Laptop start zeer traag op [Archief]

Volledige versie bekijken : Laptop start zeer traag op

planina

4 April 2012, 10:11

Hoi,
Ik kocht me net een nieuwe laptop. Maar nadat ik een backup wilde maken, ging na de tweede schijf (er werd me gevraagd de derde schijf te plaatsen) de writer niet meer op. Verder deed hij niets meer. Dan maar de aan/uit knop gebruikt. Daarna kreeg ik de schijf er wel uit....maar, de laptop sttart sindsdien zeer traag op.
Eens hij volledig is opgestart gaat hij volle snelheid, maar eer het zover is, kan ik me wel douchen, scheren, tanden poetsen.
Hierbij de hijacklog. Bedankt voor de moeiet op voorhand.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:03:31, on 4/04/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11g_Ac tiveX.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\totalcmd\TOTALCMD.EXE
G:\Films allerlei\YP\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/2
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.6.2.10\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: FrostWire On Startup.lnk = C:\Program Files (x86)\FrostWire 5\FrostWire.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13725 bytes

Juisterr

4 April 2012, 20:10

planina

4 April 2012, 23:59

Hoe oud is deze pc ? Heb je er geen garantie op want ik zie zo 1, 2, 3, geen besmetting.

Download TDSSKStarter (http://home.kpn.nl/stefsmeenk/tools/TDSSKStarter.exe) naar het bureaublad.

"TDSSKStarter.exe" gebruiken:

Sluit nu eerst alle nog openstaande programmavensters!

Windows 2000 en Windows XP: start het tool middels dubbelklik op "TDSSKStarter.exe".
Windows Vista en Windows 7: start het tool middels rechtsklik op "TDSSKStarter.exe" en dan kiezen voor Als Administrator uitvoeren.

Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten.
Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.

Hoi juister, bedankt en hierbij de log.

23:56:20.0983 6372 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32
23:56:20.0983 6372 ================================================== ==========
23:56:20.0983 6372 Current date / time: 2012/04/04 23:56:20.0983
23:56:20.0983 6372 SystemInfo:
23:56:20.0983 6372
23:56:20.0983 6372 OS Version: 6.1.7601 ServicePack: 1.0
23:56:20.0983 6372 Product type: Workstation
23:56:20.0983 6372 ComputerName: EDGARD-HP
23:56:20.0983 6372 UserName: edgard
23:56:20.0983 6372 Windows directory: C:\Windows
23:56:20.0983 6372 System windows directory: C:\Windows
23:56:20.0983 6372 Running under WOW64
23:56:20.0983 6372 Processor architecture: Intel x64
23:56:20.0983 6372 Number of processors: 2
23:56:20.0983 6372 Page size: 0x1000
23:56:20.0983 6372 Boot type: Normal boot
23:56:20.0983 6372 ================================================== ==========
23:56:21.0794 6372 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:56:21.0809 6372 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:56:21.0809 6372 \Device\Harddisk0\DR0:
23:56:21.0809 6372 MBR used
23:56:21.0809 6372 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
23:56:21.0809 6372 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x36D9A000
23:56:21.0809 6372 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x36DFE000, BlocksNum 0x2D98000
23:56:21.0809 6372 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF800
23:56:21.0809 6372 \Device\Harddisk1\DR1:
23:56:21.0825 6372 MBR used
23:56:21.0825 6372 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x12A18A82
23:56:21.0965 6372 Initialize success
23:56:21.0965 6372 ================================================== ==========
23:56:22.0043 6328 ================================================== ==========
23:56:22.0043 6328 Scan started
23:56:22.0043 6328 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
23:56:22.0043 6328 ================================================== ==========
23:56:24.0103 6328 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:56:24.0290 6328 1394ohci - ok
23:56:24.0477 6328 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:56:24.0508 6328 ACPI - ok
23:56:24.0617 6328 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:56:24.0727 6328 AcpiPmi - ok
23:56:24.0914 6328 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:56:24.0945 6328 AdobeARMservice - ok
23:56:25.0179 6328 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
23:56:25.0226 6328 adp94xx - ok
23:56:25.0538 6328 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
23:56:25.0585 6328 adpahci - ok
23:56:25.0741 6328 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
23:56:25.0787 6328 adpu320 - ok
23:56:25.0928 6328 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:56:26.0084 6328 AeLookupSvc - ok
23:56:26.0302 6328 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
23:56:26.0489 6328 AFD - ok
23:56:26.0661 6328 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:56:26.0692 6328 agp440 - ok
23:56:26.0786 6328 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:56:26.0864 6328 ALG - ok
23:56:26.0942 6328 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:56:26.0973 6328 aliide - ok
23:56:27.0020 6328 AMD External Events Utility (850f0c8034225fa3f50d551a905fa503) C:\Windows\system32\atiesrxx.exe
23:56:27.0098 6328 AMD External Events Utility - ok
23:56:27.0176 6328 AMD FUEL Service - ok
23:56:27.0301 6328 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:56:27.0347 6328 amdide - ok
23:56:27.0472 6328 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
23:56:27.0503 6328 amdiox64 - ok
23:56:27.0581 6328 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
23:56:27.0659 6328 AmdK8 - ok
23:56:27.0971 6328 amdkmdag (7979bf4a66efdadf3d00a052409609b1) C:\Windows\system32\DRIVERS\atikmdag.sys
23:56:28.0252 6328 amdkmdag - ok
23:56:28.0330 6328 amdkmdap (7d5cdb0161e91951d3dd99e55cea4d01) C:\Windows\system32\DRIVERS\atikmpag.sys
23:56:28.0424 6328 amdkmdap - ok
23:56:28.0471 6328 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:56:28.0533 6328 AmdPPM - ok
23:56:28.0595 6328 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:56:28.0611 6328 amdsata - ok
23:56:28.0658 6328 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
23:56:28.0673 6328 amdsbs - ok
23:56:28.0705 6328 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:56:28.0720 6328 amdxata - ok
23:56:28.0751 6328 amd_sata (bb4fe7889db9cbbe61a308e99697f53c) C:\Windows\system32\DRIVERS\amd_sata.sys
23:56:28.0767 6328 amd_sata - ok
23:56:28.0798 6328 amd_xata (5631cba53f1cbea3f9e88348e6723391) C:\Windows\system32\DRIVERS\amd_xata.sys
23:56:28.0814 6328 amd_xata - ok
23:56:28.0876 6328 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:56:29.0048 6328 AppID - ok
23:56:29.0126 6328 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:56:29.0235 6328 AppIDSvc - ok
23:56:29.0282 6328 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
23:56:29.0391 6328 Appinfo - ok
23:56:29.0453 6328 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:56:29.0469 6328 Apple Mobile Device - ok
23:56:29.0563 6328 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
23:56:29.0578 6328 arc - ok
23:56:29.0625 6328 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
23:56:29.0656 6328 arcsas - ok
23:56:29.0797 6328 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\as pnet_state.exe
23:56:29.0812 6328 aspnet_state - ok
23:56:29.0906 6328 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:56:29.0999 6328 AsyncMac - ok
23:56:30.0015 6328 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:56:30.0031 6328 atapi - ok
23:56:30.0077 6328 AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys
23:56:30.0093 6328 AtiHDAudioService - ok
23:56:30.0140 6328 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:56:30.0233 6328 AudioEndpointBuilder - ok
23:56:30.0249 6328 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:56:30.0296 6328 AudioSrv - ok
23:56:30.0389 6328 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
23:56:30.0452 6328 AxInstSV - ok
23:56:30.0561 6328 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
23:56:30.0608 6328 b06bdrv - ok
23:56:30.0733 6328 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:56:30.0779 6328 b57nd60a - ok
23:56:30.0857 6328 BBSvc (28a4012e68bc9597bcb9b26b51aac4b6) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
23:56:30.0873 6328 BBSvc - ok
23:56:30.0920 6328 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
23:56:30.0935 6328 BBUpdate - ok
23:56:31.0107 6328 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
23:56:31.0169 6328 BCM43XX - ok
23:56:31.0263 6328 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:56:31.0372 6328 BDESVC - ok
23:56:31.0481 6328 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:56:31.0559 6328 Beep - ok
23:56:31.0669 6328 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
23:56:31.0747 6328 BFE - ok
23:56:31.0949 6328 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\BASHDefs\ 20120317.002\BHDrvx64.sys
23:56:31.0996 6328 BHDrvx64 - ok
23:56:32.0137 6328 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
23:56:32.0261 6328 BITS - ok
23:56:32.0386 6328 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
23:56:32.0449 6328 blbdrive - ok
23:56:32.0527 6328 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
23:56:32.0573 6328 Bonjour Service - ok
23:56:32.0683 6328 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:56:32.0776 6328 bowser - ok
23:56:32.0807 6328 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
23:56:32.0839 6328 BrFiltLo - ok
23:56:32.0854 6328 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
23:56:32.0870 6328 BrFiltUp - ok
23:56:32.0932 6328 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
23:56:33.0010 6328 Browser - ok
23:56:33.0041 6328 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:56:33.0135 6328 Brserid - ok
23:56:33.0182 6328 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:56:33.0244 6328 BrSerWdm - ok
23:56:33.0260 6328 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:56:33.0322 6328 BrUsbMdm - ok
23:56:33.0369 6328 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:56:33.0400 6328 BrUsbSer - ok
23:56:33.0447 6328 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
23:56:33.0494 6328 BthEnum - ok
23:56:33.0525 6328 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:56:33.0572 6328 BTHMODEM - ok
23:56:33.0634 6328 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
23:56:33.0665 6328 BthPan - ok
23:56:33.0697 6328 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
23:56:33.0743 6328 BTHPORT - ok
23:56:33.0790 6328 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:56:33.0837 6328 bthserv - ok
23:56:33.0868 6328 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
23:56:33.0915 6328 BTHUSB - ok
23:56:33.0962 6328 btwaudio (05acfd6cfb58d6ac174ad50d33c24efc) C:\Windows\system32\drivers\btwaudio.sys
23:56:33.0977 6328 btwaudio - ok
23:56:33.0993 6328 btwavdt (73b4341807e3398dac73102e4709ecb0) C:\Windows\system32\drivers\btwavdt.sys
23:56:34.0009 6328 btwavdt - ok
23:56:34.0040 6328 btwrchid (da0386aed062087147a4a9e09a23f6f1) C:\Windows\system32\DRIVERS\btwrchid.sys
23:56:34.0040 6328 btwrchid - ok
23:56:34.0133 6328 ccSet_NAV (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NAVx64\1306020.00A\ccS etx64.sys
23:56:34.0165 6328 ccSet_NAV - ok
23:56:34.0196 6328 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:56:34.0258 6328 cdfs - ok
23:56:34.0305 6328 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
23:56:34.0321 6328 cdrom - ok
23:56:34.0367 6328 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:56:34.0461 6328 CertPropSvc - ok
23:56:34.0539 6328 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
23:56:34.0617 6328 circlass - ok
23:56:34.0664 6328 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:56:34.0711 6328 CLFS - ok
23:56:34.0773 6328 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
23:56:34.0804 6328 clr_optimization_v2.0.50727_32 - ok
23:56:34.0851 6328 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corsvw.exe
23:56:34.0898 6328 clr_optimization_v2.0.50727_64 - ok
23:56:34.0991 6328 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe
23:56:35.0023 6328 clr_optimization_v4.0.30319_32 - ok
23:56:35.0069 6328 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ms corsvw.exe
23:56:35.0101 6328 clr_optimization_v4.0.30319_64 - ok
23:56:35.0194 6328 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
23:56:35.0210 6328 clwvd - ok
23:56:35.0288 6328 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
23:56:35.0366 6328 CmBatt - ok
23:56:35.0413 6328 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:56:35.0459 6328 cmdide - ok
23:56:35.0522 6328 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
23:56:35.0553 6328 CNG - ok
23:56:35.0615 6328 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
23:56:35.0631 6328 Compbatt - ok
23:56:35.0693 6328 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:56:35.0740 6328 CompositeBus - ok
23:56:35.0771 6328 COMSysApp - ok
23:56:35.0803 6328 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
23:56:35.0818 6328 crcdisk - ok
23:56:35.0865 6328 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
23:56:35.0959 6328 CryptSvc - ok
23:56:36.0083 6328 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
23:56:36.0146 6328 cvhsvc - ok
23:56:36.0271 6328 cxbu0x64 (bd99d714062029904e11e3bcc32d1e35) C:\Windows\system32\DRIVERS\cxbu0x64.sys
23:56:36.0349 6328 cxbu0x64 - ok
23:56:36.0473 6328 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:56:36.0551 6328 DcomLaunch - ok
23:56:36.0629 6328 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:56:36.0723 6328 defragsvc - ok
23:56:36.0817 6328 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:56:36.0926 6328 DfsC - ok
23:56:36.0973 6328 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
23:56:37.0035 6328 Dhcp - ok
23:56:37.0097 6328 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:56:37.0191 6328 discache - ok
23:56:37.0269 6328 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
23:56:37.0300 6328 Disk - ok
23:56:37.0363 6328 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
23:56:37.0441 6328 Dnscache - ok
23:56:37.0519 6328 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
23:56:37.0628 6328 dot3svc - ok
23:56:37.0643 6328 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
23:56:37.0706 6328 DPS - ok
23:56:37.0768 6328 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:56:37.0815 6328 drmkaud - ok
23:56:37.0893 6328 DXGKrnl (a4f408ad1065c7ad2ed332c68025b435) C:\Windows\System32\drivers\dxgkrnl.sys
23:56:37.0940 6328 DXGKrnl - ok
23:56:37.0971 6328 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:56:38.0049 6328 EapHost - ok
23:56:38.0143 6328 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
23:56:38.0236 6328 ebdrv - ok
23:56:38.0345 6328 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
23:56:38.0361 6328 eeCtrl - ok
23:56:38.0439 6328 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
23:56:38.0517 6328 EFS - ok
23:56:38.0579 6328 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
23:56:38.0673 6328 ehRecvr - ok
23:56:38.0689 6328 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:56:38.0720 6328 ehSched - ok
23:56:38.0829 6328 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
23:56:38.0876 6328 elxstor - ok
23:56:38.0985 6328 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:56:39.0016 6328 EraserUtilRebootDrv - ok
23:56:39.0172 6328 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:56:39.0235 6328 ErrDev - ok
23:56:39.0297 6328 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:56:39.0375 6328 EventSystem - ok
23:56:39.0469 6328 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:56:39.0547 6328 exfat - ok
23:56:39.0578 6328 ezSharedSvc - ok
23:56:39.0609 6328 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:56:39.0687 6328 fastfat - ok
23:56:39.0734 6328 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
23:56:39.0781 6328 Fax - ok
23:56:39.0843 6328 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
23:56:39.0905 6328 fdc - ok
23:56:39.0952 6328 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:56:40.0061 6328 fdPHost - ok
23:56:40.0077 6328 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:56:40.0155 6328 FDResPub - ok
23:56:40.0217 6328 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:56:40.0249 6328 FileInfo - ok
23:56:40.0264 6328 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:56:40.0311 6328 Filetrace - ok
23:56:40.0342 6328 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
23:56:40.0358 6328 flpydisk - ok
23:56:40.0420 6328 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:56:40.0451 6328 FltMgr - ok
23:56:40.0545 6328 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
23:56:40.0607 6328 FontCache - ok
23:56:40.0732 6328 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe
23:56:40.0763 6328 FontCache3.0.0.0 - ok
23:56:40.0888 6328 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:56:40.0919 6328 FsDepends - ok
23:56:40.0951 6328 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:56:40.0966 6328 Fs_Rec - ok
23:56:40.0997 6328 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:56:41.0029 6328 fvevol - ok
23:56:41.0075 6328 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
23:56:41.0091 6328 gagp30kx - ok
23:56:41.0169 6328 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
23:56:41.0216 6328 GamesAppService - ok
23:56:41.0263 6328 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:56:41.0294 6328 GEARAspiWDM - ok
23:56:41.0341 6328 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
23:56:41.0419 6328 gpsvc - ok
23:56:41.0528 6328 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:56:41.0543 6328 gupdate - ok
23:56:41.0575 6328 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:56:41.0590 6328 gupdatem - ok
23:56:41.0637 6328 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:56:41.0668 6328 gusvc - ok
23:56:41.0777 6328 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:56:41.0840 6328 hcw85cir - ok
23:56:41.0902 6328 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:56:41.0965 6328 HdAudAddService - ok
23:56:42.0011 6328 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:56:42.0074 6328 HDAudBus - ok
23:56:42.0105 6328 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
23:56:42.0152 6328 HidBatt - ok
23:56:42.0183 6328 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
23:56:42.0245 6328 HidBth - ok
23:56:42.0277 6328 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
23:56:42.0323 6328 HidIr - ok
23:56:42.0370 6328 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
23:56:42.0433 6328 hidserv - ok
23:56:42.0495 6328 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
23:56:42.0526 6328 HidUsb - ok
23:56:42.0557 6328 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
23:56:42.0667 6328 hkmsvc - ok
23:56:42.0698 6328 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
23:56:42.0776 6328 HomeGroupListener - ok
23:56:42.0807 6328 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
23:56:42.0854 6328 HomeGroupProvider - ok
23:56:42.0947 6328 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
23:56:42.0979 6328 HP Support Assistant Service - ok
23:56:43.0057 6328 HPAuto (7b8c1b09c11e8db7c4480abd7d17e821) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
23:56:43.0103 6328 HPAuto - ok
23:56:43.0135 6328 HPClientSvc (6a181452d4e240b8ecc7614b9a19bde9) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
23:56:43.0166 6328 HPClientSvc - ok
23:56:43.0275 6328 HPDrvMntSvc.exe (e6ab9e7ff923928e9f549fddfcedb28a) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
23:56:43.0306 6328 HPDrvMntSvc.exe - ok
23:56:43.0415 6328 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
23:56:43.0462 6328 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
23:56:43.0462 6328 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
23:56:43.0493 6328 hpqddsvc (99ed733f614660eb32199bf889dfb7e2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
23:56:43.0525 6328 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
23:56:43.0525 6328 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
23:56:43.0649 6328 hpqwmiex (dbdc0581d4506c13e6bef48d14b1c55b) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
23:56:43.0696 6328 hpqwmiex - ok
23:56:43.0805 6328 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:56:43.0852 6328 HpSAMD - ok
23:56:43.0930 6328 HPWMISVC (491ce9b6321fb74e4b37af2c47f98434) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
23:56:43.0946 6328 HPWMISVC - ok
23:56:44.0071 6328 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:56:44.0164 6328 HTTP - ok
23:56:44.0258 6328 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:56:44.0305 6328 hwpolicy - ok
23:56:44.0351 6328 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
23:56:44.0383 6328 i8042prt - ok
23:56:44.0445 6328 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:56:44.0476 6328 iaStorV - ok
23:56:44.0601 6328 IconMan_R (d72bf0ae484f88399e8343e821c10d6a) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
23:56:44.0679 6328 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
23:56:44.0679 6328 IconMan_R - detected UnsignedFile.Multi.Generic (1)
23:56:44.0819 6328 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:56:44.0866 6328 idsvc - ok
23:56:45.0100 6328 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\IPSDefs\2 0120403.002\IDSvia64.sys
23:56:45.0147 6328 IDSVia64 - ok
23:56:45.0256 6328 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
23:56:45.0303 6328 iirsp - ok
23:56:45.0350 6328 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
23:56:45.0428 6328 IKEEXT - ok
23:56:45.0506 6328 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:56:45.0537 6328 intelide - ok
23:56:45.0568 6328 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
23:56:45.0646 6328 intelppm - ok
23:56:45.0677 6328 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:56:45.0755 6328 IPBusEnum - ok
23:56:45.0787 6328 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:56:45.0880 6328 IpFilterDriver - ok
23:56:45.0943 6328 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
23:56:46.0036 6328 iphlpsvc - ok
23:56:46.0114 6328 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:56:46.0161 6328 IPMIDRV - ok
23:56:46.0192 6328 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:56:46.0286 6328 IPNAT - ok
23:56:46.0379 6328 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
23:56:46.0411 6328 iPod Service - ok
23:56:46.0504 6328 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:56:46.0598 6328 IRENUM - ok
23:56:46.0723 6328 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:56:46.0754 6328 isapnp - ok
23:56:46.0816 6328 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:56:46.0847 6328 iScsiPrt - ok
23:56:46.0910 6328 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:56:46.0941 6328 kbdclass - ok
23:56:46.0972 6328 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
23:56:46.0988 6328 kbdhid - ok
23:56:47.0035 6328 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:56:47.0066 6328 KeyIso - ok
23:56:47.0081 6328 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
23:56:47.0097 6328 KSecDD - ok
23:56:47.0113 6328 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
23:56:47.0128 6328 KSecPkg - ok
23:56:47.0159 6328 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:56:47.0284 6328 ksthunk - ok
23:56:47.0331 6328 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:56:47.0409 6328 KtmRm - ok
23:56:47.0487 6328 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
23:56:47.0565 6328 LanmanServer - ok
23:56:47.0690 6328 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
23:56:47.0815 6328 LanmanWorkstation - ok
23:56:47.0986 6328 Lavasoft Ad-Aware Service (ea38136981c61c571d52c380daad46ef) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
23:56:48.0049 6328 Lavasoft Ad-Aware Service - ok
23:56:48.0158 6328 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
23:56:48.0189 6328 Lavasoft Kernexplorer - ok
23:56:48.0283 6328 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys
23:56:48.0298 6328 Lbd - ok
23:56:48.0361 6328 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:56:48.0439 6328 lltdio - ok
23:56:48.0501 6328 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:56:48.0595 6328 lltdsvc - ok
23:56:48.0626 6328 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:56:48.0673 6328 lmhosts - ok
23:56:48.0766 6328 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
23:56:48.0782 6328 LSI_FC - ok
23:56:48.0829 6328 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
23:56:48.0844 6328 LSI_SAS - ok
23:56:48.0860 6328 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
23:56:48.0891 6328 LSI_SAS2 - ok
23:56:48.0891 6328 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
23:56:48.0907 6328 LSI_SCSI - ok
23:56:48.0953 6328 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:56:49.0047 6328 luafv - ok
23:56:49.0109 6328 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
23:56:49.0156 6328 Mcx2Svc - ok
23:56:49.0203 6328 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
23:56:49.0219 6328 megasas - ok
23:56:49.0281 6328 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
23:56:49.0312 6328 MegaSR - ok
23:56:49.0359 6328 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:56:49.0484 6328 MMCSS - ok
23:56:49.0562 6328 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:56:49.0671 6328 Modem - ok
23:56:49.0733 6328 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:56:49.0796 6328 monitor - ok
23:56:49.0874 6328 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:56:49.0905 6328 mouclass - ok
23:56:49.0952 6328 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:56:49.0999 6328 mouhid - ok
23:56:50.0045 6328 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:56:50.0077 6328 mountmgr - ok
23:56:50.0123 6328 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:56:50.0155 6328 mpio - ok
23:56:50.0186 6328 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:56:50.0248 6328 mpsdrv - ok
23:56:50.0295 6328 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
23:56:50.0373 6328 MpsSvc - ok
23:56:50.0404 6328 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:56:50.0451 6328 MRxDAV - ok
23:56:50.0482 6328 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:56:50.0560 6328 mrxsmb - ok
23:56:50.0607 6328 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:56:50.0685 6328 mrxsmb10 - ok
23:56:50.0701 6328 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:56:50.0732 6328 mrxsmb20 - ok
23:56:50.0794 6328 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:56:50.0825 6328 msahci - ok
23:56:50.0857 6328 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:56:50.0872 6328 msdsm - ok
23:56:50.0919 6328 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:56:50.0981 6328 MSDTC - ok
23:56:51.0059 6328 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:56:51.0184 6328 Msfs - ok
23:56:51.0215 6328 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:56:51.0278 6328 mshidkmdf - ok
23:56:51.0309 6328 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:56:51.0325 6328 msisadrv - ok
23:56:51.0371 6328 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:56:51.0449 6328 MSiSCSI - ok
23:56:51.0449 6328 msiserver - ok
23:56:51.0512 6328 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:56:51.0621 6328 MSKSSRV - ok
23:56:51.0637 6328 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:56:51.0699 6328 MSPCLOCK - ok
23:56:51.0730 6328 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:56:51.0839 6328 MSPQM - ok
23:56:51.0871 6328 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:56:51.0902 6328 MsRPC - ok
23:56:51.0949 6328 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:56:51.0964 6328 mssmbios - ok
23:56:51.0980 6328 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:56:52.0089 6328 MSTEE - ok
23:56:52.0120 6328 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
23:56:52.0167 6328 MTConfig - ok
23:56:52.0198 6328 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:56:52.0229 6328 Mup - ok
23:56:52.0276 6328 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
23:56:52.0385 6328 napagent - ok
23:56:52.0479 6328 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:56:52.0557 6328 NativeWifiP - ok
23:56:52.0713 6328 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe
23:56:52.0744 6328 NAUpdate - ok
23:56:52.0822 6328 NAV (7a02f128a454bb22e300f3f80bc1bd22) C:\Program Files (x86)\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe
23:56:52.0853 6328 NAV - ok
23:56:53.0025 6328 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs \20120403.041\ENG64.SYS
23:56:53.0056 6328 NAVENG - ok
23:56:53.0134 6328 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs \20120403.041\EX64.SYS
23:56:53.0197 6328 NAVEX15 - ok
23:56:53.0353 6328 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
23:56:53.0399 6328 NDIS - ok
23:56:53.0446 6328 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:56:53.0493 6328 NdisCap - ok
23:56:53.0524 6328 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:56:53.0587 6328 NdisTapi - ok
23:56:53.0618 6328 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:56:53.0711 6328 Ndisuio - ok
23:56:53.0727 6328 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:56:53.0789 6328 NdisWan - ok
23:56:53.0805 6328 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:56:53.0899 6328 NDProxy - ok
23:56:53.0930 6328 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:56:53.0977 6328 NetBIOS - ok
23:56:54.0008 6328 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:56:54.0039 6328 NetBT - ok
23:56:54.0086 6328 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:56:54.0133 6328 Netlogon - ok
23:56:54.0179 6328 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:56:54.0289 6328 Netman - ok
23:56:54.0382 6328 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
23:56:54.0413 6328 NetMsmqActivator - ok
23:56:54.0429 6328 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
23:56:54.0445 6328 NetPipeActivator - ok
23:56:54.0507 6328 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:56:54.0616 6328 netprofm - ok
23:56:54.0741 6328 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
23:56:54.0757 6328 NetTcpActivator - ok
23:56:54.0788 6328 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
23:56:54.0803 6328 NetTcpPortSharing - ok
23:56:54.0897 6328 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
23:56:54.0959 6328 nfrd960 - ok
23:56:55.0006 6328 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
23:56:55.0100 6328 NlaSvc - ok
23:56:55.0225 6328 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:56:55.0318 6328 Npfs - ok
23:56:55.0427 6328 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:56:55.0537 6328 nsi - ok
23:56:55.0615 6328 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:56:55.0693 6328 nsiproxy - ok
23:56:55.0755 6328 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:56:55.0817 6328 Ntfs - ok
23:56:55.0864 6328 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:56:55.0989 6328 Null - ok
23:56:56.0020 6328 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
23:56:56.0067 6328 NVENETFD - ok
23:56:56.0098 6328 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:56:56.0145 6328 nvraid - ok
23:56:56.0176 6328 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:56:56.0207 6328 nvstor - ok
23:56:56.0254 6328 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:56:56.0285 6328 nv_agp - ok
23:56:56.0317 6328 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:56:56.0379 6328 ohci1394 - ok
23:56:56.0457 6328 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:56:56.0488 6328 ose - ok
23:56:56.0753 6328 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E
23:56:56.0847 6328 osppsvc - ok
23:56:56.0941 6328 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:56:57.0034 6328 p2pimsvc - ok
23:56:57.0097 6328 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:56:57.0159 6328 p2psvc - ok
23:56:57.0237 6328 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
23:56:57.0268 6328 Parport - ok
23:56:57.0315 6328 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
23:56:57.0346 6328 partmgr - ok
23:56:57.0377 6328 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:56:57.0455 6328 PcaSvc - ok
23:56:57.0502 6328 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:56:57.0533 6328 pci - ok
23:56:57.0565 6328 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:56:57.0580 6328 pciide - ok
23:56:57.0627 6328 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
23:56:57.0658 6328 pcmcia - ok
23:56:57.0674 6328 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:56:57.0689 6328 pcw - ok
23:56:57.0736 6328 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:56:57.0830 6328 PEAUTH - ok
23:56:57.0923 6328 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:56:58.0001 6328 PerfHost - ok
23:56:58.0095 6328 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
23:56:58.0220 6328 pla - ok
23:56:58.0313 6328 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
23:56:58.0360 6328 PlugPlay - ok
23:56:58.0407 6328 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:56:58.0454 6328 PNRPAutoReg - ok
23:56:58.0485 6328 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:56:58.0516 6328 PNRPsvc - ok
23:56:58.0579 6328 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
23:56:58.0703 6328 PolicyAgent - ok
23:56:58.0750 6328 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:56:58.0859 6328 Power - ok
23:56:58.0937 6328 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:56:59.0031 6328 PptpMiniport - ok
23:56:59.0062 6328 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
23:56:59.0093 6328 Processor - ok
23:56:59.0140 6328 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
23:56:59.0187 6328 ProfSvc - ok
23:56:59.0218 6328 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:56:59.0234 6328 ProtectedStorage - ok
23:56:59.0327 6328 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:56:59.0437 6328 Psched - ok
23:56:59.0530 6328 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
23:56:59.0577 6328 ql2300 - ok
23:56:59.0608 6328 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
23:56:59.0624 6328 ql40xx - ok
23:56:59.0655 6328 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:56:59.0686 6328 QWAVE - ok
23:56:59.0717 6328 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:56:59.0764 6328 QWAVEdrv - ok
23:56:59.0780 6328 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:56:59.0858 6328 RasAcd - ok
23:56:59.0905 6328 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:56:59.0983 6328 RasAgileVpn - ok
23:57:00.0045 6328 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:57:00.0154 6328 RasAuto - ok
23:57:00.0217 6328 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:57:00.0310 6328 Rasl2tp - ok
23:57:00.0341 6328 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
23:57:00.0388 6328 RasMan - ok
23:57:00.0419 6328 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:57:00.0497 6328 RasPppoe - ok
23:57:00.0529 6328 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:57:00.0607 6328 RasSstp - ok
23:57:00.0638 6328 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:57:00.0685 6328 rdbss - ok
23:57:00.0731 6328 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
23:57:00.0763 6328 rdpbus - ok
23:57:00.0778 6328 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:57:00.0825 6328 RDPCDD - ok
23:57:00.0856 6328 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:57:00.0903 6328 RDPENCDD - ok
23:57:00.0919 6328 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:57:00.0950 6328 RDPREFMP - ok
23:57:01.0012 6328 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
23:57:01.0137 6328 RDPWD - ok
23:57:01.0168 6328 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:57:01.0199 6328 rdyboost - ok
23:57:01.0231 6328 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:57:01.0293 6328 RemoteAccess - ok
23:57:01.0340 6328 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:57:01.0402 6328 RemoteRegistry - ok
23:57:01.0465 6328 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
23:57:01.0527 6328 RFCOMM - ok
23:57:01.0574 6328 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:57:01.0636 6328 RpcEptMapper - ok
23:57:01.0667 6328 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:57:01.0699 6328 RpcLocator - ok
23:57:01.0730 6328 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:57:01.0761 6328 RpcSs - ok
23:57:01.0870 6328 RSPCIESTOR (1f5e7af59b390261a85f5bedb1bb88b3) C:\Windows\system32\DRIVERS\RtsPStor.sys
23:57:01.0886 6328 RSPCIESTOR - ok
23:57:01.0933 6328 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:57:01.0995 6328 rspndr - ok
23:57:02.0026 6328 RTL8167 (ea5532868ba76923d75bcb2a1448d810) C:\Windows\system32\DRIVERS\Rt64win7.sys
23:57:02.0057 6328 RTL8167 - ok
23:57:02.0151 6328 RTL8192Ce (f33e70e48a54a7a1bfbeeb4f3b273e4a) C:\Windows\system32\DRIVERS\rtl8192Ce.sys
23:57:02.0182 6328 RTL8192Ce - ok
23:57:02.0229 6328 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:57:02.0245 6328 SamSs - ok
23:57:02.0307 6328 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:57:02.0338 6328 sbp2port - ok
23:57:02.0369 6328 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:57:02.0432 6328 SCardSvr - ok
23:57:02.0479 6328 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:57:02.0572 6328 scfilter - ok
23:57:02.0619 6328 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
23:57:02.0681 6328 Schedule - ok
23:57:02.0713 6328 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:57:02.0791 6328 SCPolicySvc - ok
23:57:02.0884 6328 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
23:57:02.0978 6328 sdbus - ok
23:57:03.0025 6328 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
23:57:03.0087 6328 SDRSVC - ok
23:57:03.0149 6328 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:57:03.0259 6328 secdrv - ok
23:57:03.0274 6328 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
23:57:03.0321 6328 seclogon - ok
23:57:03.0368 6328 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
23:57:03.0415 6328 SENS - ok
23:57:03.0446 6328 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:57:03.0539 6328 SensrSvc - ok
23:57:03.0633 6328 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
23:57:03.0680 6328 Serenum - ok
23:57:03.0727 6328 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
23:57:03.0773 6328 Serial - ok
23:57:03.0836 6328 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
23:57:03.0867 6328 sermouse - ok
23:57:03.0945 6328 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
23:57:04.0054 6328 SessionEnv - ok
23:57:04.0101 6328 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:57:04.0148 6328 sffdisk - ok
23:57:04.0179 6328 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:57:04.0241 6328 sffp_mmc - ok
23:57:04.0273 6328 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:57:04.0351 6328 sffp_sd - ok
23:57:04.0397 6328 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
23:57:04.0444 6328 sfloppy - ok
23:57:04.0522 6328 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
23:57:04.0616 6328 Sftfs - ok
23:57:04.0803 6328 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
23:57:04.0850 6328 sftlist - ok
23:57:05.0053 6328 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
23:57:05.0115 6328 Sftplay - ok
23:57:05.0333 6328 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
23:57:05.0380 6328 Sftredir - ok
23:57:05.0599 6328 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
23:57:05.0630 6328 Sftvol - ok
23:57:05.0755 6328 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
23:57:05.0786 6328 sftvsa - ok
23:57:05.0879 6328 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
23:57:05.0989 6328 SharedAccess - ok
23:57:06.0020 6328 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
23:57:06.0113 6328 ShellHWDetection - ok
23:57:06.0176 6328 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
23:57:06.0207 6328 SiSRaid2 - ok
23:57:06.0285 6328 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
23:57:06.0301 6328 SiSRaid4 - ok
23:57:06.0503 6328 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
23:57:06.0535 6328 SkypeUpdate - ok
23:57:06.0675 6328 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:57:06.0769 6328 Smb - ok
23:57:06.0847 6328 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:57:06.0909 6328 SNMPTRAP - ok
23:57:06.0971 6328 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:57:06.0987 6328 spldr - ok
23:57:07.0034 6328 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
23:57:07.0096 6328 Spooler - ok
23:57:07.0221 6328 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
23:57:07.0393 6328 sppsvc - ok
23:57:07.0517 6328 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:57:07.0627 6328 sppuinotify - ok
23:57:07.0736 6328 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\System32\Drivers\NAVx64\1306020.00A\SRT SP64.SYS
23:57:07.0783 6328 SRTSP - ok
23:57:07.0814 6328 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\NAVx64\1306020.00A\SRT SPX64.SYS
23:57:07.0845 6328 SRTSPX - ok
23:57:07.0907 6328 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:57:08.0001 6328 srv - ok
23:57:08.0032 6328 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:57:08.0110 6328 srv2 - ok
23:57:08.0157 6328 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
23:57:08.0219 6328 SrvHsfHDA - ok
23:57:08.0313 6328 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
23:57:08.0407 6328 SrvHsfV92 - ok
23:57:08.0609 6328 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
23:57:08.0672 6328 SrvHsfWinac - ok
23:57:08.0921 6328 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:57:08.0968 6328 srvnet - ok
23:57:09.0062 6328 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:57:09.0140 6328 SSDPSRV - ok
23:57:09.0343 6328 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:57:09.0436 6328 SstpSvc - ok
23:57:09.0608 6328 STacSV (a6b2ec3a2b6ad7c3f7b2f3495cade4c0) C:\Program Files\IDT\WDM\STacSV64.exe
23:57:09.0701 6328 STacSV - ok
23:57:09.0904 6328 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
23:57:09.0935 6328 stexstor - ok
23:57:10.0107 6328 STHDA (eba98394a7d58f7552c52192bd8fa7e6) C:\Windows\system32\DRIVERS\stwrt64.sys
23:57:10.0263 6328 STHDA - ok
23:57:10.0357 6328 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
23:57:10.0403 6328 stisvc - ok
23:57:10.0450 6328 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:57:10.0466 6328 swenum - ok
23:57:10.0513 6328 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:57:10.0591 6328 swprv - ok
23:57:10.0731 6328 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NAVx64\1306020.00A\SYM DS64.SYS
23:57:10.0809 6328 SymDS - ok
23:57:11.0137 6328 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NAVx64\1306020.00A\SYM EFA64.SYS
23:57:11.0230 6328 SymEFA - ok
23:57:11.0386 6328 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
23:57:11.0402 6328 SymEvent - ok
23:57:11.0558 6328 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NAVx64\1306020.00A\Iro nx64.SYS
23:57:11.0589 6328 SymIRON - ok
23:57:11.0885 6328 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NAVx64\1306020.00A\SYM NETS.SYS
23:57:11.0932 6328 SymNetS - ok
23:57:12.0104 6328 SynTP (c447977ed2a4ae9346fe3a0579a34d7c) C:\Windows\system32\DRIVERS\SynTP.sys
23:57:12.0151 6328 SynTP - ok
23:57:12.0431 6328 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
23:57:12.0603 6328 SysMain - ok
23:57:12.0712 6328 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
23:57:12.0775 6328 TabletInputService - ok
23:57:12.0946 6328 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
23:57:13.0040 6328 TapiSrv - ok
23:57:13.0243 6328 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:57:13.0352 6328 TBS - ok
23:57:13.0555 6328 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
23:57:13.0664 6328 Tcpip - ok
23:57:13.0913 6328 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
23:57:13.0976 6328 TCPIP6 - ok
23:57:14.0257 6328 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:57:14.0381 6328 tcpipreg - ok
23:57:14.0475 6328 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:57:14.0537 6328 TDPIPE - ok
23:57:14.0584 6328 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
23:57:14.0615 6328 TDTCP - ok
23:57:14.0662 6328 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:57:14.0756 6328 tdx - ok
23:57:14.0959 6328 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:57:15.0005 6328 TermDD - ok
23:57:15.0083 6328 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
23:57:15.0208 6328 TermService - ok
23:57:15.0271 6328 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:57:15.0333 6328 Themes - ok
23:57:15.0380 6328 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:57:15.0442 6328 THREADORDER - ok
23:57:15.0473 6328 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:57:15.0567 6328 TrkWks - ok
23:57:15.0614 6328 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
23:57:15.0723 6328 TrustedInstaller - ok
23:57:15.0785 6328 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:57:15.0910 6328 tssecsrv - ok
23:57:15.0941 6328 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:57:16.0004 6328 TsUsbFlt - ok
23:57:16.0051 6328 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
23:57:16.0113 6328 TsUsbGD - ok
23:57:16.0160 6328 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:57:16.0222 6328 tunnel - ok
23:57:16.0253 6328 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
23:57:16.0269 6328 uagp35 - ok
23:57:16.0285 6328 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:57:16.0347 6328 udfs - ok
23:57:16.0394 6328 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:57:16.0425 6328 UI0Detect - ok
23:57:16.0456 6328 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:57:16.0487 6328 uliagpkx - ok
23:57:16.0534 6328 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
23:57:16.0597 6328 umbus - ok
23:57:16.0643 6328 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:57:16.0690 6328 UmPass - ok
23:57:16.0737 6328 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:57:16.0815 6328 upnphost - ok
23:57:16.0877 6328 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
23:57:16.0940 6328 USBAAPL64 - ok
23:57:16.0987 6328 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:57:17.0049 6328 usbccgp - ok
23:57:17.0080 6328 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:57:17.0111 6328 usbcir - ok
23:57:17.0158 6328 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
23:57:17.0205 6328 usbehci - ok
23:57:17.0252 6328 usbfilter (b7037444dc5138fc7d3d3968b4de5c4b) C:\Windows\system32\DRIVERS\usbfilter.sys
23:57:17.0283 6328 usbfilter - ok
23:57:17.0314 6328 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:57:17.0392 6328 usbhub - ok
23:57:17.0439 6328 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
23:57:17.0501 6328 usbohci - ok
23:57:17.0548 6328 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:57:17.0611 6328 usbprint - ok
23:57:17.0657 6328 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:57:17.0704 6328 usbscan - ok
23:57:17.0767 6328 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:57:17.0829 6328 USBSTOR - ok
23:57:17.0876 6328 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:57:17.0907 6328 usbuhci - ok
23:57:17.0954 6328 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
23:57:17.0985 6328 usbvideo - ok
23:57:18.0001 6328 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:57:18.0079 6328 UxSms - ok
23:57:18.0110 6328 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:57:18.0125 6328 VaultSvc - ok
23:57:18.0157 6328 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:57:18.0203 6328 vdrvroot - ok
23:57:18.0250 6328 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
23:57:18.0406 6328 vds - ok
23:57:18.0469 6328 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:57:18.0515 6328 vga - ok
23:57:18.0547 6328 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:57:18.0640 6328 VgaSave - ok
23:57:18.0687 6328 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:57:18.0734 6328 vhdmp - ok
23:57:18.0765 6328 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:57:18.0781 6328 viaide - ok
23:57:18.0827 6328 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:57:18.0843 6328 volmgr - ok
23:57:18.0890 6328 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:57:18.0921 6328 volmgrx - ok
23:57:18.0952 6328 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
23:57:18.0999 6328 volsnap - ok
23:57:19.0061 6328 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
23:57:19.0093 6328 vsmraid - ok
23:57:19.0217 6328 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
23:57:19.0311 6328 VSS - ok
23:57:19.0420 6328 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:57:19.0498 6328 vwifibus - ok
23:57:19.0545 6328 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:57:19.0592 6328 vwififlt - ok
23:57:19.0639 6328 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:57:19.0701 6328 W32Time - ok
23:57:19.0748 6328 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
23:57:19.0779 6328 WacomPen - ok
23:57:19.0826 6328 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:57:19.0919 6328 WANARP - ok
23:57:19.0919 6328 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:57:19.0966 6328 Wanarpv6 - ok
23:57:20.0075 6328 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
23:57:20.0122 6328 WatAdminSvc - ok
23:57:20.0200 6328 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
23:57:20.0294 6328 wbengine - ok
23:57:20.0372 6328 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:57:20.0419 6328 WbioSrvc - ok
23:57:20.0450 6328 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
23:57:20.0497 6328 wcncsvc - ok
23:57:20.0512 6328 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:57:20.0559 6328 WcsPlugInService - ok
23:57:20.0590 6328 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
23:57:20.0621 6328 Wd - ok
23:57:20.0668 6328 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:57:20.0715 6328 Wdf01000 - ok
23:57:20.0746 6328 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:57:20.0871 6328 WdiServiceHost - ok
23:57:20.0871 6328 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:57:20.0887 6328 WdiSystemHost - ok
23:57:20.0918 6328 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
23:57:20.0949 6328 WebClient - ok
23:57:20.0949 6328 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:57:21.0027 6328 Wecsvc - ok
23:57:21.0058 6328 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:57:21.0121 6328 wercplsupport - ok
23:57:21.0167 6328 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:57:21.0261 6328 WerSvc - ok
23:57:21.0323 6328 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:57:21.0401 6328 WfpLwf - ok
23:57:21.0448 6328 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:57:21.0479 6328 WIMMount - ok
23:57:21.0511 6328 WinDefend - ok
23:57:21.0526 6328 WinHttpAutoProxySvc - ok
23:57:21.0604 6328 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:57:21.0667 6328 Winmgmt - ok
23:57:21.0729 6328 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
23:57:21.0807 6328 WinRM - ok
23:57:21.0854 6328 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:57:21.0916 6328 Wlansvc - ok
23:57:21.0994 6328 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:57:22.0010 6328 wlcrasvc - ok
23:57:22.0166 6328 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:57:22.0275 6328 wlidsvc - ok
23:57:22.0415 6328 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
23:57:22.0478 6328 WmiAcpi - ok
23:57:22.0556 6328 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:57:22.0634 6328 wmiApSrv - ok
23:57:22.0696 6328 WMPNetworkSvc - ok
23:57:22.0790 6328 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:57:22.0837 6328 WPCSvc - ok
23:57:22.0852 6328 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
23:57:22.0883 6328 WPDBusEnum - ok
23:57:22.0915 6328 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:57:22.0993 6328 ws2ifsl - ok
23:57:23.0024 6328 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
23:57:23.0102 6328 wscsvc - ok
23:57:23.0117 6328 WSearch - ok
23:57:23.0195 6328 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
23:57:23.0305 6328 wuauserv - ok
23:57:23.0383 6328 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:57:23.0492 6328 WudfPf - ok
23:57:23.0523 6328 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:57:23.0585 6328 WUDFRd - ok
23:57:23.0601 6328 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
23:57:23.0648 6328 wudfsvc - ok
23:57:23.0695 6328 WwanSvc (ce8cf9de9cbfdaa318bd04d8be3fcada) C:\Windows\System32\wwansvc.dll
23:57:23.0757 6328 WwanSvc - ok
23:57:23.0804 6328 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:57:24.0085 6328 \Device\Harddisk0\DR0 - ok
23:57:24.0085 6328 MBR (0x1B8) (8464d19686910a2e5d0e5c28c70a95ab) \Device\Harddisk1\DR1
23:57:24.0584 6328 \Device\Harddisk1\DR1 - ok
23:57:24.0615 6328 Boot (0x1200) (2a4ca75c650f995fc4cc738431bdf4c6) \Device\Harddisk0\DR0\Partition0
23:57:24.0631 6328 \Device\Harddisk0\DR0\Partition0 - ok
23:57:24.0646 6328 Boot (0x1200) (a9df09dde4fbae3fbd84a2ce67d4e3a7) \Device\Harddisk0\DR0\Partition1
23:57:24.0662 6328 \Device\Harddisk0\DR0\Partition1 - ok
23:57:24.0724 6328 Boot (0x1200) (f7e5d506314648c8ec4a6c2557088d84) \Device\Harddisk0\DR0\Partition2
23:57:24.0740 6328 \Device\Harddisk0\DR0\Partition2 - ok
23:57:24.0755 6328 Boot (0x1200) (7f417325a19f85cc9bc5e57c460a75d7) \Device\Harddisk0\DR0\Partition3
23:57:24.0755 6328 \Device\Harddisk0\DR0\Partition3 - ok
23:57:24.0755 6328 Boot (0x1200) (b3ce14e65b73be8682f2484d9734a554) \Device\Harddisk1\DR1\Partition0
23:57:24.0755 6328 \Device\Harddisk1\DR1\Partition0 - ok
23:57:24.0755 6328 ================================================== ==========
23:57:24.0755 6328 Scan finished
23:57:24.0755 6328 ================================================== ==========
23:57:25.0301 6596 Deinitialize success

==============================================
System Restore Point Check:
TDSSKiller Starter Restore Point Created Succesfully
==============================================
EOF

Juisterr

5 April 2012, 13:06

Ik zie geen besmetting hoor.

planina

5 April 2012, 16:30

Nou ja, misschien is het iets anders dan een virus? :thx:

Juisterr

5 April 2012, 21:14

Download ComboFix van één van deze locaties:

Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.infospyware.net/antimalware/combofix/)

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< (http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden) kunt u lezen hoe u Combofix dient te gebruiken.

http://www.imgdumper.nl/uploads4/4de6eab686b90/4de6eab6867f3-Combofix.JPG

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

* (hier (http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608) of hier (http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607) 2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

planina

6 April 2012, 08:54

Hoi Juisterr,
Hierbij het combofixlog

ComboFix 12-04-05.09 - edgard 06/04/2012 7:54.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3561.1781 [GMT 2:00]
Gestart vanuit: c:\users\edgard\Desktop\ComboFix.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-03-06 to 2012-04-06 ))))))))))))))))))))))))))))))
.
.
2012-04-06 06:10 . 2012-04-06 06:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-04 21:56 . 2012-04-04 21:57 -------- d-----w- C:\TDSSStarter
2012-04-03 07:02 . 2012-04-03 07:02 -------- d-----w- c:\program files (x86)\FrostWire 5
2012-03-30 05:11 . 2012-03-30 05:11 -------- d-----r- C:\MSOCache
2012-03-28 17:52 . 2012-03-28 17:52 -------- d-----w- c:\program files (x86)\MetaGeek
2012-03-28 05:04 . 2012-03-28 05:04 -------- d-----w- C:\Eigen visitekaartjes
2012-03-28 04:45 . 2012-03-28 04:45 28672 ----a-w- c:\windows\SysWow64\coclean.exe
2012-03-27 17:56 . 2012-03-27 17:56 0 ----a-w- c:\windows\Tlcsel.bin
2012-03-27 17:39 . 2012-03-27 17:39 -------- d-----w- c:\program files (x86)\IGN-NGI
2012-03-27 17:37 . 2012-03-27 17:37 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2012-03-27 06:45 . 2012-03-27 06:46 -------- d-----w- c:\programdata\Apple
2012-03-26 22:08 . 2012-03-26 22:09 -------- d-----w- c:\program files (x86)\Nero
2012-03-26 21:56 . 2010-05-26 09:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2012-03-26 21:56 . 2010-05-26 09:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2012-03-26 21:56 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2012-03-26 21:56 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll
2012-03-26 21:56 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2012-03-26 21:55 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2012-03-26 21:55 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2012-03-26 21:54 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2012-03-26 21:54 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\SysWow64\d3dx9_35.dll
2012-03-26 21:53 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\SysWow64\d3dx9_34.dll
2012-03-26 21:10 . 2012-03-26 22:10 -------- d-----w- c:\programdata\Nero
2012-03-26 21:10 . 2012-03-26 22:08 -------- d-----w- c:\program files (x86)\Common Files\Nero
2012-03-26 20:59 . 2007-07-16 08:20 95784 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2012-03-26 20:59 . 2008-02-14 09:17 91176 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2012-03-26 20:59 . 2007-07-16 08:20 19752 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2012-03-26 20:59 . 2008-02-12 14:59 295424 ----a-w- c:\windows\system32\BtwRSupport.dll
2012-03-26 20:58 . 2012-03-26 20:58 -------- d-----w- c:\windows\SysWow64\es-MX
2012-03-26 20:58 . 2012-03-26 20:58 -------- d-----w- c:\windows\SysWow64\es-AR
2012-03-26 20:58 . 2012-03-26 20:58 -------- d-----w- c:\windows\system32\es-MX
2012-03-26 20:58 . 2012-03-26 20:58 -------- d-----w- c:\windows\system32\es-AR
2012-03-26 20:58 . 2012-03-26 20:58 -------- d-----w- c:\program files\WIDCOMM
2012-03-26 05:29 . 2012-03-26 05:29 -------- d-----w- c:\programdata\Malwarebytes
2012-03-26 05:29 . 2012-03-26 05:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-26 05:29 . 2011-12-10 13:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-26 01:20 . 2012-03-26 01:20 -------- d-----w- c:\program files\Google
2012-03-26 01:19 . 2012-03-26 01:19 -------- d-----w- c:\windows\system32\Macromed
2012-03-25 17:55 . 2012-03-25 17:55 -------- d-----w- c:\windows\SysWow64\Wat
2012-03-25 17:55 . 2012-03-25 17:55 -------- d-----w- c:\windows\system32\Wat
2012-03-25 17:32 . 2012-03-25 17:32 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-03-25 17:29 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-25 17:29 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-25 17:29 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-25 13:02 . 2012-03-25 13:02 -------- d-----w- c:\program files (x86)\Runtime Software
2012-03-25 12:40 . 2012-03-25 12:40 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-03-25 12:23 . 2012-03-25 12:23 -------- d-----w- c:\program files (x86)\fbphotozoom
2012-03-25 12:22 . 2012-03-25 12:23 -------- d-----w- c:\program files (x86)\1ClickDownload
2012-03-25 11:14 . 2012-03-25 12:55 -------- d-----w- c:\programdata\VirtualizedApplications
2012-03-25 07:10 . 2012-03-25 07:10 -------- d-----w- c:\program files (x86)\Conduit
2012-03-25 06:40 . 2012-03-26 08:48 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2012-03-25 05:24 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-03-25 05:24 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2012-03-25 05:21 . 2012-03-25 05:21 -------- d-----w- c:\program files\Microsoft Silverlight
2012-03-25 05:21 . 2012-03-25 05:21 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-03-24 23:09 . 2012-03-24 23:01 16432 ----a-w- c:\windows\system32\lsdelete.exe
2012-03-24 23:02 . 2012-03-24 23:02 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-03-24 23:00 . 2012-03-20 12:41 69376 ----a-w- c:\windows\system32\drivers\Lbd.sys
2012-03-24 22:59 . 2012-03-24 22:59 -------- d-----w- c:\program files (x86)\Lavasoft
2012-03-24 22:59 . 2012-03-24 23:00 -------- d-----w- c:\programdata\Lavasoft
2012-03-24 22:27 . 2012-03-26 01:20 -------- d-----w- c:\program files (x86)\Google
2012-03-24 17:04 . 2012-03-24 17:04 -------- d-----w- c:\programdata\HP Product Assistant
2012-03-24 17:02 . 2012-03-24 17:02 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
2012-03-24 16:34 . 2012-03-24 16:34 -------- d-----w- c:\programdata\CyberLink
2012-03-24 15:55 . 2012-03-24 15:55 -------- d-----w- c:\programdata\YouTube Downloader
2012-03-24 15:55 . 2012-03-24 15:55 -------- d-----w- c:\program files (x86)\YouTube Downloader
2012-03-24 15:44 . 2012-03-24 15:44 -------- d-----w- c:\program files (x86)\GRETECH
2012-03-24 12:25 . 2012-03-24 12:25 -------- d-----w- c:\programdata\WEBREG
2012-03-24 12:24 . 2007-03-28 12:57 224768 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzpp5ha.dl l
2012-03-24 12:20 . 2012-03-24 12:20 -------- d-----w- c:\program files (x86)\Common Files\HP
2012-03-24 12:19 . 2007-03-30 15:12 355416 ----a-w- c:\windows\system32\hpzids40.dll
2012-03-24 12:19 . 2007-03-28 13:02 134144 ----a-w- c:\windows\system32\hpzll5ha.dll
2012-03-24 12:19 . 2007-03-28 13:01 233472 ----a-w- c:\windows\SysWow64\hpzc35ha.dll
2012-03-24 12:19 . 2006-11-30 10:14 671816 ----a-w- c:\windows\SysWow64\hpcdmc32.dll
2012-03-24 12:19 . 2012-03-24 17:05 -------- d-----w- c:\program files (x86)\HP
2012-03-24 12:15 . 2012-03-24 17:04 -------- d-----w- c:\programdata\HP
2012-03-24 12:14 . 2012-03-24 12:14 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-03-24 12:14 . 2012-03-24 12:14 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-24 12:14 . 2012-03-24 12:14 -------- d-----w- c:\program files (x86)\Java
2012-03-24 12:08 . 2012-03-24 12:08 -------- d-----w- c:\program files\DIFX
2012-03-24 12:07 . 2012-03-24 12:07 -------- d-----w- c:\windows\SysWow64\siscardplugins
2012-03-24 12:07 . 2012-03-24 12:07 -------- d-----w- c:\windows\SysWow64\beidpp
2012-03-24 12:07 . 2012-03-24 12:07 -------- d-----w- c:\program files (x86)\Belgium Identity Card
2012-03-24 12:07 . 2012-03-24 12:07 -------- d-----w- c:\program files\log
2012-03-24 12:07 . 2012-03-24 12:07 -------- d-----w- C:\drivers
2012-03-24 12:01 . 2012-03-24 12:01 -------- d-----r- C:\Favorieten
2012-03-24 11:54 . 2009-07-14 01:14 1397248 ----a-w- c:\windows\SysWow64\win_utilman.exe
2012-03-24 11:49 . 2012-03-24 11:49 -------- d-----w- C:\totalcmd
2012-03-24 11:49 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF
2012-03-24 11:49 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF
2012-03-24 11:49 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2012-03-24 11:49 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF
2012-03-24 11:49 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF
2012-03-24 11:27 . 2012-03-24 11:27 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-03-24 11:27 . 2012-03-24 11:27 -------- d-----w- c:\program files\Symantec
2012-03-24 11:27 . 2012-03-24 11:27 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-03-24 11:27 . 2012-03-28 04:10 -------- d-----w- c:\windows\system32\drivers\NAVx64
2012-03-24 11:27 . 2012-03-24 11:27 -------- d-----w- c:\program files (x86)\Norton AntiVirus
2012-03-24 11:24 . 2012-03-24 11:24 -------- d-----w- c:\programdata\PCSettings
2012-03-24 11:16 . 2012-03-24 11:16 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-03-24 10:49 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-24 10:49 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-24 10:49 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-24 10:49 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-24 10:49 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-24 10:49 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-24 10:49 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-24 09:24 . 2012-04-03 07:02 -------- d-----w- c:\users\edgard
2012-03-24 09:24 . 2012-03-24 09:24 -------- d-sh--we c:\users\Default\Sjablonen
2012-03-24 09:24 . 2012-03-24 09:24 -------- d-sh--we c:\users\Default\Netwerkprinteromgeving
2012-03-24 09:24 . 2012-03-24 09:24 -------- d-sh--we c:\users\Default\Mijn documenten
2012-03-24 09:24 . 2012-03-24 09:24 -------- d-sh--we c:\users\Default\Menu Start
2012-03-24 09:24 . 2012-03-24 09:24 -------- d-sh--we c:\users\Default\AppData\Local\Geschiedenis
2012-03-24 09:24 . 2012-03-24 09:24 -------- d-sh--we c:\programdata\Sjablonen
2012-03-24 09:24 . 2012-03-24 09:24 -------- d-sh--we c:\programdata\Menu Start
2012-03-24 09:24 . 2012-03-24 09:24 -------- d-sh--we c:\programdata\Favorieten
2012-03-24 09:24 . 2012-03-24 09:24 -------- d-sh--we c:\programdata\Documenten
2012-03-24 09:24 . 2012-03-24 09:24 -------- d-sh--we c:\programdata\Bureaublad
2012-03-19 10:47 . 2012-03-19 10:47 113664 ----a-w- c:\windows\system32\beidpkcs11.dll
2012-03-19 10:46 . 2012-03-19 10:46 268288 ----a-w- c:\windows\system32\beid35cardlayer.dll
2012-03-19 10:46 . 2012-03-19 10:46 273408 ----a-w- c:\windows\system32\beid35DlgsWin32.dll
2012-03-19 10:46 . 2012-03-19 10:46 147456 ----a-w- c:\windows\system32\beid35common.dll
2012-03-19 10:41 . 2012-03-19 10:41 360448 ----a-w- c:\windows\SysWow64\beid35applayer.dll
2012-03-19 10:41 . 2012-03-19 10:41 98304 ----a-w- c:\windows\SysWow64\Belgium Identity Card PKCS11.dll
2012-03-19 10:41 . 2012-03-19 10:41 98304 ----a-w- c:\windows\SysWow64\beidpkcs11.dll
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2012-03-26 01:20 . 2011-10-23 15:05 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-24 11:11 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\pp crlconfig600.dll
2012-02-15 09:01 . 2012-02-15 09:01 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2012-02-15 09:01 . 2012-02-15 09:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
2011-06-07 14:30 69760 ----a-w- c:\program files (x86)\AMD\SteadyVideo\SteadyVideo.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2012-03-26 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-28 343168]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-10-08 169528]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-07-11 574008]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-09-15 61112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-06 421736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 994856]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\ windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-24 116648]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-08-01 195320]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-24 116648]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-01-09 4925184]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VS TAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VS TDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVER S\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsus bflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\sy stem32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_ sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_ xata.sys [x]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-09-28 361984]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-07-20 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-16 682040]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-12 227896]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-07-11 26680]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-06-29 2413056]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2012-03-24 2152152]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe [2012-01-17 138232]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atik mdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atik mpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\BASHDefs\ 20120317.002\BHDrvx64.sys [2012-03-17 1157240]
S3 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAVx64\1306020 .00A\ccSetx64.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 cxbu0x64;OMNIKEY 3x21;c:\windows\system32\DRIVERS\cxbu0x64.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-03-25 138360]
S3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\IPSDefs\2 0120405.002\IDSvia64.sys [2012-03-23 488568]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2012-03-24 17152]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sy s [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftpla ylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftr edirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh .sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1306020.0 0A\SYMDS64.SYS [x]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1306 020.00A\SYMEFA64.SYS [x]
S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1306020. 00A\Ironx64.SYS [x]
S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1306020. 00A\SYMNETS.SYS [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhoud van de 'Gedeelde Taken' map
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-24 22:27]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-24 22:27]
.
2012-04-03 c:\windows\Tasks\HPCeeScheduleForedgard.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 02:43]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
2011-06-07 14:30 81024 ----a-w- c:\program files\AMD\SteadyVideo\SteadyVideo.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-09-30 43320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.com/ig
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 195.130.131.2 195.130.130.130
.
- - - - ORPHANS VERWIJDERD - - - -
.
URLSearchHooks-{87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
Wow6432Node-HKCU-Run-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe
Wow6432Node-HKCU-Run-Nero MediaHome 4 - c:\program files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe
Wow6432Node-HKLM-Run-beid - c:\program files (x86)\Belgium Identity Card\beid35gui.exe
HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec
WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{470930c7-e586-4e0d-8c58-121f5914ce69} - c:\program files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N AV]
"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\19.6.2.10\diMaster.dll\" /prefetch:1"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil 11g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil1 1g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.o cx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.o cx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.o cx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.o cx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-04-06 08:48:37
ComboFix-quarantined-files.txt 2012-04-06 06:48
.
Pre-Run: 379.228.028.928 bytes beschikbaar
Post-Run: 380.170.031.104 bytes beschikbaar
.
- - End Of File - - 6029BDD2FDF8C2547C52E894C5CF2AE3

Bedankt voor de moeite

Juisterr

7 April 2012, 16:50

Ziet er goed uit, hoe gaat het nu?

planina

10 April 2012, 06:45

Ziet er goed uit, hoe gaat het nu?

Hoi Juisterr,

Merkwaardig genoeg schijnt het nu terug degelijk te gaan. Afsluiten en opstarten gaat nu terug normaal.
In elk geval bedankt voor de moeite . (y)

Juisterr

10 April 2012, 12:49

Verwijder ComboFix, kopiëer het onderstaande commando met (Ctrl + C):
Combofix /Uninstall (let op!!! de spatie voor /Uninstall)

Klik Start -> Uitvoeren, en plak (Ctrl + V) het commando, toets vervolgens Ctrl + Shift + Enter.
Dit verwijdert zowel ComboFix, als je oude systeemherstelpunten (met eventuele restanten van malware), en maakt een nieuw systeemherstelpunt aan.
http://www.imgdumper.nl/uploads4/4e4e40e012008/4e4e40e01106d-cfu.jpg

Ccleaner
Download CCleaner Slim (http://www.filehippo.com/download_ccleaner/)
Installeer CCleaner en start CCleaner op.

Klik in de linkse kolom op Cleaner.
Klik achtereenvolgens op Analyseren en Opschonen.
Klik vervolgens in de linkse kolom op Register en klik op Scan naar problemen.
Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK.
Dan krijg je de vraag om een back-up te maken, klik op JA. en kies dan Herstel alle geselecteerde fouten.
Sluit hierna CCleaner af.

Om herbesmetting te vermijden, kan je deze tips eens nalezen:
Hoe voorkom ik een nieuwe infectie? (http://users.telenet.be/marcvn/spyware/1564073.htm)