292 5288 RasPppoe - ok
11:44:50.0292 5288 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:44:50.0324 5288 RasSstp - ok
11:44:50.0339 5288 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:44:50.0370 5288 rdbss - ok
11:44:50.0386 5288 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:44:50.0386 5288 rdpbus - ok
11:44:50.0402 5288 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:44:50.0433 5288 RDPCDD - ok
11:44:50.0448 5288 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:44:50.0464 5288 RDPENCDD - ok
11:44:50.0480 5288 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:44:50.0495 5288 RDPREFMP - ok
11:44:50.0526 5288 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
11:44:50.0526 5288 RDPWD - ok
11:44:50.0558 5288 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:44:50.0589 5288 rdyboost - ok
11:44:50.0604 5288 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:44:50.0636 5288 RemoteAccess - ok
11:44:50.0667 5288 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:44:50.0698 5288 RemoteRegistry - ok
11:44:50.0714 5288 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
11:44:50.0729 5288 RFCOMM - ok
11:44:50.0807 5288 Roxio UPnP Renderer 9 (b7de9448bec48d129b4d4380230331c7) C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
11:44:50.0823 5288 Roxio UPnP Renderer 9 - ok
11:44:50.0854 5288 Roxio Upnp Server 9 (f6e56be903a2f51a7fb69d522193f056) C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe
11:44:50.0870 5288 Roxio Upnp Server 9 - ok
11:44:50.0901 5288 RoxLiveShare9 (2cd9000874e1687cde7d62a13915c97d) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
11:44:50.0901 5288 RoxLiveShare9 ( UnsignedFile.Multi.Generic ) - warning
11:44:50.0901 5288 RoxLiveShare9 - detected UnsignedFile.Multi.Generic (1)
11:44:50.0932 5288 RoxMediaDB9 (cfa81dc1bbf0302c3946e3262fe8f80a) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
11:44:50.0948 5288 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
11:44:50.0948 5288 RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)
11:44:50.0963 5288 RoxWatch9 (ceb110ed72d9690430dad175f93bc91b) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
11:44:50.0979 5288 RoxWatch9 ( UnsignedFile.Multi.Generic ) - warning
11:44:50.0979 5288 RoxWatch9 - detected UnsignedFile.Multi.Generic (1)
11:44:51.0057 5288 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:44:51.0104 5288 RpcEptMapper - ok
11:44:51.0135 5288 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:44:51.0135 5288 RpcLocator - ok
11:44:51.0182 5288 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:44:51.0228 5288 RpcSs - ok
11:44:51.0275 5288 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:44:51.0306 5288 rspndr - ok
11:44:51.0322 5288 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:44:51.0338 5288 RTL8167 - ok
11:44:51.0353 5288 RxFilter (2dddd6e3fadee0d89365bfb90b1beeb9) C:\Windows\system32\DRIVERS\RxFilter.sys
11:44:51.0353 5288 RxFilter ( UnsignedFile.Multi.Generic ) - warning
11:44:51.0353 5288 RxFilter - detected UnsignedFile.Multi.Generic (1)
11:44:51.0369 5288 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:44:51.0369 5288 SamSs - ok
11:44:51.0447 5288 SamsungAllShareV2.0 (328100af2efd951eab657384ec361b6f) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
11:44:51.0462 5288 SamsungAllShareV2.0 - ok
11:44:51.0478 5288 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:44:51.0494 5288 sbp2port - ok
11:44:51.0540 5288 SBRE - ok
11:44:51.0572 5288 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:44:51.0603 5288 SCardSvr - ok
11:44:51.0634 5288 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:44:51.0665 5288 scfilter - ok
11:44:51.0728 5288 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:44:51.0774 5288 Schedule - ok
11:44:51.0806 5288 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:44:51.0837 5288 SCPolicySvc - ok
11:44:51.0868 5288 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:44:51.0884 5288 SDRSVC - ok
11:44:51.0915 5288 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:44:51.0946 5288 secdrv - ok
11:44:51.0962 5288 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:44:51.0993 5288 seclogon - ok
11:44:51.0993 5288 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
11:44:52.0024 5288 SENS - ok
11:44:52.0040 5288 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:44:52.0055 5288 SensrSvc - ok
11:44:52.0071 5288 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:44:52.0086 5288 Serenum - ok
11:44:52.0102 5288 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:44:52.0118 5288 Serial - ok
11:44:52.0149 5288 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:44:52.0149 5288 sermouse - ok
11:44:52.0196 5288 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:44:52.0227 5288 SessionEnv - ok
11:44:52.0242 5288 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:44:52.0258 5288 sffdisk - ok
11:44:52.0258 5288 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:44:52.0274 5288 sffp_mmc - ok
11:44:52.0274 5288 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:44:52.0289 5288 sffp_sd - ok
11:44:52.0305 5288 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:44:52.0320 5288 sfloppy - ok
11:44:52.0336 5288 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:44:52.0383 5288 SharedAccess - ok
11:44:52.0414 5288 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:44:52.0445 5288 ShellHWDetection - ok
11:44:52.0508 5288 SimpleSlideShowServer (1980fe1f5a32067dad1d8776b63c2669) C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
11:44:52.0523 5288 SimpleSlideShowServer - ok
11:44:52.0539 5288 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:44:52.0554 5288 SiSRaid2 - ok
11:44:52.0570 5288 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:44:52.0586 5288 SiSRaid4 - ok
11:44:52.0632 5288 SkypeUpdate (8c5477eb1c03ca76cd8eb66a610a9e90) C:\Program Files (x86)\Skype\Updater\Updater.exe
11:44:52.0648 5288 SkypeUpdate - ok
11:44:52.0664 5288 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:44:52.0695 5288 Smb - ok
11:44:52.0726 5288 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:44:52.0742 5288 SNMPTRAP - ok
11:44:52.0742 5288 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:44:52.0757 5288 spldr - ok
11:44:52.0788 5288 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:44:52.0835 5288 Spooler - ok
11:44:52.0960 5288 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:44:53.0022 5288 sppsvc - ok
11:44:53.0085 5288 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:44:53.0132 5288 sppuinotify - ok
11:44:53.0194 5288 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:44:53.0210 5288 srv - ok
11:44:53.0225 5288 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:44:53.0241 5288 srv2 - ok
11:44:53.0256 5288 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:44:53.0272 5288 srvnet - ok
11:44:53.0288 5288 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
11:44:53.0303 5288 ssadbus - ok
11:44:53.0319 5288 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
11:44:53.0319 5288 ssadmdfl - ok
11:44:53.0350 5288 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
11:44:53.0366 5288 ssadmdm - ok
11:44:53.0366 5288 ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\Windows\system32\DRIVERS\ssadserd.sys
11:44:53.0381 5288 ssadserd - ok
11:44:53.0428 5288 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:44:53.0475 5288 SSDPSRV - ok
11:44:53.0490 5288 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:44:53.0506 5288 SstpSvc - ok
11:44:53.0584 5288 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:44:53.0615 5288 Stereo Service - ok
11:44:53.0631 5288 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:44:53.0646 5288 stexstor - ok
11:44:53.0693 5288 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:44:53.0724 5288 stisvc - ok
11:44:53.0756 5288 stllssvr (4173a9cd59f15a64f54b3242c3232731) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
11:44:53.0771 5288 stllssvr ( UnsignedFile.Multi.Generic ) - warning
11:44:53.0771 5288 stllssvr - detected UnsignedFile.Multi.Generic (1)
11:44:53.0787 5288 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:44:53.0802 5288 swenum - ok
11:44:53.0818 5288 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:44:53.0865 5288 swprv - ok
11:44:53.0943 5288 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:44:53.0974 5288 SysMain - ok
11:44:54.0021 5288 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:44:54.0052 5288 TabletInputService - ok
11:44:54.0114 5288 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
11:44:54.0130 5288 taphss - ok
11:44:54.0161 5288 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:44:54.0208 5288 TapiSrv - ok
11:44:54.0224 5288 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:44:54.0255 5288 TBS - ok
11:44:54.0333 5288 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:44:54.0364 5288 Tcpip - ok
11:44:54.0473 5288 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:44:54.0504 5288 TCPIP6 - ok
11:44:54.0567 5288 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:44:54.0629 5288 tcpipreg - ok
11:44:54.0645 5288 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:44:54.0645 5288 TDPIPE - ok
11:44:54.0660 5288 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:44:54.0676 5288 TDTCP - ok
11:44:54.0707 5288 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:44:54.0754 5288 tdx - ok
11:44:54.0863 5288 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
11:44:54.0910 5288 TeamViewer7 - ok
11:44:54.0957 5288 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:44:54.0972 5288 TermDD - ok
11:44:55.0004 5288 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:44:55.0035 5288 TermService - ok
11:44:55.0050 5288 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:44:55.0066 5288 Themes - ok
11:44:55.0082 5288 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:44:55.0113 5288 THREADORDER - ok
11:44:55.0128 5288 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:44:55.0160 5288 TrkWks - ok
11:44:55.0206 5288 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:44:55.0253 5288 TrustedInstaller - ok
11:44:55.0284 5288 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:44:55.0316 5288 tssecsrv - ok
11:44:55.0378 5288 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:44:55.0409 5288 TsUsbFlt - ok
11:44:55.0440 5288 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:44:55.0487 5288 tunnel - ok
11:44:55.0518 5288 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:44:55.0534 5288 uagp35 - ok
11:44:55.0581 5288 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:44:55.0628 5288 udfs - ok
11:44:55.0628 5288 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:44:55.0643 5288 UI0Detect - ok
11:44:55.0674 5288 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:44:55.0674 5288 uliagpkx - ok
11:44:55.0690 5288 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
11:44:55.0706 5288 umbus - ok
11:44:55.0721 5288 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:44:55.0721 5288 UmPass - ok
11:44:55.0752 5288 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:44:55.0784 5288 upnphost - ok
11:44:55.0799 5288 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:44:55.0815 5288 usbccgp - ok
11:44:55.0815 5288 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:44:55.0830 5288 usbcir - ok
11:44:55.0846 5288 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:44:55.0846 5288 usbehci - ok
11:44:55.0877 5288 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:44:55.0893 5288 usbhub - ok
11:44:55.0893 5288 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:44:55.0908 5288 usbohci - ok
11:44:55.0924 5288 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:44:55.0924 5288 usbprint - ok
11:44:55.0955 5288 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:44:55.0955 5288 USBSTOR - ok
11:44:55.0955 5288 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:44:55.0971 5288 usbuhci - ok
11:44:55.0986 5288 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:44:56.0018 5288 UxSms - ok
11:44:56.0033 5288 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:44:56.0033 5288 VaultSvc - ok
11:44:56.0080 5288 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
11:44:56.0111 5288 VClone - ok
11:44:56.0111 5288 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:44:56.0127 5288 vdrvroot - ok
11:44:56.0174 5288 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:44:56.0220 5288 vds - ok
11:44:56.0220 5288 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:44:56.0236 5288 vga - ok
11:44:56.0267 5288 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:44:56.0330 5288 VgaSave - ok
11:44:56.0345 5288 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:44:56.0361 5288 vhdmp - ok
11:44:56.0361 5288 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:44:56.0376 5288 viaide - ok
11:44:56.0392 5288 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:44:56.0392 5288 volmgr - ok
11:44:56.0439 5288 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:44:56.0454 5288 volmgrx - ok
11:44:56.0486 5288 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:44:56.0501 5288 volsnap - ok
11:44:56.0532 5288 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:44:56.0532 5288 vsmraid - ok
11:44:56.0610 5288 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:44:56.0657 5288 VSS - ok
11:44:56.0751 5288 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
11:44:56.0798 5288 vToolbarUpdater10.2.0 - ok
11:44:56.0876 5288 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
11:44:56.0891 5288 vwifibus - ok
11:44:56.0938 5288 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:44:56.0985 5288 W32Time - ok
11:44:56.0985 5288 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:44:57.0000 5288 WacomPen - ok
11:44:57.0016 5288 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:44:57.0047 5288 WANARP - ok
11:44:57.0063 5288 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:44:57.0094 5288 Wanarpv6 - ok
11:44:57.0156 5288 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:44:57.0188 5288 WatAdminSvc - ok
11:44:57.0266 5288 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:44:57.0281 5288 wbengine - ok
11:44:57.0359 5288 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:44:57.0390 5288 WbioSrvc - ok
11:44:57.0437 5288 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:44:57.0468 5288 wcncsvc - ok
11:44:57.0484 5288 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:44:57.0484 5288 WcsPlugInService - ok
11:44:57.0500 5288 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:44:57.0515 5288 Wd - ok
11:44:57.0546 5288 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:44:57.0562 5288 Wdf01000 - ok
11:44:57.0578 5288 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:44:57.0593 5288 WdiServiceHost - ok
11:44:57.0593 5288 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:44:57.0609 5288 WdiSystemHost - ok
11:44:57.0640 5288 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:44:57.0656 5288 WebClient - ok
11:44:57.0671 5288 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:44:57.0702 5288 Wecsvc - ok
11:44:57.0718 5288 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:44:57.0734 5288 wercplsupport - ok
11:44:57.0765 5288 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:44:57.0780 5288 WerSvc - ok
11:44:57.0812 5288 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:44:57.0843 5288 WfpLwf - ok
11:44:57.0874 5288 WimFltr (d1d786ae896be1f81132902d6206479c) C:\Windows\system32\DRIVERS\wimfltr.sys
11:44:57.0890 5288 WimFltr - ok
11:44:57.0890 5288 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:44:57.0905 5288 WIMMount - ok
11:44:57.0952 5288 WinDefend - ok
11:44:57.0952 5288 WinHttpAutoProxySvc - ok
11:44:57.0983 5288 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:44:58.0030 5288 Winmgmt - ok
11:44:58.0108 5288 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:44:58.0155 5288 WinRM - ok
11:44:58.0248 5288 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:44:58.0280 5288 WinUsb - ok
11:44:58.0311 5288 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:44:58.0342 5288 Wlansvc - ok
11:44:58.0404 5288 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:44:58.0420 5288 wlcrasvc - ok
11:44:58.0498 5288 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:44:58.0545 5288 wlidsvc - ok
11:44:58.0592 5288 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:44:58.0607 5288 WmiAcpi - ok
11:44:58.0623 5288 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:44:58.0638 5288 wmiApSrv - ok
11:44:58.0654 5288 WMPNetworkSvc - ok
11:44:58.0670 5288 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:44:58.0685 5288 WPCSvc - ok
11:44:58.0716 5288 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:44:58.0748 5288 WPDBusEnum - ok
11:44:58.0763 5288 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:44:58.0794 5288 ws2ifsl - ok
11:44:58.0810 5288 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
11:44:58.0826 5288 wscsvc - ok
11:44:58.0826 5288 WSearch - ok
11:44:58.0919 5288 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
11:44:58.0966 5288 wuauserv - ok
11:44:59.0044 5288 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:44:59.0091 5288 WudfPf - ok
11:44:59.0122 5288 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:44:59.0153 5288 WUDFRd - ok
11:44:59.0169 5288 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:44:59.0184 5288 wudfsvc - ok
11:44:59.0200 5288 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:44:59.0231 5288 WwanSvc - ok
11:44:59.0231 5288 MBR (0x1B8) (77443cb5ff3d84f5ff3288a9c441020a) \Device\Harddisk0\DR0
11:44:59.0699 5288 \Device\Harddisk0\DR0 - ok
11:44:59.0699 5288 Boot (0x1200) (0313ea28dfce6f66f8ef45063a9b493a) \Device\Harddisk0\DR0\Partition0
11:44:59.0699 5288 \Device\Harddisk0\DR0\Partition0 - ok
11:44:59.0699 5288 Boot (0x1200) (6f24c0177aa788ac5e384921027ec676) \Device\Harddisk0\DR0\Partition1
11:44:59.0699 5288 \Device\Harddisk0\DR0\Partition1 - ok
11:44:59.0730 5288 Boot (0x1200) (25b5fe8e2cf59f95ee50f4722561137e) \Device\Harddisk0\DR0\Partition2
11:44:59.0730 5288 \Device\Harddisk0\DR0\Partition2 - ok
11:44:59.0746 5288 Boot (0x1200) (e5634e4fe541d4a71ecff042787e9799) \Device\Harddisk0\DR0\Partition3
11:44:59.0746 5288 \Device\Harddisk0\DR0\Partition3 - ok
11:44:59.0746 5288 ============================================================
11:44:59.0746 5288 Scan finished
11:44:59.0746 5288 ============================================================
11:44:59.0762 3784 Detected object count: 10
11:44:59.0762 3784 Actual detected object count: 10
11:45:02.0258 3784 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:02.0258 3784 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:45:02.0258 3784 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:02.0258 3784 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:45:02.0258 3784 McciCMService64 ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:02.0258 3784 McciCMService64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:45:02.0258 3784 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:02.0258 3784 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:45:02.0258 3784 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:02.0258 3784 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:45:02.0258 3784 RoxLiveShare9 ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:02.0258 3784 RoxLiveShare9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:45:02.0258 3784 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:02.0258 3784 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:45:02.0258 3784 RoxWatch9 ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:02.0258 3784 RoxWatch9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:45:02.0273 3784 RxFilter ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:02.0273 3784 RxFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:45:02.0273 3784 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:02.0273 3784 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Startpagina: about: blank

Willem

Ben

Willem

Ben

Willem

Ben

Willem

Ben

Willem

Willem