Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:43:59, on 26/10/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal


Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Citrix\ICA Client\WFCRUN32.EXE
C:\Program Files\Citrix\ICA Client\PNAMAIN.EXE
D:\users\3030319\AppData\Roaming\Dropbox\bin\Dropb ox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
D:\users\3030319\AppData\Local\Google\Chrome\Appli cation\chrome.exe
D:\users\3030319\AppData\Local\Google\Chrome\Appli cation\chrome.exe
D:\users\3030319\AppData\Local\Google\Chrome\Appli cation\chrome.exe
D:\users\3030319\AppData\Local\Google\Chrome\Appli cation\chrome.exe
D:\users\3030319\Downloads\HijackThis.exe
C:\Windows\system32\DllHost.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.phl.be
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.be
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.phl.be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by PHL - Hogeschool met de laptop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = http://172.16.201.235/accelerated_pac_base.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = proxy.phl.be:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 172.16.*;192.168.*;*.phl.be;*.phlimburg.be;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\bin\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "D:\users\3030319\AppData\Local\Google\Update\Googl eUpdate.exe" /c
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - Startup: Dropbox.lnk = D:\users\3030319\AppData\Roaming\Dropbox\bin\Dropb ox.exe
O4 - Global Startup: Online plug-in.lnk = ?
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - D:\users\3030319\AppData\Roaming\DVDVideoSoftIEHel pers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - D:\users\3030319\AppData\Roaming\DVDVideoSoftIEHel pers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = student.phlimburg.be
O17 - HKLM\Software\..\Telephony: DomainName = student.phlimburg.be
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = student.phlimburg.be
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = student.phlimburg.be
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SEP - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\WinLogoutNotifier .dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\snac.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


--
End of file - 17194 bytes

Misschien even de problemen vermelden; mijn laptop start de laatste tijd trager en trager op en geeft veel Reageert niet meldingen. Zou iemand aub zo vriendelijk willen zijn bovenstaand Logje even na te lezen ? Bij voorbaat dank ! :)

Hoi,

1.
Deinstalleer de volgende toolbar:
Softonic-Eng7 Toolbar

Herstart de computer.

2.
Download MalwareBytes' Anti-Malware (http://www.malwarebytes.org/mbam/program/mbam-setup.exe) (website (https://store.malwarebytes.org/342/cookie?affiliate=21030&redirectto=http%3A%2F%2Fwww.malwarebytes.org%2Fpro ducts%2Fmalwarebytes_pro)) en sla het op je bureaublad op.
Dubbelklik op mbam-setup.exe om het programma te installeren.
Zorg dat er na de installatie een vinkje is geplaatst bij:


Update MalwareBytes' Anti-Malware
Start MalwareBytes' Anti-Malware
Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.


Klik daarna op "Voltooien".
Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.
Bij problemen!!! (Lees de onderstaande instructies)




Malwarebytes' Anti-Malware Chameleon (http://www.pcwebplus.nl/phpbb/viewtopic.php?f=231&t=5650&p=21861#p21861)
Problemen bij het installeren van Malwarebytes' Anti-Malware (http://www.pcwebplus.nl/phpbb/viewtopic.php?f=207&t=3419)
Problemen bij het updaten van Malwarebytes' Anti-Malware (http://www.pcwebplus.nl/phpbb/viewtopic.php?f=207&t=3420)
Problemen bij het starten van Malwarebytes' Anti-Malware (http://www.pcwebplus.nl/phpbb/viewtopic.php?f=207&t=3421)





Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
Druk vervolgens op "Scannen" om de scan te starten.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.


Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


3.
Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
Download AdwCleaner (http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner) by Xplode naar het bureaublad.

http://i341.photobucket.com/albums/o365/EvelineGirl/A3qkP9RCEAAOZhQ.jpg



Sluit alle openstaande vensters.
Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
Voor XP: Gewoon dubbelklikken op AdwCleaner.
Klik vervolgens op Verwijderen.
Klik bij AdwCleaner – Informatie op OK
Klik bij AdwCleaner – Herstarten Noodzakelijk op OK



Dat tijdens de aktie de snelkoppelingen verdwijnen, is normaal.
Nadat de PC opnieuw is opgestart, opent een logfile.
Post aansluitend de inhoud van dit log in je volgende bericht.

4.
Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:
DDS - Bleeping Computer download (http://download.bleepingcomputer.com/sUBs/dds.com).
DDS - Bleeping Computer download (http://download.bleepingcomputer.com/sUBs/dds.scr).
DDS - Infospyware (http://www.infospyware.net/sUBs/dds).

Schakel je beveiligings software uit voordat je DDS uitvoert!
(hier (http://www.pcwebplus.nl/phpbb/viewtopic.php?f=231&t=5401) of hier (http://www.pcwebplus.nl/phpbb/viewtopic.php?f=231&t=5402)) kan je lezen hoe je dat doet.



Klik met de rechtermuisknop op DDS en kies de optie "Configureren"
http://www.imgdumper.nl/uploads6/507d432a0bedd/507d432a0ab50-dds-b.jpg
Windows Vista en 7 gebruikers zullen een melding van het gebruikersaccountbeheer krijgen, sta hier toe dat DDS wordt uitgevoerd.
Vink in het onderstaande scherm DDS.txt en Attacht.txt aan en klik op "Start Scan"
http://www.imgdumper.nl/uploads6/507d4431dd21c/507d4431d9f57-dds-d.jpg
Nu zal automatisch het volgende scherm verschijnen.
http://www.imgdumper.nl/uploads6/507d44ab93e17/507d44ab8eff2-dds-e.jpg
Als de scan gereed is krijgt u het volgende scherm te zien.
http://www.imgdumper.nl/uploads6/507d44ce8e15a/507d44ce8ae92-dds-f.jpg
Klik hier op "OK" nu zal automatisch het DDS logje geopend worden in kladblok.
Het DDS logje is samen met het attach logje opgeslagen op het bureaublad. (Plaats het attach logje alleen indien hierom wordt gevraagd!)
Post het DDS in het volgende bericht.

# AdwCleaner v2.005 - Verslag gemaakt op 26/10/2012 om 15:16:43
# Geactualiseerd op 14/10/2012 door Xplode
# Besturingssysteem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Gebruiker : 3030319 - WINPHL-U3ZDE7SI
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : D:\users\3030319\Downloads\adwcleaner.exe
# Optie [Verwijderen]




***** [Diensten] *****




***** [Files / Mappen] *****


File Verwijdert : D:\users\3030319\AppData\Roaming\Mozilla\Firefox\P rofiles\4mxmkcht.default\searchplugins\Conduit.xml
Map Verwijdert : C:\Program Files\Ask.com
Map Verwijdert : C:\Program Files\Conduit
Map Verwijdert : D:\users\3030319\AppData\Local\Temp\AskSearch
Map Verwijdert : D:\users\3030319\AppData\Local\Temp\OpenCandy
Map Verwijdert : D:\users\3030319\AppData\LocalLow\Conduit
Map Verwijdert : D:\users\3030319\AppData\LocalLow\FunWebProducts
Map Verwijdert : D:\users\3030319\AppData\LocalLow\MyWebSearch
Map Verwijdert : D:\users\3030319\AppData\LocalLow\PriceGong
Map Verwijdert : D:\users\3030319\AppData\Roaming\Mozilla\Firefox\P rofiles\4mxmkcht.default\Conduit
Map Verwijdert : D:\users\3030319\AppData\Roaming\Mozilla\Firefox\P rofiles\4mxmkcht.default\ConduitCommon
Map Verwijdert : D:\users\3030319\AppData\Roaming\Mozilla\Firefox\P rofiles\4mxmkcht.default\CT2405280
Map Verwijdert : D:\users\3030319\AppData\Roaming\Mozilla\Firefox\P rofiles\4mxmkcht.default\CT2903601
Map Verwijdert : D:\users\3030319\AppData\Roaming\Mozilla\Firefox\P rofiles\4mxmkcht.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
Map Verwijdert : D:\users\3030319\AppData\Roaming\Mozilla\Firefox\P rofiles\4mxmkcht.default\extensions\{e84cc2c1-b722-48fc-a39c-edb8b525c777}


***** [Register] *****


Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Fun Web Products
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\FunWebProducts
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\MyWebSearch
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong
Sleutel Verwijdert : HKCU\Software\FunWebProducts
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Sleutel Verwijdert : HKCU\Software\Softonic
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
Sleutel Verwijdert : HKLM\Software\Conduit
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]


***** [Browsers] *****


-\\ Internet Explorer v8.0.7601.17514


[OK] Het register bevat geen enkele ongeoorloofde invoer.


-\\ Mozilla Firefox v8.0 (nl)


Profielnaam : default
File : D:\users\3030319\AppData\Roaming\Mozilla\Firefox\P rofiles\4mxmkcht.default\prefs.js


Verwijdert : user_pref("CT2405280..clientLogIsEnabled", true);
Verwijdert : user_pref("CT2405280..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Verwijdert : user_pref("CT2405280..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Verwijdert : user_pref("CT2405280.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Verwijdert : user_pref("CT2405280.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Verwijdert : user_pref("CT2405280.BrowserCompStateIsOpen_12977417998715775 7", true);
Verwijdert : user_pref("CT2405280.BrowserCompStateIsOpen_12978448388971232 1", true);
Verwijdert : user_pref("CT2405280.BrowserCompStateIsOpen_12979122426849126 2", true);
Verwijdert : user_pref("CT2405280.CTID", "CT2405280");
Verwijdert : user_pref("CT2405280.CurrentServerDate", "26-10-2012");
Verwijdert : user_pref("CT2405280.DialogsAlignMode", "LTR");
Verwijdert : user_pref("CT2405280.DialogsGetterLastCheckTime", "Fri Oct 26 2012 09:38:20 GMT+0200 (Romance (zomer[...]
Verwijdert : user_pref("CT2405280.DownloadReferralCookieData", "");
Verwijdert : user_pref("CT2405280.EMailNotifierPollDate", "Fri Aug 31 2012 13:29:15 GMT+0200 (Romance (zomertijd)[...]
Verwijdert : user_pref("CT2405280.FeedLastCount1783261708582779529", 852);
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392415092", "Wed Jan 26 2011 10:44:34 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392415098", "Wed Jan 26 2011 10:44:34 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392415104", "Wed Jan 26 2011 10:44:40 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392415110", "Wed Jan 26 2011 10:44:40 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392415116", "Wed Jan 26 2011 10:44:40 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392415122", "Wed Jan 26 2011 10:44:40 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392571378", "Wed Jan 26 2011 10:44:41 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392571384", "Wed Jan 26 2011 10:44:41 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392571390", "Wed Jan 26 2011 10:44:41 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392571396", "Wed Jan 26 2011 10:44:41 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392571402", "Wed Jan 26 2011 10:44:41 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392571408", "Wed Jan 26 2011 10:44:41 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392571414", "Wed Jan 26 2011 10:44:41 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392571420", "Wed Jan 26 2011 10:44:41 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392571426", "Wed Jan 26 2011 10:44:41 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392571432", "Wed Jan 26 2011 10:44:41 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392571438", "Wed Jan 26 2011 10:44:41 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392571444", "Wed Jan 26 2011 10:44:42 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727700", "Wed Jan 26 2011 10:44:42 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727706", "Wed Jan 26 2011 10:44:42 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727712", "Wed Jan 26 2011 10:44:43 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727718", "Wed Jan 26 2011 10:44:43 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727724", "Wed Jan 26 2011 10:44:43 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727730", "Wed Jan 26 2011 10:44:43 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727736", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727742", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727748", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727754", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727760", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727766", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727772", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727778", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727784", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727790", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727796", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727802", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727808", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727814", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727820", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727826", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727832", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727838", "Wed Jan 26 2011 10:44:44 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727844", "Wed Jan 26 2011 10:44:48 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727850", "Wed Jan 26 2011 10:44:48 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727856", "Wed Jan 26 2011 10:44:48 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727862", "Wed Jan 26 2011 10:44:48 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727868", "Wed Jan 26 2011 10:44:48 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727874", "Wed Jan 26 2011 10:44:48 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727880", "Wed Jan 26 2011 10:44:48 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727886", "Wed Jan 26 2011 10:44:48 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727892", "Wed Jan 26 2011 10:44:48 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedPollDate129255180392727898", "Wed Jan 26 2011 10:44:48 GMT+0100 (Romance (s[...]
Verwijdert : user_pref("CT2405280.FeedTTL129255180392415104", 15);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392415116", 60);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392571420", 60);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392571426", 15);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392571432", 2);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392571438", 15);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727700", 2);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727706", 5);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727712", 5);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727724", 5);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727736", 30);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727742", 30);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727748", 2);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727766", 15);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727778", 15);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727784", 15);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727790", 15);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727808", 1440);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727838", 10);
Verwijdert : user_pref("CT2405280.FeedTTL129255180392727856", 5);
Verwijdert : user_pref("CT2405280.FirstServerDate", "22-9-2010");
Verwijdert : user_pref("CT2405280.FirstTime", true);
Verwijdert : user_pref("CT2405280.FirstTimeFF3", true);
Verwijdert : user_pref("CT2405280.FirstTimeSettingsDone", true);
Verwijdert : user_pref("CT2405280.FixPageNotFoundErrors", true);
Verwijdert : user_pref("CT2405280.GroupingServerCheckInterval", 1440);
Verwijdert : user_pref("CT2405280.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Verwijdert : user_pref("CT2405280.HasUserGlobalKeys", true);
Verwijdert : user_pref("CT2405280.HomePageProtectorEnabled", false);
Verwijdert : user_pref("CT2405280.HomepageBeforeUnload", "hxxp://www.google.be/ig");
Verwijdert : user_pref("CT2405280.Initialize", true);
Verwijdert : user_pref("CT2405280.InitializeCommonPrefs", true);
Verwijdert : user_pref("CT2405280.InstallationAndCookieDataSentCount", 3);
Verwijdert : user_pref("CT2405280.InstallationType", "UnknownIntegration");
Verwijdert : user_pref("CT2405280.InstalledDate", "Wed Sep 22 2010 14:57:44 GMT+0200 (Romance (zomertijd))");
Verwijdert : user_pref("CT2405280.InvalidateCache", false);
Verwijdert : user_pref("CT2405280.IsAlertDBUpdated", true);
Verwijdert : user_pref("CT2405280.IsGrouping", false);
Verwijdert : user_pref("CT2405280.IsMulticommunity", false);
Verwijdert : user_pref("CT2405280.IsOpenThankYouPage", false);
Verwijdert : user_pref("CT2405280.IsOpenUninstallPage", true);
Verwijdert : user_pref("CT2405280.LanguagePackLastCheckTime", "Fri Oct 26 2012 09:38:18 GMT+0200 (Romance (zomert[...]
Verwijdert : user_pref("CT2405280.LanguagePackReloadIntervalMM", 1440);
Verwijdert : user_pref("CT2405280.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Verwijdert : user_pref("CT2405280.LastLogin_2.7.1.3", "Wed Sep 22 2010 14:57:46 GMT+0200 (Romance (zomertijd))");
Verwijdert : user_pref("CT2405280.LastLogin_3.13.0.6", "Fri Aug 31 2012 13:30:00 GMT+0200 (Romance (zomertijd))")[...]
Verwijdert : user_pref("CT2405280.LastLogin_3.15.1.0", "Fri Oct 26 2012 09:38:17 GMT+0200 (Romance (zomertijd))")[...]
Verwijdert : user_pref("CT2405280.LastLogin_3.3.0.19", "Wed Jan 26 2011 10:44:48 GMT+0100 (Romance (standaardtijd[...]
Verwijdert : user_pref("CT2405280.LatestVersion", "3.14.1.0");
Verwijdert : user_pref("CT2405280.Locale", "en-us");
Verwijdert : user_pref("CT2405280.LoginCache", 4);
Verwijdert : user_pref("CT2405280.MCDetectTooltipHeight", "83");
Verwijdert : user_pref("CT2405280.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Verwijdert : user_pref("CT2405280.MCDetectTooltipWidth", "295");
Verwijdert : user_pref("CT2405280.MyStuffEnabledAtInstallation", true);
Verwijdert : user_pref("CT2405280.RadioIsPodcast", false);
Verwijdert : user_pref("CT2405280.RadioLastCheckTime", "Fri Aug 31 2012 13:29:16 GMT+0200 (Romance (zomertijd))")[...]
Verwijdert : user_pref("CT2405280.RadioLastUpdateIPServer", "3");
Verwijdert : user_pref("CT2405280.RadioLastUpdateServer", "129167775315800000");
Verwijdert : user_pref("CT2405280.RadioMediaID", "20503713");
Verwijdert : user_pref("CT2405280.RadioMediaType", "Media Player");
Verwijdert : user_pref("CT2405280.RadioMenuSelectedID", "EBRadioMenu_CT240528020503713");
Verwijdert : user_pref("CT2405280.RadioShrinkedFromSetup", false);
Verwijdert : user_pref("CT2405280.RadioStationName", "Virgin%20Radio%20Classic%20Rock");
Verwijdert : user_pref("CT2405280.RadioStationURL", "hxxp://www.smgradio.com/core/audio/wmp/live.asx?service=vcbb[...]
Verwijdert : user_pref("CT2405280.SHRINK_TOOLBAR", 1);
Verwijdert : user_pref("CT2405280.SavedHomepage", "www.google.be");
Verwijdert : user_pref("CT2405280.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Verwijdert : user_pref("CT2405280.SearchEngineBeforeUnload", "Yahoo");
Verwijdert : user_pref("CT2405280.SearchFromAddressBarIsInit", true);
Verwijdert : user_pref("CT2405280.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT240[...]
Verwijdert : user_pref("CT2405280.SearchInNewTabEnabled", true);
Verwijdert : user_pref("CT2405280.SearchInNewTabIntervalMM", 1440);
Verwijdert : user_pref("CT2405280.SearchInNewTabLastCheckTime", "Fri Oct 26 2012 09:38:00 GMT+0200 (Romance (zome[...]
Verwijdert : user_pref("CT2405280.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Verwijdert : user_pref("CT2405280.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Verwijdert : user_pref("CT2405280.SearchProtectorEnabled", false);
Verwijdert : user_pref("CT2405280.SearchProtectorToolbarDisabled", false);
Verwijdert : user_pref("CT2405280.ServiceMapLastCheckTime", "Fri Oct 26 2012 09:38:11 GMT+0200 (Romance (zomertij[...]
Verwijdert : user_pref("CT2405280.SettingsCheckIntervalMin", 120);
Verwijdert : user_pref("CT2405280.SettingsLastCheckTime", "Fri Oct 26 2012 09:37:54 GMT+0200 (Romance (zomertijd)[...]
Verwijdert : user_pref("CT2405280.SettingsLastUpdate", "1351096591");
Verwijdert : user_pref("CT2405280.ThirdPartyComponentsInterval", 504);
Verwijdert : user_pref("CT2405280.ThirdPartyComponentsLastCheck", "Sat Aug 11 2012 12:37:45 GMT+0200 (Romance (zo[...]
Verwijdert : user_pref("CT2405280.ThirdPartyComponentsLastUpdate", "1331805997");
Verwijdert : user_pref("CT2405280.ToolbarShrinkedFromSetup", false);
Verwijdert : user_pref("CT2405280.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2405280");
Verwijdert : user_pref("CT2405280.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Verwijdert : user_pref("CT2405280.UserID", "UN46883385703132718");
Verwijdert : user_pref("CT2405280.ValidationData_Toolbar", 2);
Verwijdert : user_pref("CT2405280.WeatherNetwork", "");
Verwijdert : user_pref("CT2405280.WeatherPollDate", "Fri Aug 31 2012 13:29:17 GMT+0200 (Romance (zomertijd))");
Verwijdert : user_pref("CT2405280.WeatherUnit", "C");
Verwijdert : user_pref("CT2405280.alertChannelId", "799768");
Verwijdert : user_pref("CT2405280.backendstorage.cbcountry_001", "4245");
Verwijdert : user_pref("CT2405280.backendstorage.cbfirsttime", "546875204A756C20303520323031322032313A30313A32302[...]
Verwijdert : user_pref("CT2405280.backendstorage.ct2405280ads1", "25374225323261647325323225334125354225374225323[...]
Verwijdert : user_pref("CT2405280.backendstorage.ct2405280current_term", "");
Verwijdert : user_pref("CT2405280.backendstorage.ct2405280isadsdisabled", "66616C7365");
Verwijdert : user_pref("CT2405280.backendstorage.ct2405280sdate", "3331");
Verwijdert : user_pref("CT2405280.backendstorage.hxxp://api22_thetrafficstat_net.pid2", "613835313235643830653162[...]
Verwijdert : user_pref("CT2405280.backendstorage.hxxp://api6_thetrafficstat_net.pid2", "6138353132356438306531626[...]
Verwijdert : user_pref("CT2405280.backendstorage.hxxp://st_thetrafficstat_net.pid2", "613835313235643830653162666[...]
Verwijdert : user_pref("CT2405280.backendstorage.latestnotice", "3230");
Verwijdert : user_pref("CT2405280.backendstorage.shoppingapp.gk.exipres", "5765642053657020303520323031322031333A[...]
Verwijdert : user_pref("CT2405280.backendstorage.shoppingapp.gk.geolocatio n", "62656C6769756D");
Verwijdert : user_pref("CT2405280.clientLogIsEnabled", false);
Verwijdert : user_pref("CT2405280.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Verwijdert : user_pref("CT2405280.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Verwijdert : user_pref("CT2405280.globalFirstTimeInfoLastCheckTime", "Fri Aug 24 2012 16:58:14 GMT+0200 (Romance [...]
Verwijdert : user_pref("CT2405280.homepageProtectorEnableByLogin", true);
Verwijdert : user_pref("CT2405280.initDone", true);
Verwijdert : user_pref("CT2405280.isAppTrackingManagerOn", false);
Verwijdert : user_pref("CT2405280.isFirstRadioInstallation", false);
Verwijdert : user_pref("CT2405280.myStuffEnabled", true);
Verwijdert : user_pref("CT2405280.myStuffPublihserMinWidth", 400);
Verwijdert : user_pref("CT2405280.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Verwijdert : user_pref("CT2405280.myStuffServiceIntervalMM", 1440);
Verwijdert : user_pref("CT2405280.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Verwijdert : user_pref("CT2405280.oldAppsList", "128325851945531999,128310509462438058,111,12979122 4268491262,129[...]
Verwijdert : user_pref("CT2405280.revertSettingsEnabled", true);
Verwijdert : user_pref("CT2405280.searchProtectorDialogDelayInSec", 10);
Verwijdert : user_pref("CT2405280.searchProtectorEnableByLogin", true);
Verwijdert : user_pref("CT2405280.testingCtid", "");
Verwijdert : user_pref("CT2405280.toolbarAppMetaDataLastCheckTime", "Fri Oct 26 2012 09:38:18 GMT+0200 (Romance ([...]
Verwijdert : user_pref("CT2405280.toolbarContextMenuLastCheckTime", "Fri Aug 31 2012 13:29:35 GMT+0200 (Romance ([...]
Verwijdert : user_pref("CT2405280.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Verwijdert : user_pref("CT2405280.usagesFlag", 2);
Verwijdert : user_pref("CT2903601..clientLogIsEnabled", true);
Verwijdert : user_pref("CT2903601..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Verwijdert : user_pref("CT2903601..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Verwijdert : user_pref("CT2903601.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Verwijdert : user_pref("CT2903601.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Verwijdert : user_pref("CT2903601.CT2903601", "CT2903601");
Verwijdert : user_pref("CT2903601.CurrentServerDate", "26-10-2012");
Verwijdert : user_pref("CT2903601.DialogsAlignMode", "LTR");
Verwijdert : user_pref("CT2903601.DialogsGetterLastCheckTime", "Fri Oct 26 2012 09:38:25 GMT+0200 (Romance (zomer[...]
Verwijdert : user_pref("CT2903601.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Verwijdert : user_pref("CT2903601.ExternalComponentPollDate129390375723768 938", "Tue Jan 18 2011 14:09:45 GMT+010[...]
Verwijdert : user_pref("CT2903601.FirstServerDate", "18-1-2011");
Verwijdert : user_pref("CT2903601.FirstTime", true);
Verwijdert : user_pref("CT2903601.FirstTimeFF3", true);
Verwijdert : user_pref("CT2903601.FixPageNotFoundErrors", false);
Verwijdert : user_pref("CT2903601.GroupingServerCheckInterval", 1440);
Verwijdert : user_pref("CT2903601.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Verwijdert : user_pref("CT2903601.HasUserGlobalKeys", true);
Verwijdert : user_pref("CT2903601.Initialize", true);
Verwijdert : user_pref("CT2903601.InitializeCommonPrefs", true);
Verwijdert : user_pref("CT2903601.InstallationAndCookieDataSentCount", 3);
Verwijdert : user_pref("CT2903601.InstallationType", "DirectDownload");
Verwijdert : user_pref("CT2903601.InstalledDate", "Tue Jan 18 2011 14:09:44 GMT+0100 (Romance (standaardtijd))");
Verwijdert : user_pref("CT2903601.IsGrouping", false);
Verwijdert : user_pref("CT2903601.IsMulticommunity", false);
Verwijdert : user_pref("CT2903601.IsOpenThankYouPage", true);
Verwijdert : user_pref("CT2903601.IsOpenUninstallPage", true);
Verwijdert : user_pref("CT2903601.LanguagePackLastCheckTime", "Fri Oct 26 2012 09:38:23 GMT+0200 (Romance (zomert[...]
Verwijdert : user_pref("CT2903601.LanguagePackReloadIntervalMM", 1440);
Verwijdert : user_pref("CT2903601.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Verwijdert : user_pref("CT2903601.LastLogin_3.13.0.6", "Fri Aug 31 2012 13:29:35 GMT+0200 (Romance (zomertijd))")[...]
Verwijdert : user_pref("CT2903601.LastLogin_3.15.1.0", "Fri Oct 26 2012 09:38:21 GMT+0200 (Romance (zomertijd))")[...]
Verwijdert : user_pref("CT2903601.LastLogin_3.3.0.19", "Tue Jan 18 2011 14:09:44 GMT+0100 (Romance (standaardtijd[...]
Verwijdert : user_pref("CT2903601.LatestVersion", "3.14.1.0");
Verwijdert : user_pref("CT2903601.Locale", "en");
Verwijdert : user_pref("CT2903601.MCDetectTooltipHeight", "83");
Verwijdert : user_pref("CT2903601.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Verwijdert : user_pref("CT2903601.MCDetectTooltipWidth", "295");
Verwijdert : user_pref("CT2903601.MyStuffEnabledAtInstallation", true);
Verwijdert : user_pref("CT2903601.SavedHomepage", "hxxp://www.google.be/ig");
Verwijdert : user_pref("CT2903601.SearchFromAddressBarIsInit", true);
Verwijdert : user_pref("CT2903601.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT290[...]
Verwijdert : user_pref("CT2903601.SearchInNewTabEnabled", true);
Verwijdert : user_pref("CT2903601.SearchInNewTabIntervalMM", 1440);
Verwijdert : user_pref("CT2903601.SearchInNewTabLastCheckTime", "Fri Oct 26 2012 09:38:18 GMT+0200 (Romance (zome[...]
Verwijdert : user_pref("CT2903601.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Verwijdert : user_pref("CT2903601.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Verwijdert : user_pref("CT2903601.ServiceMapLastCheckTime", "Fri Oct 26 2012 09:38:18 GMT+0200 (Romance (zomertij[...]
Verwijdert : user_pref("CT2903601.SettingsLastCheckTime", "Fri Oct 26 2012 09:38:17 GMT+0200 (Romance (zomertijd)[...]
Verwijdert : user_pref("CT2903601.SettingsLastUpdate", "1351096412");
Verwijdert : user_pref("CT2903601.ThirdPartyComponentsInterval", 504);
Verwijdert : user_pref("CT2903601.ThirdPartyComponentsLastCheck", "Tue Jan 18 2011 14:09:40 GMT+0100 (Romance (st[...]
Verwijdert : user_pref("CT2903601.ThirdPartyComponentsLastUpdate", "1246790578");
Verwijdert : user_pref("CT2903601.ToolbarShrinkedFromSetup", false);
Verwijdert : user_pref("CT2903601.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2903601");
Verwijdert : user_pref("CT2903601.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Verwijdert : user_pref("CT2903601.UserID", "UN94956624979390893");
Verwijdert : user_pref("CT2903601.alertChannelId", "1295532");
Verwijdert : user_pref("CT2903601.approveUntrustedApps", true);
Verwijdert : user_pref("CT2903601.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Verwijdert : user_pref("CT2903601.globalFirstTimeInfoLastCheckTime", "Tue Jan 18 2011 14:09:44 GMT+0100 (Romance [...]
Verwijdert : user_pref("CT2903601.homepageProtectorEnableByLogin", true);
Verwijdert : user_pref("CT2903601.initDone", true);
Verwijdert : user_pref("CT2903601.isAppTrackingManagerOn", false);
Verwijdert : user_pref("CT2903601.myStuffEnabled", true);
Verwijdert : user_pref("CT2903601.myStuffPublihserMinWidth", 400);
Verwijdert : user_pref("CT2903601.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Verwijdert : user_pref("CT2903601.myStuffServiceIntervalMM", 1440);
Verwijdert : user_pref("CT2903601.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Verwijdert : user_pref("CT2903601.revertSettingsEnabled", true);
Verwijdert : user_pref("CT2903601.searchProtectorDialogDelayInSec", 10);
Verwijdert : user_pref("CT2903601.searchProtectorEnableByLogin", true);
Verwijdert : user_pref("CT2903601.testingCtid", "");
Verwijdert : user_pref("CT2903601.toolbarAppMetaDataLastCheckTime", "Fri Oct 26 2012 09:38:23 GMT+0200 (Romance ([...]
Verwijdert : user_pref("CT2903601.toolbarContextMenuLastCheckTime", "Tue Jan 18 2011 14:09:45 GMT+0100 (Romance ([...]
Verwijdert : user_pref("CT2903601.usagesFlag", 1);
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2405280/CT2405280[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2903601/CT2903601[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1295532/1291203/BE", "\"0\"[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/799768/795587/BE", "\"0\"")[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/BE", "\"0\"")[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2405280", [...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2903601", [...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.0[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=2.7.[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2405280",[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2903601",[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2405280/CT2405280[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2903601/CT2903601[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/equalize[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/minimize[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/play.gif[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/stop.gif[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/vol.gif"[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"d63[...]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Verwijdert : user_pref("CommunityToolbar.EngineHiddenByUser", false);
Verwijdert : user_pref("CommunityToolbar.EngineOwner", "");
Verwijdert : user_pref("CommunityToolbar.EngineOwnerGuid", "{e84cc2c1-b722-48fc-a39c-edb8b525c777}");
Verwijdert : user_pref("CommunityToolbar.EngineOwnerToolbarId", "productivity_2.2");
Verwijdert : user_pref("CommunityToolbar.IsEngineShown", false);
Verwijdert : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Verwijdert : user_pref("CommunityToolbar.LatestLibsPath", "file:///D:\\users\\3030319\\AppData\\Roaming\\Mozilla\[...]
Verwijdert : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2903601");
Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{e84cc2c1-b722-48fc-a39c-edb8b525c777}");
Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "productivity_2.2");
Verwijdert : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Verwijdert : user_pref("CommunityToolbar.ToolbarsList", "CT2405280,CT2903601");
Verwijdert : user_pref("CommunityToolbar.ToolbarsList2", "CT2405280,CT2903601");
Verwijdert : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheck Time", "Wed Mar 23 2011 20:14:22 GMT+01[...]
Verwijdert : user_pref("CommunityToolbar.alert.alertEnabled", true);
Verwijdert : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Verwijdert : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Jul 08 2011 19:23:14 GMT+0200 (Roman[...]
Verwijdert : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Verwijdert : user_pref("CommunityToolbar.alert.locale", "en");
Verwijdert : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Verwijdert : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Jul 08 2011 19:23:05 GMT+0200 (Romance ([...]
Verwijdert : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Verwijdert : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Verwijdert : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Verwijdert : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Verwijdert : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Verwijdert : user_pref("CommunityToolbar.alert.userId", "d1ebdca0-4593-492f-a9d8-341ffdb87a9c");
Verwijdert : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Jan 26 2011 10:44:33 GMT+0100 (Rom[...]
Verwijdert : user_pref("CommunityToolbar.globalUserId", "f10906ed-975e-44f8-bbdc-0ba58cfb3160");
Verwijdert : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Verwijdert : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Verwijdert : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2903601");
Verwijdert : user_pref("CommunityToolbar.killedEngine", true);
Verwijdert : user_pref("CommunityToolbar.notifications.alertDialogsGetterL astCheckTime", "Fri Aug 24 2012 16:58:1[...]
Verwijdert : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Verwijdert : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Verwijdert : user_pref("CommunityToolbar.notifications.alertInfoLastCheckT ime", "Fri Aug 31 2012 13:29:25 GMT+020[...]
Verwijdert : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Verwijdert : user_pref("CommunityToolbar.notifications.locale", "en");
Verwijdert : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Verwijdert : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Aug 31 2012 13:29:16 GMT+0200 (R[...]
Verwijdert : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Verwijdert : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Verwijdert : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Verwijdert : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Verwijdert : user_pref("CommunityToolbar.notifications.userCloseIntervalMi n", 300);
Verwijdert : user_pref("CommunityToolbar.notifications.userId", "6abe3d49-1994-435d-88fc-90b2b1257687");
Verwijdert : user_pref("CommunityToolbar.undefined", "");
Verwijdert : user_pref("browser.search.defaultthis.engineName", "Productivity 2.2 Customized Web Search");
Verwijdert : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2903601&Sea[...]
Verwijdert : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2903601&q=&SearchSource=2[...]


-\\ Google Chrome v22.0.1229.94


File : D:\users\3030319\AppData\Local\Google\Chrome\User Data\Default\Preferences


[OK] De file bevat geen enkele ongeoorloofde invoer.


*************************


AdwCleaner[S1].txt - [37661 octets] - [26/10/2012 15:16:43]


########## EOF - D:\AdwCleaner[S1].txt - [37722 octets] ##########














DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_37
Run by 3030319 at 15:24:00 on 2012-10-26
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.3055.1548 [GMT 2:00]
.
AV: Symantec Endpoint Protection *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\Windows\system32\NLSSRV32.EXE
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Citrix\ICA Client\ssonsvr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\Smc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Citrix\ICA Client\WFCRUN32.EXE
C:\Windows\System32\StikyNot.exe
C:\Program Files\Citrix\ICA Client\PNAMAIN.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
D:\users\3030319\AppData\Roaming\Dropbox\bin\Dropb ox.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
D:\users\3030319\AppData\Local\Google\Chrome\Appli cation\chrome.exe
D:\users\3030319\AppData\Local\Google\Chrome\Appli cation\chrome.exe
D:\users\3030319\AppData\Local\Google\Chrome\Appli cation\chrome.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\users\3030319\AppData\Local\Google\Chrome\Appli cation\chrome.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\servicing\TrustedInstaller.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.phl.be
uWindow Title = Microsoft Internet Explorer provided by PHL - Hogeschool met de laptop
uSearch Bar = hxxp://www.google.be
uDefault_Page_URL = hxxp://www.phl.be
uProxyServer = proxy.phl.be:8080
uProxyOverride = 172.16.*;192.168.*;*.phl.be;*.phlimburg.be;<local>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\symantec\symantec endpoint protection\12.1.1101.401.105\bin\ips\IPSBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "d:\users\3030319\appdata\local\google\update\Googl eUpdate.exe" /c
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [HPWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\delayedappstarter.exe 120 c:\program files\hewlett-packard\hp wireless assistant\HPWA_Main.exe /hidden
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: d:\users\3030319\appdata\roaming\micros~1\windows\ startm~1\programs\startup\dropbox.lnk - d:\users\3030319\appdata\roaming\dropbox\bin\Dropb ox.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\sta rtup\online~1.lnk - c:\windows\installer\{0f1f7a90-e71b-4e45-a066-2891619f22e1}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9 811C3D135AC.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Windows\System: GroupPolicyRefreshTime = dword:1400
uPolicies-Windows\System: GroupPolicyRefreshTimeOffset = dword:1400
uPolicies-Windows\System: GroupPolicyMinTransferRate = dword:500
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SynchronousMachineGroupPolicy = dword:0
mPolicies-System: SynchronousUserGroupPolicy = dword:0
mPolicies-Windows\System: GroupPolicyRefreshTime = dword:4800
mPolicies-Windows\System: GroupPolicyRefreshTimeOffset = dword:1000
mPolicies-Windows\System: GroupPolicyRefreshTimeDC = dword:5000
mPolicies-Windows\System: GroupPolicyRefreshTimeOffsetDC = dword:1400
mPolicies-Windows\System: GroupPolicyMinTransferRate = dword:500
IE: &Verzenden naar OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Free YouTube Download - d:\users\3030319\appdata\roaming\dvdvideosoftiehel pers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - d:\users\3030319\appdata\roaming\dvdvideosoftiehel pers\freeyoutubetomp3converter.htm
IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} - hxxp://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{9B2F4B59-3817-4C21-934A-609520207290} : DHCPNameServer = 195.130.131.3 195.130.130.131
TCP: Interfaces\{E9AD3BF6-C21C-428A-A31F-C4CB25FF4D1E} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{E9AD3BF6-C21C-428A-A31F-C4CB25FF4D1E}\0584C4D205F4254514C4 : DHCPNameServer = 172.16.201.207 172.16.201.206
TCP: Interfaces\{E9AD3BF6-C21C-428A-A31F-C4CB25FF4D1E}\0584C4D27455543545 : DHCPNameServer = 172.16.201.207 172.16.201.206
TCP: Interfaces\{E9AD3BF6-C21C-428A-A31F-C4CB25FF4D1E}\0584C4D275051423 : DHCPNameServer = 172.16.201.207 172.16.201.206
TCP: Interfaces\{E9AD3BF6-C21C-428A-A31F-C4CB25FF4D1E}\4554C454E4544584F4D4543505F445 : DHCPNameServer = 195.130.130.141 195.130.131.141
TCP: Interfaces\{E9AD3BF6-C21C-428A-A31F-C4CB25FF4D1E}\C696E6B6379737 : DHCPNameServer = 195.130.131.3 195.130.130.131
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: SEP - c:\program files\symantec\symantec endpoint protection\12.1.1101.401.105\bin\WinLogoutNotifier .dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - d:\users\3030319\appdata\roaming\mozilla\firefox\p rofiles\4mxmkcht.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ig
FF - prefs.js: network.proxy.ftp - proxy.phl.be
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - proxy.phl.be
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - proxy.phl.be
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - proxy.phl.be
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - proxy.phl.be
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 2
FF - component: d:\users\3030319\appdata\roaming\mozilla\firefox\p rofiles\4mxmkcht.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll
FF - component: d:\users\3030319\appdata\roaming\mozilla\firefox\p rofiles\4mxmkcht.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll
FF - component: d:\users\3030319\appdata\roaming\mozilla\firefox\p rofiles\4mxmkcht.default\extensions\{e84cc2c1-b722-48fc-a39c-edb8b525c777}\components\RadioWMPCore.dll
FF - component: d:\users\3030319\appdata\roaming\mozilla\firefox\p rofiles\4mxmkcht.default\extensions\{e84cc2c1-b722-48fc-a39c-edb8b525c777}\components\RadioWMPCoreGecko19.dll
FF - component: d:\users\3030319\appdata\roaming\mozilla\firefox\p rofiles\4mxmkcht.default\extensions\engine@conduit .com\components\RadioWMPCore.dll
FF - component: d:\users\3030319\appdata\roaming\mozilla\firefox\p rofiles\4mxmkcht.default\extensions\engine@conduit .com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_40 2_287.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - plugin: d:\users\3030319\appdata\local\facebook\video\skyp e\npFacebookVideoCalling.dll
FF - plugin: d:\users\3030319\appdata\local\google\update\1.3.2 1.123\npGoogleUpdate3.dll
FF - plugin: d:\users\3030319\appdata\locallow\unity\webplayer\ loader\npUnity3D32.dll
FF - plugin: d:\users\3030319\appdata\roaming\mozilla\firefox\p rofiles\4mxmkcht.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\plugins\np-mswmp.dll
FF - plugin: d:\users\3030319\appdata\roaming\mozilla\firefox\p rofiles\4mxmkcht.default\extensions\{e84cc2c1-b722-48fc-a39c-edb8b525c777}\plugins\np-mswmp.dll
FF - ExtSQL: 2012-09-04 12:27; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF - ExtSQL: 2012-10-22 17:10; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\sep\0c01044d\019 1.105\x86\SymDS.sys [2011-6-17 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\sep\0c01044 d\0191.105\x86\SymEFA.sys [2012-8-20 759416]
R1 BHDrvx86;BHDrvx86;c:\programdata\symantec\symantec endpoint protection\12.1.1101.401.105\data\definitions\bash defs\20121005.012\BHDrvx86.sys [2012-10-5 995488]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-10-5 65584]
R1 IDSVix86;IDSVix86;c:\programdata\symantec\symantec endpoint protection\12.1.1101.401.105\data\definitions\ipsd efs\20121025.001\IDSvix86.sys [2012-10-26 386720]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\sep\0c01044d\01 91.105\x86\Ironx86.sys [2012-8-20 137336]
R1 SYMNETS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\sep\0c01044d\01 91.105\x86\symnets.sys [2012-8-20 299640]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filereposi tory\stwrt.inf_x86_neutral_7b6e808b01435efc\AEstSr v.exe [2010-5-10 81920]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-6-16 172032]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\hewlett-packard\hp wireless assistant\HPWA_Service.exe [2010-4-23 103992]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2010-6-15 26168]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpoo l;c:\program files\nitro pdf\professional\NitroPDFDriverService.exe [2010-10-20 196928]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-10-20 67904]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 rimspci;rimspci;c:\windows\system32\drivers\rimspe 86.sys [2010-5-10 48640]
R2 risdpcie;risdpcie;c:\windows\system32\drivers\risd pe86.sys [2010-5-10 47616]
R2 rixdpcie;rixdpcie;c:\windows\system32\drivers\rixd pe86.sys [2010-5-10 38912]
R2 SepMasterService;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\12.1.1101.401.105\bin\ccSvcHst.exe [2012-8-20 137208]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2010-5-10 2320920]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-6-17 29472]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2010-5-10 227896]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k6232.sys [2010-6-16 215208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-22 106656]
R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2010-6-16 6758912]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update-service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-5 136176]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-3 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPl ayerUpdateService.exe [2012-3-29 250808]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-4-1 183560]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-5 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EX E [2010-1-9 4640000]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominipor t.sys [2011-4-1 15872]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2009-6-13 1120752]
S3 SyDvCtrl;SyDvCtrl;c:\program files\symantec\symantec endpoint protection\12.1.1101.401.105\bin\SyDvCtrl32.sys [2012-8-20 23984]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUs bFlt.sys [2011-4-1 52224]
S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-16 1343400]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
.
=============== Created Last 30 ================
.
2012-10-26 07:26:10 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2012-10-17 09:07:06 -------- d-----w- d:\users\3030319\appdata\local\{C05D8F16-E940-4517-AD10-843B8A4F4137}
2012-10-14 13:20:57 -------- d-----w- d:\users\3030319\appdata\local\{B5913C1A-2C82-47E3-81D6-733F0191A160}
2012-10-11 06:53:02 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-11 06:52:59 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-10-11 06:52:50 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-11 06:52:50 1159680 ----a-w- c:\windows\system32\crypt32.dll
2012-10-11 06:52:49 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-11 06:52:26 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-11 06:52:26 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-10 19:25:03 -------- d-----w- d:\users\3030319\appdata\local\{A93388B1-6E56-4B9B-8A39-0FDB63567CE9}
2012-10-05 20:25:39 -------- d-----w- d:\users\3030319\appdata\local\{672D3312-3992-43F7-ACF7-D9588E06C8EA}
2012-10-01 19:12:11 -------- d-----r- d:\users\3030319\Dropbox
2012-10-01 19:08:23 -------- d-----w- d:\users\3030319\appdata\roaming\Dropbox
2012-10-01 18:59:39 -------- d-----w- d:\users\3030319\appdata\local\{8320F52C-A7C3-4033-85CA-85F97A21219A}
2012-09-30 21:55:16 -------- d-----w- d:\users\3030319\appdata\local\{0B01D693-FC19-4A98-8CE0-6DBC2D5A26E3}
2012-09-28 17:45:20 -------- d-----w- d:\users\3030319\appdata\local\{E93D468A-3A72-4CEB-936B-929E8D9EB44B}
2012-09-27 17:59:07 -------- d-----w- d:\users\3030319\appdata\local\{04534955-DA47-43BA-A23F-A2C77DF3F0BC}
.
==================== Find3M ====================
.
2012-10-09 20:06:36 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 20:06:36 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-29 17:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-24 13:32:24 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-24 13:32:20 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-24 16:57:48 981504 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 15:20:39 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-22 17:16:54 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16:46 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16:36 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-20 15:06:19 76208 ----a-w- c:\windows\system32\FwsVpn.dll
2012-08-20 15:06:19 380848 ----a-w- c:\windows\system32\sysfer.dll
2012-08-20 15:06:19 32208 ----a-w- c:\windows\system32\drivers\WGX.SYS
2012-08-20 15:06:19 241584 ----a-w- c:\windows\system32\SymVPN.dll
2012-08-20 15:06:19 10672 ----a-w- c:\windows\system32\sysferThunk.dll
2012-08-20 15:06:18 92080 ----a-w- c:\windows\system32\drivers\SysPlant.sys
2012-08-20 11:20:10 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-08-20 11:18:10 522872 ----a-w- c:\windows\system32\drivers\sep\0c01044d\0191.105\ x86\srtsp.sys
2012-08-20 11:18:10 31864 ----a-w- c:\windows\system32\drivers\sep\0c01044d\0191.105\ x86\srtspx.sys
2012-08-20 11:18:10 299640 ----a-w- c:\windows\system32\drivers\sep\0c01044d\0191.105\ x86\symnets.sys
2012-08-20 11:18:09 759416 ----a-w- c:\windows\system32\drivers\sep\0c01044d\0191.105\ x86\SymEFA.sys
2012-08-20 11:18:09 137336 ----a-w- c:\windows\system32\drivers\sep\0c01044d\0191.105\ x86\Ironx86.sys
2012-08-20 11:18:07 51632 ----a-w- c:\windows\system32\drivers\Teefer.sys
2009-10-16 11:08:56 36336 ----a-r- c:\program files\lfbmp13n.dll
2009-10-16 11:08:26 1946264 ----a-r- c:\program files\stengine.dll
2009-10-16 11:08:26 1358488 ----a-r- c:\program files\stax.exe
2009-10-16 11:08:26 1208984 ----a-r- c:\program files\stax.dll
2009-10-16 11:08:22 156312 ----a-r- c:\program files\mvmcc.dll
2009-10-16 11:08:18 201368 ----a-r- c:\program files\dwmemman.dll
2009-10-16 11:08:18 1507992 ----a-r- c:\program files\dwwin.dll
2009-05-30 00:02:30 219632 ----a-w- c:\program files\SonicHDDemuxer.dll
2002-01-05 01:37:28 344064 ----a-w- c:\program files\msvcr70.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: ST9250410AS rev.0006HPM1 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: >>UNKNOWN [0x8321D000]<< >>UNKNOWN [0x8C203000]<< >>UNKNOWN [0x8CF95000]<< >>UNKNOWN [0x8CF5A000]<< >>UNKNOWN [0x83630000]<< >>UNKNOWN [0x8C357000]<< >>UNKNOWN [0x8C007000]<< >>UNKNOWN [0x8C3DA000]<< >>UNKNOWN [0x8C17C000]<< >>UNKNOWN [0x8C1A0000]<< >>UNKNOWN [0x8CF63000]<< >>UNKNOWN [0x8CF1D000]<< >>UNKNOWN [0x8D18E000]<< >>UNKNOWN [0x8CC10000]<< >>UNKNOWN [0x8CA32000]<< >>UNKNOWN [0x8CABD000]<<
_asm { DEC EBP; POP EDX; NOP ; ADD [EBX], AL; ADD [EAX], AL; ADD [EAX+EAX], AL; ADD [EAX], AL; }
1 ntkrnlpa!IofCallDriver[0x83253BC5] -> \Device\Harddisk0\DR0[0x87334A00]
\Driver\Disk[0x87331170] -> IRP_MJ_CREATE -> 0x8C20739F
3 [0x8C20759E] -> ntkrnlpa!IofCallDriver[0x83253BC5] -> [0x873332D0]
\Driver\hpdskflt[0x872DEA68] -> IRP_MJ_CREATE -> 0x8CF5BFB0
5 [0x8CF5C090] -> ntkrnlpa!IofCallDriver[0x83253BC5] -> \Device\Ide\IdeDeviceP0T0L0-0[0x87163030]
\Driver\atapi[0x87156750] -> IRP_MJ_CREATE -> 0x8C3718CC
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0; }
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 15:25:31,50 ===============

Adwcleaner heeft al een berg opgeruimd.

Download TDSSKStarter (http://home.kpn.nl/stefsmeenk/Tools/TDSSKStarter.exe) naar het bureaublad.

"TDSSKStarter.exe" gebruiken:


Sluit nu eerst alle nog openstaande programmavensters!
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met TDSSKStarter.exe
(hier (http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608) of hier (http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607)) kan je lezen hoe je dat doet.


Windows 2000 en Windows XP: start de tool middels dubbelklik op "TDSSKStarter.exe".
Windows Vista en Windows 7: start de tool middels rechtsklik op "TDSSKStarter.exe" en dan kiezen voor Als Administrator uitvoeren.


Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten.
Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.

Ziezo hier is het gevraagde :)

12:09:46.0840 5652 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
12:09:46.0840 5652 ================================================== ==========
12:09:46.0840 5652 Current date / time: 2012/10/27 12:09:46.0840
12:09:46.0840 5652 SystemInfo:
12:09:46.0840 5652
12:09:46.0840 5652 OS Version: 6.1.7601 ServicePack: 1.0
12:09:46.0840 5652 Product type: Workstation
12:09:46.0840 5652 ComputerName: WINPHL-U3ZDE7SI
12:09:46.0840 5652 UserName: 3030319
12:09:46.0840 5652 Windows directory: C:\Windows
12:09:46.0840 5652 System windows directory: C:\Windows
12:09:46.0840 5652 Processor architecture: Intel x86
12:09:46.0840 5652 Number of processors: 4
12:09:46.0840 5652 Page size: 0x1000
12:09:46.0840 5652 Boot type: Normal boot
12:09:46.0840 5652 ================================================== ==========
12:09:53.0907 5652 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:09:53.0907 5652 ================================================== ==========
12:09:53.0907 5652 \Device\Harddisk0\DR0:
12:09:53.0923 5652 MBR partitions:
12:09:53.0923 5652 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32800
12:09:53.0923 5652 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0xC351800
12:09:53.0923 5652 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC384800, BlocksNum 0x10A3F800
12:09:53.0923 5652 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x1CDC4000, BlocksNum 0x401170
12:09:53.0923 5652 ================================================== ==========
12:09:53.0954 5652 C: <-> \Device\Harddisk0\DR0\Partition2
12:09:54.0001 5652 D: <-> \Device\Harddisk0\DR0\Partition3
12:09:54.0141 5652 E: <-> \Device\Harddisk0\DR0\Partition4
12:09:54.0141 5652 ================================================== ==========
12:09:54.0141 5652 Initialize success
12:09:54.0141 5652 ================================================== ==========
12:09:54.0204 1820 ================================================== ==========
12:09:54.0204 1820 Scan started
12:09:54.0204 1820 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
12:09:54.0204 1820 ================================================== ==========
12:09:59.0414 1820 ================ Scan system memory ========================
12:09:59.0414 1820 ================ Scan services =============================
12:09:59.0695 1820 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:09:59.0929 1820 [ E2346D37CE60F2D928857EE33D04CBDF ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
12:10:00.0116 1820 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:10:00.0381 1820 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:10:00.0725 1820 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:10:01.0099 1820 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe
12:10:01.0255 1820 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:10:01.0427 1820 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:10:01.0645 1820 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:10:01.0817 1820 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:10:02.0909 1820 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe
12:10:03.0018 1820 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
12:10:03.0330 1820 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
12:10:04.0141 1820 [ 7560F465F1CE69C53BF17559EE195548 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
12:10:04.0344 1820 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
12:10:04.0500 1820 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
12:10:04.0640 1820 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
12:10:04.0952 1820 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
12:10:05.0295 1820 [ F7E6535BD3E3CB4ED4D27CF13DAEE487 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:10:05.0483 1820 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:10:05.0670 1820 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
12:10:05.0919 1820 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:10:05.0982 1820 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:10:06.0169 1820 [ E7F4D42D8076EC60E21715CD11743A0D ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:10:06.0247 1820 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:10:06.0278 1820 [ 146459D2B08BFDCBFA856D9947043C81 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:10:06.0356 1820 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
12:10:06.0684 1820 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:10:07.0089 1820 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
12:10:07.0214 1820 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
12:10:07.0292 1820 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:10:07.0401 1820 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:10:08.0197 1820 [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe
12:10:08.0525 1820 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:10:08.0727 1820 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
12:10:09.0039 1820 [ 5371FF39AB5C496AC609F9DAD755D778 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
12:10:10.0163 1820 [ 09CCC39D6F8D2F7ED6DFAE9ACE03EBDF ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:10:10.0677 1820 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:10:10.0865 1820 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:10:11.0036 1820 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:10:11.0114 1820 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
12:10:11.0192 1820 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
12:10:11.0333 1820 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
12:10:11.0457 1820 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
12:10:11.0567 1820 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
12:10:11.0894 1820 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
12:10:12.0536 1820 [ 684B12018A54ADC1F856372EC5762B48 ] BHDrvx86 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\BASH Defs\20121005.012\BHDrvx86.sys
12:10:12.0661 1820 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
12:10:12.0745 1820 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:10:12.0970 1820 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:10:13.0052 1820 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:10:13.0126 1820 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:10:13.0344 1820 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
12:10:13.0710 1820 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:10:13.0781 1820 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:10:13.0881 1820 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:10:13.0957 1820 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:10:14.0068 1820 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:10:14.0144 1820 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:10:14.0213 1820 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:10:14.0281 1820 [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:10:14.0357 1820 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
12:10:14.0419 1820 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:10:14.0497 1820 [ 7E826BE3B3558208D5C9B00034E51BE5 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
12:10:14.0572 1820 [ AF9148C3E844131AC954CB53FF43D971 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
12:10:14.0668 1820 [ E2ACED92A998E339DC5964C94E3DDB55 ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:10:14.0744 1820 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
12:10:14.0772 1820 [ 480B3D195854B2E55299CDDDDC50BCF9 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
12:10:14.0835 1820 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:10:14.0949 1820 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:10:15.0040 1820 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
12:10:15.0130 1820 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:10:15.0198 1820 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
12:10:15.0277 1820 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
12:10:15.0387 1820 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe
12:10:15.0448 1820 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:10:15.0537 1820 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:10:15.0631 1820 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
12:10:15.0776 1820 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
12:10:15.0838 1820 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:10:15.0905 1820 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:10:16.0048 1820 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:10:16.0131 1820 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:10:16.0198 1820 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
12:10:16.0281 1820 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
12:10:16.0398 1820 [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
12:10:16.0509 1820 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
12:10:16.0649 1820 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
12:10:16.0758 1820 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:10:16.0883 1820 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:10:17.0008 1820 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
12:10:17.0117 1820 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:10:17.0179 1820 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:10:17.0257 1820 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
12:10:17.0335 1820 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
12:10:17.0429 1820 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:10:17.0523 1820 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:10:17.0616 1820 [ 3D042B4C6FDDE698A3D6BD0B6191C92F ] e1kexpress C:\Windows\system32\DRIVERS\e1k6232.sys
12:10:17.0710 1820 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
12:10:17.0913 1820 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
12:10:18.0209 1820 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:10:18.0271 1820 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
12:10:18.0396 1820 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:10:18.0490 1820 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
12:10:18.0646 1820 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:10:18.0755 1820 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:10:18.0802 1820 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:10:18.0927 1820 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
12:10:19.0005 1820 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
12:10:19.0083 1820 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:10:19.0161 1820 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
12:10:19.0192 1820 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:10:19.0239 1820 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
12:10:19.0332 1820 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
12:10:19.0379 1820 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:10:19.0395 1820 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:10:19.0457 1820 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:10:19.0519 1820 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:10:19.0597 1820 [ FA6C66E4364D7DA57AADE5DCC03BB999 ] FontCache C:\Windows\system32\FntCache.dll
12:10:19.0753 1820 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\Presen tationFontCache.exe
12:10:19.0816 1820 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:10:19.0878 1820 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:10:19.0956 1820 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:10:20.0034 1820 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:10:20.0112 1820 [ 4AC51459805264AFFD5F6FDFB9D9235F ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
12:10:20.0159 1820 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
12:10:20.0362 1820 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:10:20.0393 1820 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:10:20.0455 1820 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:10:20.0580 1820 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:10:20.0658 1820 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:10:20.0705 1820 [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI C:\Windows\system32\DRIVERS\HECI.sys
12:10:20.0736 1820 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:10:20.0799 1820 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:10:20.0877 1820 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:10:20.0923 1820 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
12:10:21.0017 1820 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:10:21.0079 1820 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:10:21.0204 1820 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:10:21.0282 1820 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:10:21.0391 1820 [ 47810BF7BF4480A602621E341BF46586 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
12:10:21.0438 1820 [ 20C3DE306E40CA433581E0DB4578546E ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
12:10:21.0485 1820 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
12:10:21.0625 1820 [ 640E51DB253265C3EAC075866B3D2B33 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
12:10:21.0735 1820 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:10:21.0797 1820 [ 8012920E97A0ED95E7E6D603BF4C0118 ] hpsrv C:\Windows\system32\Hpservice.exe
12:10:21.0875 1820 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:10:21.0937 1820 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:10:22.0000 1820 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:10:22.0047 1820 [ A3CAE5D281DB4CFF7CFF8233507EE5AD ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:10:22.0156 1820 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
12:10:22.0171 1820 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:10:22.0171 1820 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:10:22.0281 1820 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:10:22.0546 1820 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\IPSD efs\20121025.001\IDSvix86.sys
12:10:22.0593 1820 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:10:22.0655 1820 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
12:10:22.0733 1820 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
12:10:22.0764 1820 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:10:22.0842 1820 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:10:22.0951 1820 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:10:23.0076 1820 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:10:23.0201 1820 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:10:23.0248 1820 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:10:23.0388 1820 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:10:23.0497 1820 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:10:23.0544 1820 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:10:23.0607 1820 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
12:10:23.0622 1820 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:10:23.0653 1820 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:10:23.0747 1820 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
12:10:23.0809 1820 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:10:23.0872 1820 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:10:23.0919 1820 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
12:10:23.0997 1820 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
12:10:24.0075 1820 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:10:24.0184 1820 [ 17203D81A68D9162DB9022A1FC601778 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:10:24.0184 1820 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
12:10:24.0184 1820 LightScribeService - detected UnsignedFile.Multi.Generic (1)
12:10:24.0231 1820 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:10:24.0340 1820 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:10:24.0418 1820 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
12:10:24.0543 1820 [ BB4E55778D8DE3885E1CDAC795DE7BCE ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:10:24.0605 1820 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:10:24.0683 1820 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:10:24.0745 1820 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:10:24.0792 1820 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:10:24.0901 1820 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
12:10:24.0979 1820 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:10:25.0057 1820 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:10:25.0089 1820 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:10:25.0198 1820 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
12:10:25.0276 1820 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
12:10:25.0369 1820 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:10:25.0463 1820 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:10:25.0510 1820 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:10:25.0603 1820 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:10:25.0681 1820 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
12:10:25.0728 1820 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:10:25.0853 1820 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:10:25.0947 1820 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:10:26.0040 1820 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:10:26.0087 1820 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:10:26.0118 1820 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:10:26.0178 1820 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
12:10:26.0236 1820 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:10:26.0288 1820 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
12:10:26.0366 1820 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:10:26.0468 1820 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:10:26.0582 1820 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:10:26.0638 1820 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:10:26.0723 1820 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:10:26.0808 1820 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:10:26.0883 1820 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:10:26.0946 1820 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:10:26.0993 1820 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:10:27.0024 1820 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:10:27.0081 1820 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:10:27.0130 1820 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
12:10:27.0184 1820 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
12:10:27.0566 1820 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:10:28.0144 1820 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\Viru sDefs\20121025.025\NAVENG.SYS
12:10:28.0500 1820 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\Viru sDefs\20121025.025\NAVEX15.SYS
12:10:28.0656 1820 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:10:28.0734 1820 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:10:28.0844 1820 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:10:28.0953 1820 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:10:29.0031 1820 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:10:29.0093 1820 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:10:29.0187 1820 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:10:29.0249 1820 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:10:29.0312 1820 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
12:10:29.0390 1820 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
12:10:29.0468 1820 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
12:10:29.0514 1820 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:10:29.0686 1820 [ 3577B851E59DA59E6D65419A057C9914 ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
12:10:29.0967 1820 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:10:30.0060 1820 [ 9BF72FCCCE641F76475A8B5320D22D60 ] NitroDriverReadSpool C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
12:10:30.0154 1820 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:10:30.0263 1820 [ F01C0516A88FFC54D891475947B96A7A ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
12:10:30.0326 1820 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:10:30.0388 1820 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
12:10:30.0435 1820 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:10:30.0513 1820 [ 33C3093D09017CFE2E219F2472BFF6EB ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:10:30.0622 1820 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
12:10:30.0731 1820 [ AF2EEC9580C1D32FB7EAF105D9784061 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:10:30.0794 1820 [ 9283C58EBAA2618F93482EB5DABCEC82 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:10:30.0872 1820 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:10:30.0918 1820 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:10:31.0043 1820 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:10:31.0230 1820 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E
12:10:31.0433 1820 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:10:31.0511 1820 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
12:10:31.0589 1820 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:10:31.0652 1820 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:10:31.0698 1820 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
12:10:31.0761 1820 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:10:31.0854 1820 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
12:10:31.0917 1820 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
12:10:31.0995 1820 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:10:32.0073 1820 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
12:10:32.0104 1820 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:10:32.0463 1820 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:10:32.0775 1820 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
12:10:32.0931 1820 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:10:33.0056 1820 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
12:10:33.0102 1820 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:10:33.0149 1820 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:10:33.0227 1820 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:10:33.0321 1820 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
12:10:33.0430 1820 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:10:33.0508 1820 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:10:33.0586 1820 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
12:10:33.0680 1820 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:10:33.0726 1820 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:10:33.0851 1820 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
12:10:33.0929 1820 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
12:10:33.0992 1820 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:10:34.0085 1820 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:10:34.0148 1820 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
12:10:34.0226 1820 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:10:34.0257 1820 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:10:34.0350 1820 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:10:34.0428 1820 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
12:10:34.0522 1820 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:10:34.0584 1820 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
12:10:34.0662 1820 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:10:34.0740 1820 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:10:34.0850 1820 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:10:34.0928 1820 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:10:34.0959 1820 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:10:34.0990 1820 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:10:35.0021 1820 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:10:35.0084 1820 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:10:35.0240 1820 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:10:35.0302 1820 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:10:35.0442 1820 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:10:35.0552 1820 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
12:10:35.0598 1820 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
12:10:35.0708 1820 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:10:35.0817 1820 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:10:35.0879 1820 [ DF672613FBBCD58C38BB0BC2694BCFB0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
12:10:35.0942 1820 [ E891F07815AF88075705EF6A248711F6 ] rimspci C:\Windows\system32\DRIVERS\rimspe86.sys
12:10:35.0988 1820 [ 9BFB54D3559F2FF7301271D29D383564 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
12:10:36.0051 1820 [ D853D35F792A3A44726A794BF9A0BBC3 ] risdpcie C:\Windows\system32\DRIVERS\risdpe86.sys
12:10:36.0113 1820 [ DCB87DA83CC1010CBC9FC4DC9E395BBC ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
12:10:36.0207 1820 [ CF2DE2365FD99E5B8E38C9F3467DCDB8 ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe86.sys
12:10:36.0332 1820 [ 85F9924FB26D924C4A10DC620AE2C350 ] RoxMediaDB10 C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
12:10:36.0456 1820 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:10:36.0534 1820 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
12:10:36.0612 1820 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
12:10:36.0722 1820 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:10:36.0846 1820 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:10:36.0893 1820 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
12:10:36.0956 1820 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:10:37.0034 1820 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:10:37.0127 1820 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:10:37.0221 1820 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
12:10:37.0314 1820 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:10:37.0392 1820 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
12:10:37.0455 1820 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:10:37.0564 1820 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
12:10:37.0658 1820 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:10:37.0751 1820 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
12:10:37.0876 1820 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
12:10:38.0110 1820 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:10:38.0391 1820 [ 423624F5AEE2EA03250C2E79CEFF1A76 ] SepMasterService C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exe
12:10:38.0438 1820 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:10:38.0516 1820 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:10:38.0594 1820 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:10:38.0672 1820 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
12:10:38.0765 1820 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:10:38.0828 1820 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:10:38.0859 1820 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:10:38.0921 1820 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:10:38.0984 1820 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:10:39.0093 1820 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:10:39.0202 1820 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:10:39.0280 1820 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:10:39.0358 1820 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:10:39.0436 1820 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
12:10:39.0483 1820 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:10:39.0623 1820 [ 2B7FED21A224687AFC10C593F01769D6 ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\Smc.exe
12:10:39.0717 1820 [ 61FF4FD8E9792F6FE9DC46B2A18F98CD ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\snac.exe
12:10:39.0779 1820 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:10:39.0904 1820 [ 4D8A49526AA035B1A8FF3FE6807783F5 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
12:10:40.0013 1820 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
12:10:40.0076 1820 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
12:10:40.0232 1820 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
12:10:40.0372 1820 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:10:40.0497 1820 [ D2738300D59E316931F823A2A6016114 ] SRTSP C:\Windows\system32\Drivers\SEP\0C01044D\0191.105\ x86\SRTSP.SYS
12:10:40.0559 1820 [ FBD0DAE54B782F8A9E8B6EEAB732249A ] SRTSPX C:\Windows\system32\Drivers\SEP\0C01044D\0191.105\ x86\SRTSPX.SYS
12:10:40.0590 1820 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:10:40.0653 1820 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:10:40.0684 1820 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:10:40.0746 1820 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:10:40.0809 1820 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:10:41.0012 1820 [ 43DC7ADA838F6A24B93B7C7FF2FCD08D ] STacSV C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe
12:10:41.0058 1820 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:10:41.0121 1820 [ 356CC453B79C35B8CE1A14873DD6322D ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
12:10:41.0214 1820 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
12:10:41.0308 1820 [ AD989072596AB313D7FA13BCF69573F7 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
12:10:41.0355 1820 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:10:41.0386 1820 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:10:41.0417 1820 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
12:10:41.0495 1820 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
12:10:41.0636 1820 [ 843F3603C32667D1C25B2D97D24343A5 ] SyDvCtrl C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\SyDvCtrl32.sys
12:10:41.0682 1820 [ 4F52D56310FEF75249914F352DDE7D13 ] SymDS C:\Windows\system32\Drivers\SEP\0C01044D\0191.105\ x86\SYMDS.SYS
12:10:41.0745 1820 [ 04F7A78ACE126C46CACA0573668BF08D ] SymEFA C:\Windows\system32\Drivers\SEP\0C01044D\0191.105\ x86\SYMEFA.SYS
12:10:41.0854 1820 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
12:10:41.0916 1820 [ 7450A24AFBC9B0804D0A987204FFC0F8 ] SymIRON C:\Windows\system32\Drivers\SEP\0C01044D\0191.105\ x86\Ironx86.SYS
12:10:41.0963 1820 [ 5A757DBA1515F270E8659225A8C8E224 ] SYMNETS C:\Windows\system32\Drivers\SEP\0C01044D\0191.105\ x86\SYMNETS.SYS
12:10:42.0072 1820 [ 0E8676FB3BB95AA40FDF7A4A31018C8B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:10:42.0260 1820 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
12:10:42.0416 1820 [ C04B0B5D53F8BEF89406E9C0F97FCFB7 ] SysPlant C:\Windows\system32\Drivers\SysPlant.sys
12:10:42.0478 1820 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:10:42.0587 1820 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
12:10:42.0665 1820 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
12:10:42.0759 1820 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:10:42.0884 1820 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:10:42.0946 1820 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:10:42.0993 1820 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:10:43.0071 1820 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:10:43.0118 1820 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:10:43.0242 1820 [ 438A8CA953BDC64AF68AA9C5E9624ED6 ] Teefer2 C:\Windows\system32\DRIVERS\Teefer.sys
12:10:43.0289 1820 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:10:43.0352 1820 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
12:10:43.0445 1820 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
12:10:43.0492 1820 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
12:10:43.0586 1820 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\Windows\system32\drivers\tpm.sys
12:10:43.0648 1820 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
12:10:43.0773 1820 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:10:43.0835 1820 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:10:43.0882 1820 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:10:43.0976 1820 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:10:44.0069 1820 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:10:44.0100 1820 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:10:44.0225 1820 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:10:44.0334 1820 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:10:44.0397 1820 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
12:10:44.0459 1820 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:10:44.0522 1820 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
12:10:44.0693 1820 [ 44AA8D5D3B3B5610FEF46CA8A9C52D8C ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:10:44.0802 1820 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
12:10:44.0880 1820 [ 7E72E7D7E0757D59481D530FD2B0BFAE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:10:44.0912 1820 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:10:44.0974 1820 [ CFBCE999C057D78979A181C9C60F208E ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:10:45.0036 1820 [ 9D22AAD9AC6A07C691A1113E5F860868 ] usbhub C:\Windows\system32\drivers\usbhub.sys
12:10:45.0083 1820 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:10:45.0114 1820 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:10:45.0177 1820 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:10:45.0239 1820 [ BF63EBFC6979FEFB2BC03DF7989A0C1A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:10:45.0302 1820 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:10:45.0348 1820 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:10:45.0395 1820 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
12:10:45.0473 1820 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
12:10:45.0551 1820 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:10:45.0598 1820 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
12:10:45.0692 1820 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:10:45.0738 1820 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:10:45.0816 1820 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:10:45.0863 1820 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:10:45.0879 1820 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
12:10:45.0926 1820 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
12:10:45.0972 1820 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:10:46.0035 1820 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:10:46.0097 1820 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:10:46.0144 1820 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:10:46.0191 1820 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:10:46.0222 1820 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:10:46.0284 1820 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
12:10:46.0394 1820 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:10:46.0425 1820 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:10:46.0487 1820 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:10:46.0565 1820 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
12:10:46.0643 1820 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:10:46.0706 1820 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:10:46.0768 1820 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:10:46.0877 1820 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:10:47.0002 1820 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
12:10:47.0111 1820 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:10:47.0189 1820 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:10:47.0267 1820 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:10:47.0314 1820 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:10:47.0408 1820 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:10:47.0501 1820 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:10:47.0564 1820 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:10:47.0642 1820 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
12:10:47.0735 1820 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:10:47.0798 1820 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:10:47.0891 1820 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
12:10:47.0938 1820 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:10:48.0000 1820 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:10:48.0094 1820 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:10:48.0468 1820 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:10:48.0593 1820 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
12:10:48.0718 1820 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:10:48.0780 1820 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:10:48.0905 1820 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:10:49.0061 1820 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:10:49.0139 1820 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:10:49.0295 1820 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:10:49.0389 1820 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:10:49.0467 1820 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:10:49.0545 1820 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:10:49.0623 1820 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
12:10:49.0779 1820 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:10:49.0888 1820 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:10:49.0982 1820 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:10:50.0075 1820 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:10:50.0200 1820 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:10:50.0294 1820 [ 30B73EB97218A16CBC6DE535782A1B35 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
12:10:50.0340 1820 ================ Scan global ===============================
12:10:50.0387 1820 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
12:10:50.0434 1820 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
12:10:50.0450 1820 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
12:10:50.0496 1820 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
12:10:50.0512 1820 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
12:10:50.0512 1820 ================ Scan MBR ==================================
12:10:50.0528 1820 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:10:52.0103 1820 ================ Scan VBR ==================================
12:10:52.0103 1820 [ C02F5637B64A4BB8DEB93DBF297D3795 ] \Device\Harddisk0\DR0\Partition1
12:10:52.0134 1820 [ 9D2BFF9A78C8DE2D2F8EBD73A4C9F477 ] \Device\Harddisk0\DR0\Partition2
12:10:52.0150 1820 [ B9107A5FA281496C84A2082E410CD94B ] \Device\Harddisk0\DR0\Partition3
12:10:52.0197 1820 [ 3636C47AF21A715C0D1F4C93DB2C6FFE ] \Device\Harddisk0\DR0\Partition4
12:10:52.0212 1820 ================ Scan UEFI extensions ======================
12:10:52.0212 1820 ================ Scan active images ========================
12:10:52.0212 1820 ================================================== ==========
12:10:52.0212 1820 Scan finished
12:10:52.0212 1820 ================================================== ==========
12:10:53.0086 6096 Deinitialize success
.
==============================================
System Restore Point Check:
.
==============================================
Registry Export
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\DomainProfile\GloballyOpenPorts\List]
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
==============================================
EOF

Hoi,

Laten we wat dieper gaan kijken.

1.
Download ComboFix van één van deze locaties:
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.infospyware.net/antimalware/combofix/)

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< (http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden) kunt u lezen hoe u Combofix dient te gebruiken.
1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.
* (hier (http://www.bleepingcomputer.com/forums/topic114351.html) of hier (http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/490111-how-disable-your-security-applications.html) staat een handleiding over hoe je deze kan uitschakelen:)
2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.
* Noot !!! Als er een error wordt getoond met de melding "Er is geprobeert een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering" of "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.
5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt of c:/combofix/combofix.txt) in je volgende bericht.


2.
Download aswMBR.exe (http://public.avast.com/~gmerek/aswMBR.exe) naar het bureaublad.


Dubbelklik op "aswMBR.exe" om de tool te starten.
Klik bij het volgende scherm op "Ja" om de laatste virusdefinities van Avast te downloaden.

http://www.imgdumper.nl/uploads6/5062f208d7d89/5062f208d71d0-aswmbr1.png
Klik nu op de knop "scan" er zal nu tevens een snelle scan van de systeemschijf worden uitgevoerd.
Als de scan gereed is klikt u op de knop "save log"
http://www.imgdumper.nl/uploads6/5062f6a4d8c7a/5062f6a4d59ad-aswmbr2.png
Plaats dit log bestand in het volgende bericht.

Ziezo :)

ComboFix 12-10-29.01 - 3030319 29/10/2012 9:34.1.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.3055.1628 [GMT 1:00]
Gestart vanuit: d:\users\3030319\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Symantec Endpoint Protection *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Symantec Endpoint Protection *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\C43D949B02.sys
c:\programdata\F76C21CEA0.sys
c:\programdata\Roaming
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
d:\users\3030319\AppData\Local\Microsoft\Windows\T emporary Internet Files\{530BBE2F-F919-4DBF-9298-63A7DF5DB37C}.xps
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-09-28 to 2012-10-29 ))))))))))))))))))))))))))))))
.
.
2012-10-27 10:09 . 2012-10-27 10:09 -------- d-----w- C:\TDSSStarter
2012-10-26 07:26 . 2012-10-26 07:37 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2012-10-22 15:10 . 2012-10-22 15:10 -------- d-----w- c:\program files\Common Files\Java
2012-10-11 06:53 . 2012-08-24 16:57 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-11 06:52 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-10-11 06:52 . 2012-06-02 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-11 06:52 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\system32\crypt32.dll
2012-10-11 06:52 . 2012-06-02 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-11 06:52 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-11 06:52 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-01 19:12 . 2012-10-29 08:25 -------- d-----r- d:\users\3030319\Dropbox
2012-10-01 19:08 . 2012-10-29 08:25 -------- d-----w- d:\users\3030319\AppData\Roaming\Dropbox
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2012-10-09 20:06 . 2012-03-29 13:48 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 20:06 . 2011-06-07 06:16 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-29 17:54 . 2012-09-24 07:00 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-24 13:32 . 2012-09-04 10:27 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-24 13:32 . 2011-01-28 13:52 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-24 16:57 . 2012-09-24 06:45 981504 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 15:20 . 2012-09-24 06:45 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-22 17:16 . 2012-09-17 06:54 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16 . 2012-09-17 06:54 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16 . 2012-09-17 06:54 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-20 15:06 . 2011-11-24 15:19 76208 ----a-w- c:\windows\system32\FwsVpn.dll
2012-08-20 15:06 . 2011-11-24 15:19 380848 ----a-w- c:\windows\system32\sysfer.dll
2012-08-20 15:06 . 2011-11-24 15:19 32208 ----a-w- c:\windows\system32\drivers\WGX.SYS
2012-08-20 15:06 . 2011-11-24 15:19 241584 ----a-w- c:\windows\system32\SymVPN.dll
2012-08-20 15:06 . 2011-11-24 15:19 10672 ----a-w- c:\windows\system32\sysferThunk.dll
2012-08-20 15:06 . 2011-11-24 15:19 92080 ----a-w- c:\windows\system32\drivers\SysPlant.sys
2012-08-20 11:20 . 2011-11-24 15:20 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-08-20 11:18 . 2012-08-20 11:18 522872 ----a-w- c:\windows\system32\drivers\SEP\0C01044D\0191.105\ x86\srtsp.sys
2012-08-20 11:18 . 2012-08-20 11:18 31864 ----a-w- c:\windows\system32\drivers\SEP\0C01044D\0191.105\ x86\srtspx.sys
2012-08-20 11:18 . 2012-08-20 11:18 299640 ----a-w- c:\windows\system32\drivers\SEP\0C01044D\0191.105\ x86\symnets.sys
2012-08-20 11:18 . 2012-08-20 11:18 759416 ----a-w- c:\windows\system32\drivers\SEP\0C01044D\0191.105\ x86\SymEFA.sys
2012-08-20 11:18 . 2012-08-20 11:18 137336 ----a-w- c:\windows\system32\drivers\SEP\0C01044D\0191.105\ x86\Ironx86.sys
2012-08-20 11:18 . 2012-08-20 11:18 51632 ----a-w- c:\windows\system32\drivers\Teefer.sys
2009-10-16 11:09 . 2009-10-16 11:09 41968 ----a-r- c:\program files\lttwn13n.dll
2009-10-16 11:09 . 2009-10-16 11:09 110576 ----a-r- c:\program files\lttw213n.dll
2009-10-16 11:09 . 2009-10-16 11:09 423408 ----a-r- c:\program files\ltkrn13n.dll
2009-10-16 11:09 . 2009-10-16 11:09 316912 ----a-r- c:\program files\ltimg13n.dll
2009-10-16 11:09 . 2009-10-16 11:09 143344 ----a-r- c:\program files\ltfil13n.DLL
2009-10-16 11:09 . 2009-10-16 11:09 211952 ----a-r- c:\program files\ltefx13n.dll
2009-10-16 11:09 . 2009-10-16 11:09 262128 ----a-r- c:\program files\LTDIS13n.dll
2009-10-16 11:09 . 2009-10-16 11:09 1690096 ----a-r- c:\program files\LTCLR13n.dll
2009-10-16 11:09 . 2009-10-16 11:09 55792 ----a-r- c:\program files\Lfwmf13n.dll
2009-10-16 11:09 . 2009-10-16 11:09 134640 ----a-r- c:\program files\lftif13n.dll
2009-10-16 11:09 . 2009-10-16 11:09 156656 ----a-r- c:\program files\Lfpng13n.dll
2009-10-16 11:09 . 2009-10-16 11:09 32752 ----a-r- c:\program files\lfpcx13n.dll
2009-10-16 11:09 . 2009-10-16 11:09 79856 ----a-r- c:\program files\lffax13n.dll
2009-10-16 11:09 . 2009-10-16 11:09 44528 ----a-r- c:\program files\lfeps13n.dll
2009-10-16 11:09 . 2009-10-16 11:09 348144 ----a-r- c:\program files\LFCMP13n.DLL
2009-10-16 11:08 . 2009-10-16 11:08 36336 ----a-r- c:\program files\lfbmp13n.dll
2009-10-16 11:08 . 2009-10-16 11:08 1946264 ----a-r- c:\program files\stengine.dll
2009-10-16 11:08 . 2009-10-16 11:08 1358488 ----a-r- c:\program files\stax.exe
2009-10-16 11:08 . 2009-10-16 11:08 1208984 ----a-r- c:\program files\stax.dll
2009-10-16 11:08 . 2009-10-16 11:08 156312 ----a-r- c:\program files\mvmcc.dll
2009-10-16 11:08 . 2009-10-16 11:08 201368 ----a-r- c:\program files\dwmemman.dll
2009-10-16 11:08 . 2009-10-16 11:08 1507992 ----a-r- c:\program files\dwwin.dll
2009-05-30 00:02 . 2009-05-30 00:02 219632 ----a-w- c:\program files\SonicHDDemuxer.dll
2002-01-05 01:37 . 2002-01-05 01:37 344064 ----a-w- c:\program files\msvcr70.dll
2010-10-12 15:33 . 2010-10-12 15:33 124344 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
2010-10-12 17:15 . 2010-10-12 17:15 13240 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2010-10-12 15:37 . 2010-10-12 15:37 70592 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2010-10-12 15:35 . 2010-10-12 15:35 91576 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2010-10-12 15:34 . 2010-10-12 15:34 22464 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2010-10-12 15:32 . 2010-10-12 15:32 255416 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2010-10-12 15:35 . 2010-10-12 15:35 31672 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2010-10-12 15:34 . 2010-10-12 15:34 40384 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2010-07-14 11:42 . 2010-07-14 11:42 898480 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2010-10-12 15:37 . 2010-10-12 15:37 24000 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2011-11-10 12:12 . 2011-03-23 09:47 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- d:\users\3030319\AppData\Roaming\Dropbox\bin\Dropb oxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- d:\users\3030319\AppData\Roaming\Dropbox\bin\Dropb oxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- d:\users\3030319\AppData\Roaming\Dropbox\bin\Dropb oxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-23 8192]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-21 98304]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-06-16 495708]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-10-12 304568]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
.
d:\users\3030319\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup\
Dropbox.lnk - d:\users\3030319\AppData\Roaming\Dropbox\bin\Dropb ox.exe [2012-8-27 26924984]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Online plug-in.lnk - c:\windows\Installer\{0F1F7A90-E71B-4E45-A066-2891619F22E1}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9 811C3D135AC.exe [2011-11-8 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\D:^users^3030319^AppData^Roam ing^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=d:\users\3030319\AppData\Roaming\Microsoft\Wi ndows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\D:^users^3030319^AppData^Roam ing^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
path=d:\users\3030319\AppData\Roaming\Microsoft\Wi ndows\Start Menu\Programs\Startup\Facebook Messenger.lnk
backup=c:\windows\pss\Facebook Messenger.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 06:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BIBLauncher]
2012-02-06 15:32 913888 ----a-w- c:\program files\Business-in-a-Box\BIBLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
2012-05-25 16:26 6379888 ----a-w- c:\program files\BitTorrent\BitTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-07-12 12:37 138096 ----atw- d:\users\3030319\AppData\Local\Facebook\Update\Fac ebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 13:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 11:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPl ayerUpdateService.exe [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\ avfsfilter.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominipor t.sys [x]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [x]
R3 SyDvCtrl;SyDvCtrl;c:\program files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\SyDvCtrl32.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\ synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsus bflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsus bhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\Drivers\SEP\0C01044D\019 1.105\x86\SYMDS.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\Drivers\SEP\0C01044 D\0191.105\x86\SYMEFA.SYS [x]
S1 BHDrvx86;BHDrvx86;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\BASH Defs\20121005.012\BHDrvx86.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S1 IDSVix86;IDSVix86;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\IPSD efs\20121027.001\IDSvix86.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\Drivers\SEP\0C01044D\01 91.105\x86\Ironx86.SYS [x]
S1 SYMNETS;Symantec Network Security WFP Driver;c:\windows\system32\Drivers\SEP\0C01044D\01 91.105\x86\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileReposi tory\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsr v.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpoo l;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [x]
S2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe 86.sys [x]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risd pe86.sys [x]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixd pe86.sys [x]
S2 SepMasterService;Symantec Endpoint Protection;c:\program files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-04-22 11:09 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-10-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe [2012-03-29 20:06]
.
2012-10-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1123561945-484061587-1801674531-84934Core.job
- d:\users\3030319\AppData\Local\Facebook\Update\Fac ebookUpdate.exe [2011-11-22 12:37]
.
2012-10-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1123561945-484061587-1801674531-84934UA.job
- d:\users\3030319\AppData\Local\Facebook\Update\Fac ebookUpdate.exe [2011-11-22 12:37]
.
2012-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-05 10:00]
.
2012-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-05 10:00]
.
2012-10-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-484061587-1801674531-84934Core.job
- d:\users\3030319\AppData\Local\Google\Update\Googl eUpdate.exe [2011-10-24 11:08]
.
2012-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-484061587-1801674531-84934UA.job
- d:\users\3030319\AppData\Local\Google\Update\Googl eUpdate.exe [2011-10-24 11:08]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.phl.be
uInternet Settings,ProxyServer = proxy.phl.be:8080
uInternet Settings,ProxyOverride = 172.16.*;192.168.*;*.phl.be;*.phlimburg.be;<local>
IE: &Verzenden naar OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - d:\users\3030319\AppData\Roaming\DVDVideoSoftIEHel pers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - d:\users\3030319\AppData\Roaming\DVDVideoSoftIEHel pers\freeyoutubetomp3converter.htm
IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - d:\users\3030319\AppData\Roaming\Mozilla\Firefox\P rofiles\4mxmkcht.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ig
FF - prefs.js: network.proxy.ftp - proxy.phl.be
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - proxy.phl.be
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - proxy.phl.be
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - proxy.phl.be
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - proxy.phl.be
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 2
FF - ExtSQL: 2012-09-04 12:27; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF - ExtSQL: 2012-10-22 17:10; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
- - - - ORPHANS VERWIJDERD - - - -
.
Notify-SEP - c:\program files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\WinLogoutNotifier .dll
MSConfigStartUp-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
MSConfigStartUp-MyWebSearch Email Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
MSConfigStartUp-Spotify - d:\users\3030319\AppData\Roaming\Spotify\Spotify.e xe
MSConfigStartUp-VoipBuster - c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\S epMasterService]
"ImagePath"="\"c:\program files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exe\" /s \"Symantec Endpoint Protection\" /m \"c:\program files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\sms.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\S mcService]
"ImagePath"="\"c:\program files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\Smc.exe\" /prefetch:1"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-1123561945-484061587-1801674531-84934\Software\Microsoft\Windows\CurrentVersion\Ex plorer\FileExts\.*%ó*Õ*]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1123561945-484061587-1801674531-84934\Software\Microsoft\Windows\CurrentVersion\Ex plorer\FileExts\.*%ó*Õ*\OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-10-29 09:47:09
ComboFix-quarantined-files.txt 2012-10-29 08:47
.
Pre-Run: 40.438.808.576 bytes beschikbaar
Post-Run: 40.876.679.168 bytes beschikbaar
.
- - End Of File - - 4DD2467AF6DB7BBCA92A14D4409AF496




aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-29 09:50:25
-----------------------------
09:50:25.038 OS Version: Windows 6.1.7601 Service Pack 1
09:50:25.038 Number of processors: 4 586 0x2505
09:50:25.039 ComputerName: WINPHL-U3ZDE7SI UserName: 3030319
09:50:27.875 Initialize success
09:51:07.037 AVAST engine defs: 12102801
09:51:22.447 The log file has been saved successfully to "D:\users\3030319\Desktop\aswMBR.txt"

Bovenstaande log van aswMBR is niet compleet.. Had te vroeg op save log geklikt :eek:

Tijdens een nieuwe scan, kreeg ik tijdens het scannen een bericht dat aswMBR niet meer correct werkt en werd afgesloten.? :(

Om precies te zijn is hier de juiste melding ;)

"avast! Antirootkit werkt niet meer"

Verwijder hem eens en download hem dan opnieuw en probeer het nog een keer.

Helaas geeft hij nog steeds dezelfde melding..

Dan proberen we het anders.
AUB deze instructies goed doorlezen. Weet je niet zeker wat je doet zet de actie dan op 'skip,' en vraag het na.

Download TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.exe) en plaats het op je bureaublad.


Voordat je TDSSKiller uitvoert is het raadzaam om de onderstaande handleiding van TDSSKiller te raadplegen.

Klik hier voor de handleiding van Kaspersky TDSSKiller (http://antimalwaresoftware.nl/handleidingen/handleiding-tdsskiller/)



Pak de bestanden in tdsskiller.zip uit.
Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
Let op!!! Windows Vista & 7 gebruikers dienen TDSSkiller als administrator uit te voeren "Rechtermuisknop uitvoeren als",
Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"
http://www.malwareinfo.nl/files/screens/TDSSkiller(update).jpg
Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.
Start nu TDSSkiller opnieuw.
Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.
http://www.malwareinfo.nl/files/screens/TDSSkiller(opties).jpg
Klik op de knop "Start Scan" en volg de instructies.

Gebruik nooit de "Delete" optie bij een "Fail signature" melding.


Wanneer de scan klaar is klik je op de knop "Report".
Selecteer de inhoud (log) en plaats deze in uw volgende bericht.






Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

Note!
Als er "Threats" gevonden worden volgt er automatisch een vervolgscherm na de scan.

Bij een "Fail signature" melding hoef je geen actie te ondernemen.( Gebruik Skip.)
Standaard wordt bij een "Suspicious object" Skip ingevuld. Laat deze actie zo staan.

Bij een "Malicious object" wordt er automatisch de actie Cure of Delete ingevuld.
Kies hierbij altijd voor Cure. Wanneer dit niet mogelijk is, selecteer dan Skip.
Alleen bij een "TDSS File System" kies je voor Delete als Cure niet mogelijk is.

Als je niet weet wat in te vullen, gebruik dan Skip en vraag dan op het forum wat je het beste kan doen.

20:47:58.0372 5376 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
20:47:59.0402 5376 ================================================== ==========
20:47:59.0402 5376 Current date / time: 2012/10/31 20:47:59.0402
20:47:59.0402 5376 SystemInfo:
20:47:59.0402 5376
20:47:59.0402 5376 OS Version: 6.1.7601 ServicePack: 1.0
20:47:59.0402 5376 Product type: Workstation
20:47:59.0402 5376 ComputerName: WINPHL-U3ZDE7SI
20:47:59.0402 5376 UserName: 3030319
20:47:59.0402 5376 Windows directory: C:\Windows
20:47:59.0402 5376 System windows directory: C:\Windows
20:47:59.0402 5376 Processor architecture: Intel x86
20:47:59.0402 5376 Number of processors: 4
20:47:59.0402 5376 Page size: 0x1000
20:47:59.0402 5376 Boot type: Normal boot
20:47:59.0402 5376 ================================================== ==========
20:48:00.0946 5376 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:48:00.0946 5376 ================================================== ==========
20:48:00.0946 5376 \Device\Harddisk0\DR0:
20:48:00.0946 5376 MBR partitions:
20:48:00.0946 5376 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32800
20:48:00.0946 5376 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0xC351800
20:48:00.0946 5376 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC384800, BlocksNum 0x10A3F800
20:48:00.0946 5376 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x1CDC4000, BlocksNum 0x401170
20:48:00.0946 5376 ================================================== ==========
20:48:00.0962 5376 C: <-> \Device\Harddisk0\DR0\Partition2
20:48:00.0993 5376 D: <-> \Device\Harddisk0\DR0\Partition3
20:48:01.0024 5376 E: <-> \Device\Harddisk0\DR0\Partition4
20:48:01.0024 5376 ================================================== ==========
20:48:01.0024 5376 Initialize success
20:48:01.0024 5376 ================================================== ==========
20:48:27.0583 6124 ================================================== ==========
20:48:27.0583 6124 Scan started
20:48:27.0583 6124 Mode: Manual; SigCheck; TDLFS;
20:48:27.0583 6124 ================================================== ==========
20:48:28.0145 6124 ================ Scan system memory ========================
20:48:28.0145 6124 System memory - ok
20:48:28.0145 6124 ================ Scan services =============================
20:48:28.0332 6124 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:48:28.0441 6124 1394ohci - ok
20:48:28.0472 6124 [ E2346D37CE60F2D928857EE33D04CBDF ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
20:48:28.0503 6124 Accelerometer - ok
20:48:28.0566 6124 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:48:28.0597 6124 ACPI - ok
20:48:28.0644 6124 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:48:28.0675 6124 AcpiPmi - ok
20:48:28.0800 6124 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:48:28.0815 6124 AdobeARMservice - ok
20:48:28.0878 6124 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe
20:48:28.0909 6124 AdobeFlashPlayerUpdateSvc - ok
20:48:28.0956 6124 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:48:29.0003 6124 adp94xx - ok
20:48:29.0034 6124 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:48:29.0081 6124 adpahci - ok
20:48:29.0112 6124 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:48:29.0143 6124 adpu320 - ok
20:48:29.0174 6124 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:48:29.0205 6124 AeLookupSvc - ok
20:48:29.0346 6124 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe
20:48:29.0361 6124 AESTFilters - ok
20:48:29.0439 6124 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:48:29.0471 6124 AFD - ok
20:48:29.0533 6124 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
20:48:29.0549 6124 AgereModemAudio - ok
20:48:29.0627 6124 [ 7560F465F1CE69C53BF17559EE195548 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
20:48:29.0689 6124 AgereSoftModem - ok
20:48:29.0720 6124 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:48:29.0751 6124 agp440 - ok
20:48:29.0798 6124 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
20:48:29.0814 6124 aic78xx - ok
20:48:29.0876 6124 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:48:29.0907 6124 ALG - ok
20:48:29.0923 6124 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:48:29.0939 6124 aliide - ok
20:48:29.0970 6124 [ F7E6535BD3E3CB4ED4D27CF13DAEE487 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:48:30.0001 6124 AMD External Events Utility - ok
20:48:30.0017 6124 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:48:30.0048 6124 amdagp - ok
20:48:30.0079 6124 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:48:30.0110 6124 amdide - ok
20:48:30.0141 6124 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:48:30.0173 6124 AmdK8 - ok
20:48:30.0188 6124 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:48:30.0219 6124 AmdPPM - ok
20:48:30.0266 6124 [ E7F4D42D8076EC60E21715CD11743A0D ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:48:30.0282 6124 amdsata - ok
20:48:30.0329 6124 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:48:30.0360 6124 amdsbs - ok
20:48:30.0375 6124 [ 146459D2B08BFDCBFA856D9947043C81 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:48:30.0391 6124 amdxata - ok
20:48:30.0438 6124 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:48:30.0500 6124 AppID - ok
20:48:30.0547 6124 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:48:30.0609 6124 AppIDSvc - ok
20:48:30.0641 6124 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
20:48:30.0703 6124 Appinfo - ok
20:48:30.0750 6124 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
20:48:30.0781 6124 AppMgmt - ok
20:48:30.0812 6124 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:48:30.0828 6124 arc - ok
20:48:30.0875 6124 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:48:30.0906 6124 arcsas - ok
20:48:30.0984 6124 [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe
20:48:31.0015 6124 aspnet_state - ok
20:48:31.0062 6124 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:48:31.0124 6124 AsyncMac - ok
20:48:31.0155 6124 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:48:31.0187 6124 atapi - ok
20:48:31.0233 6124 [ 5371FF39AB5C496AC609F9DAD755D778 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
20:48:31.0265 6124 AtiHdmiService - ok
20:48:31.0421 6124 [ 09CCC39D6F8D2F7ED6DFAE9ACE03EBDF ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:48:31.0561 6124 atikmdag - ok
20:48:31.0623 6124 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:48:31.0701 6124 AudioEndpointBuilder - ok
20:48:31.0717 6124 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:48:31.0795 6124 Audiosrv - ok
20:48:31.0826 6124 AVFSFilter - ok
20:48:31.0889 6124 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:48:31.0935 6124 AxInstSV - ok
20:48:31.0982 6124 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
20:48:32.0029 6124 b06bdrv - ok
20:48:32.0060 6124 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:48:32.0091 6124 b57nd60x - ok
20:48:32.0169 6124 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
20:48:32.0201 6124 BBSvc - ok
20:48:32.0232 6124 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:48:32.0263 6124 BDESVC - ok
20:48:32.0279 6124 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:48:32.0341 6124 Beep - ok
20:48:32.0403 6124 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:48:32.0466 6124 BFE - ok
20:48:32.0700 6124 [ 684B12018A54ADC1F856372EC5762B48 ] BHDrvx86 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\BASH Defs\20121005.012\BHDrvx86.sys
20:48:32.0762 6124 BHDrvx86 - ok
20:48:32.0793 6124 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
20:48:32.0871 6124 BITS - ok
20:48:32.0903 6124 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:48:32.0934 6124 blbdrive - ok
20:48:32.0981 6124 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:48:33.0012 6124 bowser - ok
20:48:33.0043 6124 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:48:33.0074 6124 BrFiltLo - ok
20:48:33.0105 6124 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:48:33.0137 6124 BrFiltUp - ok
20:48:33.0215 6124 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:48:33.0277 6124 BridgeMP - ok
20:48:33.0308 6124 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:48:33.0339 6124 Browser - ok
20:48:33.0386 6124 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:48:33.0417 6124 Brserid - ok
20:48:33.0433 6124 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:48:33.0464 6124 BrSerWdm - ok
20:48:33.0495 6124 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:48:33.0527 6124 BrUsbMdm - ok
20:48:33.0558 6124 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:48:33.0589 6124 BrUsbSer - ok
20:48:33.0620 6124 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:48:33.0651 6124 BthEnum - ok
20:48:33.0683 6124 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:48:33.0714 6124 BTHMODEM - ok
20:48:33.0745 6124 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:48:33.0792 6124 BthPan - ok
20:48:33.0807 6124 [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:48:33.0854 6124 BTHPORT - ok
20:48:33.0885 6124 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:48:33.0948 6124 bthserv - ok
20:48:33.0963 6124 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:48:33.0995 6124 BTHUSB - ok
20:48:34.0041 6124 [ 7E826BE3B3558208D5C9B00034E51BE5 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
20:48:34.0073 6124 btwaudio - ok
20:48:34.0104 6124 [ AF9148C3E844131AC954CB53FF43D971 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
20:48:34.0135 6124 btwavdt - ok
20:48:34.0197 6124 [ E2ACED92A998E339DC5964C94E3DDB55 ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
20:48:34.0229 6124 btwdins - ok
20:48:34.0244 6124 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
20:48:34.0260 6124 btwl2cap - ok
20:48:34.0291 6124 [ 480B3D195854B2E55299CDDDDC50BCF9 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
20:48:34.0307 6124 btwrchid - ok
20:48:34.0431 6124 catchme - ok
20:48:34.0494 6124 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:48:34.0572 6124 cdfs - ok
20:48:34.0634 6124 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:48:34.0665 6124 cdrom - ok
20:48:34.0712 6124 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:48:34.0775 6124 CertPropSvc - ok
20:48:34.0821 6124 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:48:34.0853 6124 circlass - ok
20:48:34.0915 6124 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:48:34.0946 6124 CLFS - ok
20:48:34.0993 6124 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
20:48:35.0024 6124 clr_optimization_v2.0.50727_32 - ok
20:48:35.0118 6124 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe
20:48:35.0149 6124 clr_optimization_v4.0.30319_32 - ok
20:48:35.0165 6124 clwvd - ok
20:48:35.0180 6124 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:48:35.0211 6124 CmBatt - ok
20:48:35.0243 6124 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:48:35.0274 6124 cmdide - ok
20:48:35.0305 6124 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:48:35.0367 6124 CNG - ok
20:48:35.0461 6124 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
20:48:35.0477 6124 Com4QLBEx - ok
20:48:35.0492 6124 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:48:35.0523 6124 Compbatt - ok
20:48:35.0601 6124 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:48:35.0633 6124 CompositeBus - ok
20:48:35.0648 6124 COMSysApp - ok
20:48:35.0679 6124 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:48:35.0711 6124 crcdisk - ok
20:48:35.0757 6124 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:48:35.0789 6124 CryptSvc - ok
20:48:35.0820 6124 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
20:48:35.0851 6124 CSC - ok
20:48:35.0882 6124 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
20:48:35.0929 6124 CscService - ok
20:48:35.0976 6124 [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
20:48:36.0007 6124 ctxusbm - ok
20:48:36.0054 6124 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:48:36.0116 6124 DcomLaunch - ok
20:48:36.0163 6124 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:48:36.0225 6124 defragsvc - ok
20:48:36.0272 6124 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:48:36.0335 6124 DfsC - ok
20:48:36.0381 6124 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:48:36.0459 6124 Dhcp - ok
20:48:36.0491 6124 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:48:36.0569 6124 discache - ok
20:48:36.0600 6124 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:48:36.0631 6124 Disk - ok
20:48:36.0662 6124 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:48:36.0693 6124 Dnscache - ok
20:48:36.0740 6124 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:48:36.0803 6124 dot3svc - ok
20:48:36.0849 6124 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:48:36.0912 6124 DPS - ok
20:48:36.0959 6124 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:48:36.0990 6124 drmkaud - ok
20:48:37.0037 6124 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:48:37.0083 6124 DXGKrnl - ok
20:48:37.0130 6124 [ 3D042B4C6FDDE698A3D6BD0B6191C92F ] e1kexpress C:\Windows\system32\DRIVERS\e1k6232.sys
20:48:37.0161 6124 e1kexpress - ok
20:48:37.0208 6124 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:48:37.0271 6124 EapHost - ok
20:48:37.0349 6124 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
20:48:37.0458 6124 ebdrv - ok
20:48:37.0551 6124 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:48:37.0598 6124 eeCtrl - ok
20:48:37.0614 6124 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:48:37.0645 6124 EFS - ok
20:48:37.0723 6124 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:48:37.0754 6124 ehRecvr - ok
20:48:37.0801 6124 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
20:48:37.0832 6124 ehSched - ok
20:48:37.0895 6124 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:48:37.0926 6124 elxstor - ok
20:48:37.0988 6124 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:48:38.0004 6124 EraserUtilRebootDrv - ok
20:48:38.0051 6124 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:48:38.0082 6124 ErrDev - ok
20:48:38.0144 6124 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:48:38.0207 6124 EventSystem - ok
20:48:38.0222 6124 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:48:38.0300 6124 exfat - ok
20:48:38.0316 6124 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:48:38.0394 6124 fastfat - ok
20:48:38.0425 6124 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:48:38.0472 6124 Fax - ok
20:48:38.0487 6124 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:48:38.0534 6124 fdc - ok
20:48:38.0565 6124 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:48:38.0628 6124 fdPHost - ok
20:48:38.0628 6124 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:48:38.0706 6124 FDResPub - ok
20:48:38.0721 6124 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:48:38.0737 6124 FileInfo - ok
20:48:38.0768 6124 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:48:38.0831 6124 Filetrace - ok
20:48:38.0846 6124 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:48:38.0877 6124 flpydisk - ok
20:48:38.0893 6124 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:48:38.0924 6124 FltMgr - ok
20:48:38.0987 6124 [ FA6C66E4364D7DA57AADE5DCC03BB999 ] FontCache C:\Windows\system32\FntCache.dll
20:48:39.0065 6124 FontCache - ok
20:48:39.0111 6124 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\Presen tationFontCache.exe
20:48:39.0127 6124 FontCache3.0.0.0 - ok
20:48:39.0143 6124 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:48:39.0174 6124 FsDepends - ok
20:48:39.0205 6124 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:48:39.0236 6124 Fs_Rec - ok
20:48:39.0299 6124 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:48:39.0330 6124 fvevol - ok
20:48:39.0345 6124 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:48:39.0377 6124 gagp30kx - ok
20:48:39.0455 6124 [ 4AC51459805264AFFD5F6FDFB9D9235F ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
20:48:39.0470 6124 GEARAspiWDM - ok
20:48:39.0517 6124 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:48:39.0595 6124 gpsvc - ok
20:48:39.0720 6124 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:48:39.0751 6124 gupdate - ok
20:48:39.0767 6124 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:48:39.0782 6124 gupdatem - ok
20:48:39.0813 6124 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:48:39.0845 6124 hcw85cir - ok
20:48:39.0891 6124 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:48:39.0938 6124 HdAudAddService - ok
20:48:39.0954 6124 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:48:40.0001 6124 HDAudBus - ok
20:48:40.0032 6124 [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI C:\Windows\system32\DRIVERS\HECI.sys
20:48:40.0047 6124 HECI - ok
20:48:40.0079 6124 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:48:40.0110 6124 HidBatt - ok
20:48:40.0141 6124 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:48:40.0172 6124 HidBth - ok
20:48:40.0203 6124 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:48:40.0235 6124 HidIr - ok
20:48:40.0281 6124 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
20:48:40.0344 6124 hidserv - ok
20:48:40.0375 6124 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:48:40.0406 6124 HidUsb - ok
20:48:40.0437 6124 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:48:40.0500 6124 hkmsvc - ok
20:48:40.0547 6124 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:48:40.0578 6124 HomeGroupListener - ok
20:48:40.0640 6124 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:48:40.0671 6124 HomeGroupProvider - ok
20:48:40.0734 6124 [ 47810BF7BF4480A602621E341BF46586 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
20:48:40.0749 6124 HP Wireless Assistant Service - ok
20:48:40.0781 6124 [ 20C3DE306E40CA433581E0DB4578546E ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
20:48:40.0796 6124 hpdskflt - ok
20:48:40.0827 6124 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
20:48:40.0859 6124 HpqKbFiltr - ok
20:48:40.0952 6124 [ 640E51DB253265C3EAC075866B3D2B33 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
20:48:40.0999 6124 hpqwmiex - ok
20:48:41.0046 6124 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:48:41.0077 6124 HpSAMD - ok
20:48:41.0093 6124 [ 8012920E97A0ED95E7E6D603BF4C0118 ] hpsrv C:\Windows\system32\Hpservice.exe
20:48:41.0108 6124 hpsrv - ok
20:48:41.0171 6124 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:48:41.0249 6124 HTTP - ok
20:48:41.0264 6124 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:48:41.0280 6124 hwpolicy - ok
20:48:41.0327 6124 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:48:41.0358 6124 i8042prt - ok
20:48:41.0373 6124 [ A3CAE5D281DB4CFF7CFF8233507EE5AD ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:48:41.0420 6124 iaStorV - ok
20:48:41.0483 6124 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:48:41.0498 6124 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:48:41.0498 6124 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:48:41.0561 6124 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:48:41.0607 6124 idsvc - ok
20:48:41.0732 6124 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\IPSD efs\20121030.002\IDSvix86.sys
20:48:41.0763 6124 IDSVix86 - ok
20:48:41.0795 6124 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:48:41.0826 6124 iirsp - ok
20:48:41.0888 6124 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:48:41.0966 6124 IKEEXT - ok
20:48:41.0982 6124 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:48:42.0013 6124 intelide - ok
20:48:42.0044 6124 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:48:42.0075 6124 intelppm - ok
20:48:42.0107 6124 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:48:42.0185 6124 IPBusEnum - ok
20:48:42.0216 6124 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:48:42.0278 6124 IpFilterDriver - ok
20:48:42.0325 6124 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:48:42.0403 6124 iphlpsvc - ok
20:48:42.0450 6124 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:48:42.0481 6124 IPMIDRV - ok
20:48:42.0481 6124 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:48:42.0559 6124 IPNAT - ok
20:48:42.0590 6124 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:48:42.0637 6124 IRENUM - ok
20:48:42.0668 6124 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:48:42.0699 6124 isapnp - ok
20:48:42.0731 6124 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:48:42.0762 6124 iScsiPrt - ok
20:48:42.0809 6124 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
20:48:42.0840 6124 IviRegMgr - ok
20:48:42.0840 6124 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:48:42.0871 6124 kbdclass - ok
20:48:42.0887 6124 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:48:42.0918 6124 kbdhid - ok
20:48:42.0933 6124 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:48:42.0965 6124 KeyIso - ok
20:48:42.0996 6124 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:48:43.0027 6124 KSecDD - ok
20:48:43.0058 6124 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:48:43.0089 6124 KSecPkg - ok
20:48:43.0121 6124 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:48:43.0199 6124 KtmRm - ok
20:48:43.0245 6124 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
20:48:43.0308 6124 LanmanServer - ok
20:48:43.0355 6124 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:48:43.0417 6124 LanmanWorkstation - ok
20:48:43.0464 6124 [ 17203D81A68D9162DB9022A1FC601778 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:48:43.0479 6124 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:48:43.0479 6124 LightScribeService - detected UnsignedFile.Multi.Generic (1)
20:48:43.0526 6124 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:48:43.0589 6124 lltdio - ok
20:48:43.0620 6124 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:48:43.0698 6124 lltdsvc - ok
20:48:43.0713 6124 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:48:43.0776 6124 lmhosts - ok
20:48:43.0869 6124 [ BB4E55778D8DE3885E1CDAC795DE7BCE ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:48:43.0901 6124 LMS - ok
20:48:43.0916 6124 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:48:43.0947 6124 LSI_FC - ok
20:48:43.0979 6124 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:48:44.0010 6124 LSI_SAS - ok
20:48:44.0025 6124 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:48:44.0057 6124 LSI_SAS2 - ok
20:48:44.0103 6124 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:48:44.0135 6124 LSI_SCSI - ok
20:48:44.0166 6124 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:48:44.0244 6124 luafv - ok
20:48:44.0275 6124 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:48:44.0306 6124 Mcx2Svc - ok
20:48:44.0322 6124 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:48:44.0353 6124 megasas - ok
20:48:44.0369 6124 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:48:44.0400 6124 MegaSR - ok
20:48:44.0478 6124 Microsoft SharePoint Workspace Audit Service - ok
20:48:44.0509 6124 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:48:44.0571 6124 MMCSS - ok
20:48:44.0618 6124 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:48:44.0681 6124 Modem - ok
20:48:44.0727 6124 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:48:44.0759 6124 monitor - ok
20:48:44.0805 6124 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:48:44.0821 6124 mouclass - ok
20:48:44.0852 6124 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:48:44.0883 6124 mouhid - ok
20:48:44.0930 6124 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:48:44.0946 6124 mountmgr - ok
20:48:44.0961 6124 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:48:44.0993 6124 mpio - ok
20:48:45.0008 6124 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:48:45.0071 6124 mpsdrv - ok
20:48:45.0117 6124 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:48:45.0195 6124 MpsSvc - ok
20:48:45.0242 6124 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:48:45.0289 6124 MRxDAV - ok
20:48:45.0336 6124 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:48:45.0367 6124 mrxsmb - ok
20:48:45.0383 6124 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:48:45.0429 6124 mrxsmb10 - ok
20:48:45.0429 6124 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:48:45.0461 6124 mrxsmb20 - ok
20:48:45.0507 6124 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:48:45.0523 6124 msahci - ok
20:48:45.0570 6124 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:48:45.0601 6124 msdsm - ok
20:48:45.0648 6124 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:48:45.0679 6124 MSDTC - ok
20:48:45.0726 6124 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:48:45.0804 6124 Msfs - ok
20:48:45.0804 6124 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:48:45.0882 6124 mshidkmdf - ok
20:48:45.0897 6124 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:48:45.0913 6124 msisadrv - ok
20:48:45.0960 6124 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:48:46.0022 6124 MSiSCSI - ok
20:48:46.0038 6124 msiserver - ok
20:48:46.0069 6124 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:48:46.0131 6124 MSKSSRV - ok
20:48:46.0147 6124 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:48:46.0209 6124 MSPCLOCK - ok
20:48:46.0209 6124 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:48:46.0272 6124 MSPQM - ok
20:48:46.0303 6124 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:48:46.0334 6124 MsRPC - ok
20:48:46.0365 6124 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:48:46.0397 6124 mssmbios - ok
20:48:46.0412 6124 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:48:46.0475 6124 MSTEE - ok
20:48:46.0506 6124 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:48:46.0537 6124 MTConfig - ok
20:48:46.0568 6124 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:48:46.0599 6124 Mup - ok
20:48:46.0646 6124 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:48:46.0724 6124 napagent - ok
20:48:46.0755 6124 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:48:46.0787 6124 NativeWifiP - ok
20:48:46.0880 6124 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\Viru sDefs\20121031.004\NAVENG.SYS
20:48:46.0911 6124 NAVENG - ok
20:48:46.0958 6124 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\Viru sDefs\20121031.004\NAVEX15.SYS
20:48:47.0036 6124 NAVEX15 - ok
20:48:47.0099 6124 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:48:47.0145 6124 NDIS - ok
20:48:47.0177 6124 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:48:47.0255 6124 NdisCap - ok
20:48:47.0270 6124 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:48:47.0333 6124 NdisTapi - ok
20:48:47.0364 6124 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:48:47.0426 6124 Ndisuio - ok
20:48:47.0442 6124 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:48:47.0520 6124 NdisWan - ok
20:48:47.0567 6124 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:48:47.0629 6124 NDProxy - ok
20:48:47.0629 6124 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:48:47.0707 6124 NetBIOS - ok
20:48:47.0738 6124 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:48:47.0801 6124 NetBT - ok
20:48:47.0816 6124 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:48:47.0847 6124 Netlogon - ok
20:48:47.0894 6124 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:48:47.0972 6124 Netman - ok
20:48:47.0988 6124 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:48:48.0097 6124 netprofm - ok
20:48:48.0113 6124 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:48:48.0144 6124 NetTcpPortSharing - ok
20:48:48.0331 6124 [ 3577B851E59DA59E6D65419A057C9914 ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
20:48:48.0518 6124 NETw5s32 - ok
20:48:48.0581 6124 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:48:48.0612 6124 nfrd960 - ok
20:48:48.0705 6124 [ 9BF72FCCCE641F76475A8B5320D22D60 ] NitroDriverReadSpool C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
20:48:48.0721 6124 NitroDriverReadSpool - ok
20:48:48.0768 6124 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:48:48.0830 6124 NlaSvc - ok
20:48:48.0877 6124 [ F01C0516A88FFC54D891475947B96A7A ] nlsX86cc C:\Windows\system32\NLSSRV32.EXE
20:48:48.0893 6124 nlsX86cc - ok
20:48:48.0939 6124 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:48:49.0002 6124 Npfs - ok
20:48:49.0033 6124 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:48:49.0095 6124 nsi - ok
20:48:49.0111 6124 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:48:49.0173 6124 nsiproxy - ok
20:48:49.0205 6124 [ 33C3093D09017CFE2E219F2472BFF6EB ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:48:49.0283 6124 Ntfs - ok
20:48:49.0298 6124 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:48:49.0361 6124 Null - ok
20:48:49.0407 6124 [ AF2EEC9580C1D32FB7EAF105D9784061 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:48:49.0439 6124 nvraid - ok
20:48:49.0454 6124 [ 9283C58EBAA2618F93482EB5DABCEC82 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:48:49.0485 6124 nvstor - ok
20:48:49.0517 6124 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:48:49.0548 6124 nv_agp - ok
20:48:49.0579 6124 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:48:49.0610 6124 ohci1394 - ok
20:48:49.0673 6124 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:48:49.0704 6124 ose - ok
20:48:49.0860 6124 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E
20:48:50.0063 6124 osppsvc - ok
20:48:50.0109 6124 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:48:50.0156 6124 p2pimsvc - ok
20:48:50.0172 6124 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:48:50.0219 6124 p2psvc - ok
20:48:50.0250 6124 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:48:50.0281 6124 Parport - ok
20:48:50.0343 6124 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:48:50.0375 6124 partmgr - ok
20:48:50.0390 6124 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:48:50.0406 6124 Parvdm - ok
20:48:50.0437 6124 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:48:50.0468 6124 PcaSvc - ok
20:48:50.0515 6124 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:48:50.0546 6124 pci - ok
20:48:50.0577 6124 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:48:50.0609 6124 pciide - ok
20:48:50.0640 6124 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:48:50.0671 6124 pcmcia - ok
20:48:50.0718 6124 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:48:50.0749 6124 pcw - ok
20:48:50.0780 6124 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:48:50.0858 6124 PEAUTH - ok
20:48:50.0921 6124 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:48:50.0983 6124 PeerDistSvc - ok
20:48:51.0061 6124 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:48:51.0155 6124 pla - ok
20:48:51.0217 6124 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:48:51.0248 6124 PlugPlay - ok
20:48:51.0326 6124 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
20:48:51.0342 6124 PnkBstrA - ok
20:48:51.0373 6124 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:48:51.0404 6124 PNRPAutoReg - ok
20:48:51.0435 6124 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:48:51.0467 6124 PNRPsvc - ok
20:48:51.0513 6124 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:48:51.0576 6124 PolicyAgent - ok
20:48:51.0607 6124 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:48:51.0685 6124 Power - ok
20:48:51.0732 6124 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:48:51.0794 6124 PptpMiniport - ok
20:48:51.0810 6124 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:48:51.0841 6124 Processor - ok
20:48:51.0888 6124 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
20:48:51.0950 6124 ProfSvc - ok
20:48:51.0966 6124 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:48:51.0997 6124 ProtectedStorage - ok
20:48:52.0013 6124 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:48:52.0106 6124 Psched - ok
20:48:52.0169 6124 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
20:48:52.0200 6124 PSI_SVC_2 - ok
20:48:52.0247 6124 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
20:48:52.0262 6124 PxHelp20 - ok
20:48:52.0309 6124 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:48:52.0387 6124 ql2300 - ok
20:48:52.0403 6124 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:48:52.0434 6124 ql40xx - ok
20:48:52.0465 6124 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:48:52.0512 6124 QWAVE - ok
20:48:52.0559 6124 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:48:52.0590 6124 QWAVEdrv - ok
20:48:52.0605 6124 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:48:52.0668 6124 RasAcd - ok
20:48:52.0699 6124 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:48:52.0746 6124 RasAgileVpn - ok
20:48:52.0777 6124 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:48:52.0839 6124 RasAuto - ok
20:48:52.0855 6124 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:48:52.0917 6124 Rasl2tp - ok
20:48:52.0964 6124 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:48:53.0042 6124 RasMan - ok
20:48:53.0058 6124 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:48:53.0136 6124 RasPppoe - ok
20:48:53.0151 6124 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:48:53.0214 6124 RasSstp - ok
20:48:53.0261 6124 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:48:53.0323 6124 rdbss - ok
20:48:53.0339 6124 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:48:53.0385 6124 rdpbus - ok
20:48:53.0385 6124 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:48:53.0448 6124 RDPCDD - ok
20:48:53.0463 6124 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:48:53.0495 6124 RDPDR - ok
20:48:53.0526 6124 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:48:53.0588 6124 RDPENCDD - ok
20:48:53.0619 6124 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:48:53.0682 6124 RDPREFMP - ok
20:48:53.0760 6124 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:48:53.0791 6124 RdpVideoMiniport - ok
20:48:53.0822 6124 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:48:53.0853 6124 RDPWD - ok
20:48:53.0885 6124 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:48:53.0916 6124 rdyboost - ok
20:48:53.0978 6124 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
20:48:53.0994 6124 regi - ok
20:48:54.0041 6124 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:48:54.0103 6124 RemoteAccess - ok
20:48:54.0150 6124 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:48:54.0212 6124 RemoteRegistry - ok
20:48:54.0259 6124 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:48:54.0290 6124 RFCOMM - ok
20:48:54.0321 6124 [ DF672613FBBCD58C38BB0BC2694BCFB0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
20:48:54.0353 6124 rimmptsk - ok
20:48:54.0368 6124 [ E891F07815AF88075705EF6A248711F6 ] rimspci C:\Windows\system32\DRIVERS\rimspe86.sys
20:48:54.0399 6124 rimspci - ok
20:48:54.0431 6124 [ 9BFB54D3559F2FF7301271D29D383564 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
20:48:54.0462 6124 rimsptsk - ok
20:48:54.0477 6124 [ D853D35F792A3A44726A794BF9A0BBC3 ] risdpcie C:\Windows\system32\DRIVERS\risdpe86.sys
20:48:54.0509 6124 risdpcie - ok
20:48:54.0587 6124 [ DCB87DA83CC1010CBC9FC4DC9E395BBC ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
20:48:54.0602 6124 rismxdp - ok
20:48:54.0665 6124 [ CF2DE2365FD99E5B8E38C9F3467DCDB8 ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe86.sys
20:48:54.0696 6124 rixdpcie - ok
20:48:54.0821 6124 [ 85F9924FB26D924C4A10DC620AE2C350 ] RoxMediaDB10 C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
20:48:54.0883 6124 RoxMediaDB10 - ok
20:48:54.0930 6124 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:48:55.0008 6124 RpcEptMapper - ok
20:48:55.0039 6124 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:48:55.0070 6124 RpcLocator - ok
20:48:55.0117 6124 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:48:55.0179 6124 RpcSs - ok
20:48:55.0226 6124 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:48:55.0304 6124 rspndr - ok
20:48:55.0335 6124 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:48:55.0367 6124 s3cap - ok
20:48:55.0398 6124 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:48:55.0429 6124 SamSs - ok
20:48:55.0460 6124 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:48:55.0491 6124 sbp2port - ok
20:48:55.0507 6124 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:48:55.0569 6124 SCardSvr - ok
20:48:55.0601 6124 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:48:55.0663 6124 scfilter - ok
20:48:55.0694 6124 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:48:55.0772 6124 Schedule - ok
20:48:55.0803 6124 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:48:55.0866 6124 SCPolicySvc - ok
20:48:55.0913 6124 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
20:48:55.0959 6124 sdbus - ok
20:48:55.0991 6124 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:48:56.0022 6124 SDRSVC - ok
20:48:56.0115 6124 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
20:48:56.0147 6124 SeaPort - ok
20:48:56.0193 6124 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:48:56.0256 6124 secdrv - ok
20:48:56.0287 6124 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:48:56.0365 6124 seclogon - ok
20:48:56.0365 6124 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
20:48:56.0443 6124 SENS - ok
20:48:56.0490 6124 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:48:56.0521 6124 SensrSvc - ok
20:48:56.0724 6124 [ 423624F5AEE2EA03250C2E79CEFF1A76 ] SepMasterService C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exe
20:48:56.0755 6124 SepMasterService - ok
20:48:56.0771 6124 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:48:56.0802 6124 Serenum - ok
20:48:56.0817 6124 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:48:56.0849 6124 Serial - ok
20:48:56.0895 6124 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:48:56.0927 6124 sermouse - ok
20:48:56.0973 6124 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:48:57.0036 6124 SessionEnv - ok
20:48:57.0083 6124 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:48:57.0098 6124 sffdisk - ok
20:48:57.0129 6124 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:48:57.0145 6124 sffp_mmc - ok
20:48:57.0161 6124 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:48:57.0207 6124 sffp_sd - ok
20:48:57.0207 6124 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:48:57.0239 6124 sfloppy - ok
20:48:57.0301 6124 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:48:57.0363 6124 SharedAccess - ok
20:48:57.0410 6124 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:48:57.0488 6124 ShellHWDetection - ok
20:48:57.0519 6124 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:48:57.0551 6124 sisagp - ok
20:48:57.0613 6124 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:48:57.0644 6124 SiSRaid2 - ok
20:48:57.0660 6124 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:48:57.0691 6124 SiSRaid4 - ok
20:48:57.0753 6124 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:48:57.0769 6124 SkypeUpdate - ok
20:48:57.0816 6124 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:48:57.0878 6124 Smb - ok
20:48:57.0972 6124 [ 2B7FED21A224687AFC10C593F01769D6 ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\Smc.exe
20:48:58.0065 6124 SmcService - ok
20:48:58.0112 6124 [ 61FF4FD8E9792F6FE9DC46B2A18F98CD ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\snac.exe
20:48:58.0143 6124 SNAC - ok
20:48:58.0190 6124 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:48:58.0237 6124 SNMPTRAP - ok
20:48:58.0299 6124 [ 4D8A49526AA035B1A8FF3FE6807783F5 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
20:48:58.0393 6124 SNP2UVC - ok
20:48:58.0409 6124 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:48:58.0440 6124 spldr - ok
20:48:58.0487 6124 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
20:48:58.0549 6124 Spooler - ok
20:48:58.0643 6124 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:48:58.0799 6124 sppsvc - ok
20:48:58.0814 6124 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:48:58.0877 6124 sppuinotify - ok
20:48:58.0955 6124 [ D2738300D59E316931F823A2A6016114 ] SRTSP C:\Windows\system32\Drivers\SEP\0C01044D\0191.105\ x86\SRTSP.SYS
20:48:59.0001 6124 SRTSP - ok
20:48:59.0048 6124 [ FBD0DAE54B782F8A9E8B6EEAB732249A ] SRTSPX C:\Windows\system32\Drivers\SEP\0C01044D\0191.105\ x86\SRTSPX.SYS
20:48:59.0064 6124 SRTSPX - ok
20:48:59.0111 6124 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:48:59.0142 6124 srv - ok
20:48:59.0157 6124 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:48:59.0189 6124 srv2 - ok
20:48:59.0204 6124 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:48:59.0235 6124 srvnet - ok
20:48:59.0267 6124 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:48:59.0345 6124 SSDPSRV - ok
20:48:59.0360 6124 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:48:59.0423 6124 SstpSvc - ok
20:48:59.0547 6124 [ 43DC7ADA838F6A24B93B7C7FF2FCD08D ] STacSV C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe
20:48:59.0579 6124 STacSV - ok
20:48:59.0610 6124 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:48:59.0625 6124 stexstor - ok
20:48:59.0703 6124 [ 356CC453B79C35B8CE1A14873DD6322D ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
20:48:59.0750 6124 STHDA - ok
20:48:59.0797 6124 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:48:59.0844 6124 StiSvc - ok
20:48:59.0891 6124 [ AD989072596AB313D7FA13BCF69573F7 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:48:59.0922 6124 stllssvr - ok
20:48:59.0953 6124 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:48:59.0984 6124 storflt - ok
20:48:59.0984 6124 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:49:00.0015 6124 storvsc - ok
20:49:00.0047 6124 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:49:00.0078 6124 swenum - ok
20:49:00.0125 6124 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:49:00.0187 6124 swprv - ok
20:49:00.0249 6124 [ 843F3603C32667D1C25B2D97D24343A5 ] SyDvCtrl C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\SyDvCtrl32.sys
20:49:00.0265 6124 SyDvCtrl - ok
20:49:00.0296 6124 [ 4F52D56310FEF75249914F352DDE7D13 ] SymDS C:\Windows\system32\Drivers\SEP\0C01044D\0191.105\ x86\SYMDS.SYS
20:49:00.0327 6124 SymDS - ok
20:49:00.0374 6124 [ 04F7A78ACE126C46CACA0573668BF08D ] SymEFA C:\Windows\system32\Drivers\SEP\0C01044D\0191.105\ x86\SYMEFA.SYS
20:49:00.0421 6124 SymEFA - ok
20:49:00.0483 6124 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
20:49:00.0499 6124 SymEvent - ok
20:49:00.0561 6124 [ 7450A24AFBC9B0804D0A987204FFC0F8 ] SymIRON C:\Windows\system32\Drivers\SEP\0C01044D\0191.105\ x86\Ironx86.SYS
20:49:00.0577 6124 SymIRON - ok
20:49:00.0624 6124 [ 5A757DBA1515F270E8659225A8C8E224 ] SYMNETS C:\Windows\system32\Drivers\SEP\0C01044D\0191.105\ x86\SYMNETS.SYS
20:49:00.0655 6124 SYMNETS - ok
20:49:00.0686 6124 Synth3dVsc - ok
20:49:00.0749 6124 [ 0E8676FB3BB95AA40FDF7A4A31018C8B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:49:00.0827 6124 SynTP - ok
20:49:00.0889 6124 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:49:00.0951 6124 SysMain - ok
20:49:01.0029 6124 [ C04B0B5D53F8BEF89406E9C0F97FCFB7 ] SysPlant C:\Windows\system32\Drivers\SysPlant.sys
20:49:01.0045 6124 SysPlant - ok
20:49:01.0092 6124 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:49:01.0139 6124 TabletInputService - ok
20:49:01.0185 6124 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:49:01.0248 6124 TapiSrv - ok
20:49:01.0295 6124 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:49:01.0357 6124 TBS - ok
20:49:01.0404 6124 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:49:01.0482 6124 Tcpip - ok
20:49:01.0544 6124 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:49:01.0622 6124 TCPIP6 - ok
20:49:01.0653 6124 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:49:01.0700 6124 tcpipreg - ok
20:49:01.0731 6124 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:49:01.0763 6124 TDPIPE - ok
20:49:01.0794 6124 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:49:01.0825 6124 TDTCP - ok
20:49:01.0856 6124 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:49:01.0919 6124 tdx - ok
20:49:01.0981 6124 [ 438A8CA953BDC64AF68AA9C5E9624ED6 ] Teefer2 C:\Windows\system32\DRIVERS\Teefer.sys
20:49:01.0997 6124 Teefer2 - ok
20:49:02.0043 6124 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:49:02.0075 6124 TermDD - ok
20:49:02.0090 6124 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:49:02.0168 6124 TermService - ok
20:49:02.0199 6124 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:49:02.0246 6124 Themes - ok
20:49:02.0277 6124 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:49:02.0340 6124 THREADORDER - ok
20:49:02.0387 6124 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\Windows\system32\drivers\tpm.sys
20:49:02.0402 6124 TPM - ok
20:49:02.0433 6124 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:49:02.0496 6124 TrkWks - ok
20:49:02.0558 6124 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:49:02.0621 6124 TrustedInstaller - ok
20:49:02.0667 6124 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:49:02.0730 6124 tssecsrv - ok
20:49:02.0761 6124 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:49:02.0792 6124 TsUsbFlt - ok
20:49:02.0792 6124 tsusbhub - ok
20:49:02.0855 6124 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:49:02.0917 6124 tunnel - ok
20:49:02.0933 6124 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:49:02.0964 6124 uagp35 - ok
20:49:02.0995 6124 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:49:03.0057 6124 udfs - ok
20:49:03.0089 6124 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:49:03.0120 6124 UI0Detect - ok
20:49:03.0151 6124 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:49:03.0182 6124 uliagpkx - ok
20:49:03.0213 6124 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
20:49:03.0245 6124 umbus - ok
20:49:03.0291 6124 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:49:03.0323 6124 UmPass - ok
20:49:03.0369 6124 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
20:49:03.0401 6124 UmRdpService - ok
20:49:03.0713 6124 [ 44AA8D5D3B3B5610FEF46CA8A9C52D8C ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:49:03.0822 6124 UNS - ok
20:49:03.0837 6124 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:49:03.0915 6124 upnphost - ok
20:49:03.0931 6124 [ 7E72E7D7E0757D59481D530FD2B0BFAE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:49:03.0962 6124 usbccgp - ok
20:49:03.0978 6124 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:49:04.0009 6124 usbcir - ok
20:49:04.0040 6124 [ CFBCE999C057D78979A181C9C60F208E ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:49:04.0071 6124 usbehci - ok
20:49:04.0087 6124 [ 9D22AAD9AC6A07C691A1113E5F860868 ] usbhub C:\Windows\system32\drivers\usbhub.sys
20:49:04.0134 6124 usbhub - ok
20:49:04.0149 6124 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:49:04.0181 6124 usbohci - ok
20:49:04.0212 6124 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:49:04.0243 6124 usbprint - ok
20:49:04.0290 6124 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:49:04.0321 6124 usbscan - ok
20:49:04.0337 6124 [ BF63EBFC6979FEFB2BC03DF7989A0C1A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:49:04.0368 6124 USBSTOR - ok
20:49:04.0399 6124 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:49:04.0415 6124 usbuhci - ok
20:49:04.0446 6124 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:49:04.0477 6124 usbvideo - ok
20:49:04.0508 6124 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:49:04.0571 6124 UxSms - ok
20:49:04.0602 6124 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:49:04.0633 6124 VaultSvc - ok
20:49:04.0649 6124 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:49:04.0680 6124 vdrvroot - ok
20:49:04.0727 6124 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:49:04.0789 6124 vds - ok
20:49:04.0836 6124 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:49:04.0867 6124 vga - ok
20:49:04.0883 6124 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:49:04.0945 6124 VgaSave - ok
20:49:04.0961 6124 VGPU - ok
20:49:04.0976 6124 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:49:05.0008 6124 vhdmp - ok
20:49:05.0039 6124 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:49:05.0070 6124 viaagp - ok
20:49:05.0086 6124 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
20:49:05.0117 6124 ViaC7 - ok
20:49:05.0132 6124 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:49:05.0164 6124 viaide - ok
20:49:05.0195 6124 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:49:05.0226 6124 vmbus - ok
20:49:05.0242 6124 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:49:05.0273 6124 VMBusHID - ok
20:49:05.0288 6124 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:49:05.0320 6124 volmgr - ok
20:49:05.0335 6124 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:49:05.0366 6124 volmgrx - ok
20:49:05.0398 6124 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:49:05.0429 6124 volsnap - ok
20:49:05.0460 6124 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:49:05.0491 6124 vsmraid - ok
20:49:05.0538 6124 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:49:05.0632 6124 VSS - ok
20:49:05.0663 6124 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:49:05.0694 6124 vwifibus - ok
20:49:05.0741 6124 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:49:05.0772 6124 vwififlt - ok
20:49:05.0803 6124 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:49:05.0834 6124 vwifimp - ok
20:49:05.0881 6124 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:49:05.0944 6124 W32Time - ok
20:49:05.0975 6124 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:49:05.0990 6124 WacomPen - ok
20:49:06.0037 6124 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:49:06.0100 6124 WANARP - ok
20:49:06.0115 6124 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:49:06.0178 6124 Wanarpv6 - ok
20:49:06.0240 6124 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:49:06.0318 6124 WatAdminSvc - ok
20:49:06.0380 6124 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:49:06.0443 6124 wbengine - ok
20:49:06.0458 6124 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:49:06.0505 6124 WbioSrvc - ok
20:49:06.0536 6124 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:49:06.0583 6124 wcncsvc - ok
20:49:06.0599 6124 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:49:06.0630 6124 WcsPlugInService - ok
20:49:06.0646 6124 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:49:06.0677 6124 Wd - ok
20:49:06.0692 6124 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:49:06.0739 6124 Wdf01000 - ok
20:49:06.0755 6124 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:49:06.0786 6124 WdiServiceHost - ok
20:49:06.0802 6124 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:49:06.0848 6124 WdiSystemHost - ok
20:49:06.0895 6124 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:49:06.0926 6124 WebClient - ok
20:49:06.0958 6124 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:49:07.0020 6124 Wecsvc - ok
20:49:07.0036 6124 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:49:07.0114 6124 wercplsupport - ok
20:49:07.0129 6124 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:49:07.0207 6124 WerSvc - ok
20:49:07.0223 6124 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:49:07.0285 6124 WfpLwf - ok
20:49:07.0301 6124 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:49:07.0332 6124 WIMMount - ok
20:49:07.0394 6124 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:49:07.0441 6124 WinDefend - ok
20:49:07.0457 6124 WinHttpAutoProxySvc - ok
20:49:07.0519 6124 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:49:07.0582 6124 Winmgmt - ok
20:49:07.0628 6124 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:49:07.0722 6124 WinRM - ok
20:49:07.0769 6124 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:49:07.0800 6124 WinUsb - ok
20:49:07.0831 6124 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:49:07.0878 6124 Wlansvc - ok
20:49:07.0972 6124 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:49:08.0065 6124 wlidsvc - ok
20:49:08.0096 6124 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:49:08.0128 6124 WmiAcpi - ok
20:49:08.0159 6124 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:49:08.0190 6124 wmiApSrv - ok
20:49:08.0268 6124 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:49:08.0330 6124 WMPNetworkSvc - ok
20:49:08.0362 6124 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:49:08.0393 6124 WPCSvc - ok
20:49:08.0408 6124 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:49:08.0440 6124 WPDBusEnum - ok
20:49:08.0471 6124 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:49:08.0549 6124 ws2ifsl - ok
20:49:08.0611 6124 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
20:49:08.0658 6124 wscsvc - ok
20:49:08.0658 6124 WSearch - ok
20:49:08.0752 6124 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:49:08.0845 6124 wuauserv - ok
20:49:08.0861 6124 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:49:08.0923 6124 WudfPf - ok
20:49:08.0970 6124 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:49:09.0032 6124 WUDFRd - ok
20:49:09.0064 6124 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:49:09.0126 6124 wudfsvc - ok
20:49:09.0157 6124 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:49:09.0204 6124 WwanSvc - ok
20:49:09.0266 6124 [ 30B73EB97218A16CBC6DE535782A1B35 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
20:49:09.0298 6124 yukonw7 - ok
20:49:09.0329 6124 ================ Scan global ===============================
20:49:09.0376 6124 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:49:09.0407 6124 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
20:49:09.0438 6124 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
20:49:09.0469 6124 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:49:09.0500 6124 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:49:09.0500 6124 [Global] - ok
20:49:09.0500 6124 ================ Scan MBR ==================================
20:49:09.0516 6124 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:49:09.0937 6124 \Device\Harddisk0\DR0 - ok
20:49:09.0937 6124 ================ Scan VBR ==================================
20:49:09.0953 6124 [ C02F5637B64A4BB8DEB93DBF297D3795 ] \Device\Harddisk0\DR0\Partition1
20:49:09.0953 6124 \Device\Harddisk0\DR0\Partition1 - ok
20:49:09.0984 6124 [ 9D2BFF9A78C8DE2D2F8EBD73A4C9F477 ] \Device\Harddisk0\DR0\Partition2
20:49:10.0000 6124 \Device\Harddisk0\DR0\Partition2 - ok
20:49:10.0015 6124 [ B9107A5FA281496C84A2082E410CD94B ] \Device\Harddisk0\DR0\Partition3
20:49:10.0031 6124 \Device\Harddisk0\DR0\Partition3 - ok
20:49:10.0062 6124 [ 3636C47AF21A715C0D1F4C93DB2C6FFE ] \Device\Harddisk0\DR0\Partition4
20:49:10.0062 6124 \Device\Harddisk0\DR0\Partition4 - ok
20:49:10.0062 6124 ================================================== ==========
20:49:10.0062 6124 Scan finished
20:49:10.0062 6124 ================================================== ==========
20:49:10.0078 0492 Detected object count: 2
20:49:10.0078 0492 Actual detected object count: 2
20:51:17.0258 0492 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:17.0258 0492 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:51:17.0258 0492 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:17.0258 0492 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

Dit ziet er toch goed uit.

Download de Emsisoft Emergency Kit (http://download11.emsisoft.com/EmsisoftEmergencyKit.zip) naar het bureaublad en pak het ZIP bestand uit.


Open de map "EmsisoftEmergencyKit" en dubbelklik op "Start.exe"
Klik nu op "Emergency Kit Scanner" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "Ja"
http://www.imgdumper.nl/uploads5/4f8d1a3bd534a/4f8d1a3bd3fbd-EmsisoftEK11.jpg
Als de update gereed is en de melding "Update process is succesvol afgerond" verschijnt klikt u op "menu" en dan op "Scan PC"
Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
Klik Nu op de knop "Scan" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "verwijder geselecteerde" u zal nu de volgende melding krijgen maar klik hier op "Ja"
http://www.imgdumper.nl/uploads5/4f8d1a4d63784/4f8d1a4d61ffa-EmsisoftEK2.jpg
Als het verwijderen gereed is klikt u op de knop "View report" en selecteert u het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
Herstart nu de computer.

2 dingen verwijderd maar vind het logbestand nergens ..?

Hoi. Tik onder start eens dit in de zoekbalk: a2scan. Kijk of je een .txt bestand zie staan.

Helaas via deze weg vind ik het niet..

Nou ja het belangrijkste is dat er weer wat verwijderd is. Hoe gaat het nu met de traagheid?

Hij gaat beter als voordien ! :)

Alleen wanneer ik hem soms in standby zet en een tijdje later terug opstart gaat hij soms heel traag.. Als ik in word ofzo wil scrollen gaat die met stoten naar beneden.
Als ik bv op Facebook chat zit, komen de getypte letters er een voor een..

Dat probleem met het scrollen... Zijn je videokaart drivers up to date?

Heb ik eigenlijk geen idee van :(

Vraag dit even na in het windows gedeelte, wellicht kunnen ze je daar verder helpen. In ieder geval is de laptop nu weer malware vrij. Je mag de gebruikte tools verwijderen. Hernoem combofix.exe even naar uninstall en voer deze uit. Als het goed is kreeg je de melding dat combofix werd verwijderd.

Oke zal ik doen !!! Hartelijk dank voor al de moeite die je hebt gedaan !!!

Graag gedaan.:)