Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Isass.exe? en poorten closed?

None
15 antwoorden
  • 1) Heb als firewall comodo. En deze geeft aan dat er een actief proces is:
    (gebruik windows 7)

    c:\windows\system32\Isass.exe [956]
    tcp luisteren op 49168
    tcp luisteren op 49168

    bytes in: 0
    bytes out: 0

    Wat is dit voor proces? Een virus oid?

    Het gekke is dat op deze computer Isass.exe wel als actief vermeld staat en op een andere computer bij mij niet. Hierop zit ook windows 7. Is dat gebruikelijk?

    2) Als ik poorten scan via pc Flank zegt PCflank dat poorten 135, 137, 138, 139 closed zijn. Test ik deze poorten via GRC/ shield up dan zijn al mijn poorten stealth. Vreemd. Hoe kan dit? Kan dit te maken hebben dat ik een wireless printer gebruik: canon mp640? Zet ik op mijn router het wireless uit, dan zijn deze poorten stealth!

    Overigens heb ik het gevoel dat mijn computer het gewoon goed doet! Maar toch even deze vragen.
  • Het kan zijn dat het bestand door malware is aangepast!
    Want in mijn OnlineArmor komt het bestand niet voor als luisterend.

    [b:4ab14ae47e]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:4ab14ae47e]
    [list:4ab14ae47e][*:4ab14ae47e]Lees telkens elke instruktie eerst goed door.
    [*:4ab14ae47e]De gegeven instrukties gelden alleen jouw Windows.
    [*:4ab14ae47e]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat mogelijk serieuze problemen in Windows veroorzaken.
    [*:4ab14ae47e][b:4ab14ae47e]Installeer geen nieuwe programma's, updates of nieuwe hardware terwijl we met de fix bezig zijn.
    [*:4ab14ae47e]Gebruik ook geen andere programma's of tools dan diegenen waartoe ik opdracht geef.[/b:4ab14ae47e]
    [*:4ab14ae47e] Emoticons (smileys) a.u.b. uitzetten, wanneer je een log post.
    [*:4ab14ae47e]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken.
    [*:4ab14ae47e]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht.
    [*:4ab14ae47e]Ook indien je iets niet begrijpt, meldt dat dan.
    [*:4ab14ae47e]De fix, eenmaal gestart, dient afgewerkt te worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:4ab14ae47e][/color:4ab14ae47e]

    [b:4ab14ae47e]Stap •1•[/b:4ab14ae47e][/color:4ab14ae47e]
    [b:4ab14ae47e]Welk programma[/b:4ab14ae47e]: sUbs [b:4ab14ae47e]dds[/b:4ab14ae47e]
    [b:4ab14ae47e]Waarvoor/waarom[/b:4ab14ae47e]: DDS is een diagnosetool en maakt gebruik van scripts.
    [b:4ab14ae47e]Moeilijkheidsgraad[/b:4ab14ae47e]: Lees eerst goed wat te doen.
    [b:4ab14ae47e]Downloadlokatie[/b:4ab14ae47e]: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen!
    [b:4ab14ae47e]Download DDS[/b:4ab14ae47e] van [b:4ab14ae47e]sUBS[/b:4ab14ae47e] van één van deze locaties en plaats het op je [b:4ab14ae47e]bureaublad[/b:4ab14ae47e]:
    [b:4ab14ae47e]DDS - Bleeping Computer download.
    DDS - Bleeping Computer download.
    DDS - Infospyware.[/b:4ab14ae47e]

    [img:4ab14ae47e]http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif[/img:4ab14ae47e]

    [b:4ab14ae47e]sUBs dds.scr gebruiken[/b:4ab14ae47e]:
    [list:4ab14ae47e][*:4ab14ae47e][b:4ab14ae47e]Belangrijk[/color:4ab14ae47e][/b:4ab14ae47e]: deaktiveer eerst de antivirussoftware en de aktieve spywarescanners!
    [*:4ab14ae47e] [b:4ab14ae47e]Sluit vervolgens eerst alle nog openstaande programmavensters![/color:4ab14ae47e][/b:4ab14ae47e]
    [list:4ab14ae47e][*:4ab14ae47e]Windows 2000 en Windows XP: start sUBs dds.scr middels dubbelklik op de snelkoppeling.
    [*:4ab14ae47e]Windows Vista en Windows 7: start sUBs dds.scr rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:4ab14ae47e]
    [*:4ab14ae47e] Na de scan worden twee tekstdocumnenten geopend - DDS.txt en Attach.txt
    [*:4ab14ae47e] Kopieer en plak de gehele inhoud van de [b:4ab14ae47e]DDS-logfile[/b:4ab14ae47e] in jouw volgende bericht.
    [*:4ab14ae47e] Attach.txt post je pas wanneer ik er om vraag.[/list:u:4ab14ae47e]

    [b:4ab14ae47e]Stap •2•[/b:4ab14ae47e][/color:4ab14ae47e]
    [b:4ab14ae47e]Welk programma[/b:4ab14ae47e]: Malwarebytes MBAM
    [b:4ab14ae47e]Waarvoor/waarom[/b:4ab14ae47e]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
    [b:4ab14ae47e]Moeilijkheidsgraad[/b:4ab14ae47e]: geen.

    [b:4ab14ae47e]Download Malwarebytes MBAM via één van deze locaties[/b:4ab14ae47e]:
    [list:4ab14ae47e][*:4ab14ae47e][b:4ab14ae47e]Softpedia.com[/b:4ab14ae47e][*:4ab14ae47e][b:4ab14ae47e]Majorgeeks.com[/b:4ab14ae47e][/list:u:4ab14ae47e]
    [b:4ab14ae47e]Allereerst[/b:4ab14ae47e]:[list:4ab14ae47e][*:4ab14ae47e] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
    [*:4ab14ae47e] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'!
    [b:4ab14ae47e]Malwarebytes MBAM opstarten[/b:4ab14ae47e]:
    [list:4ab14ae47e][*:4ab14ae47e] [b:4ab14ae47e]Sluit nu eerst alle nog openstaande programmavensters![/color:4ab14ae47e][/b:4ab14ae47e]
    [list:4ab14ae47e][*:4ab14ae47e][b:4ab14ae47e]Windows 2000[/color:4ab14ae47e][/b:4ab14ae47e] en [b:4ab14ae47e]Windows XP[/b:4ab14ae47e][/color:4ab14ae47e]: start MBAM middels dubbelklik op de snelkoppeling.
    [*:4ab14ae47e][b:4ab14ae47e]Windows Vista[/b:4ab14ae47e][/color:4ab14ae47e] en [b:4ab14ae47e]Windows 7[/b:4ab14ae47e][/color:4ab14ae47e]: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:4ab14ae47e][/list:u:4ab14ae47e][/list:u:4ab14ae47e]
    [list:4ab14ae47e][*:4ab14ae47e][b:4ab14ae47e]Let op:[/b:4ab14ae47e]
    [list:4ab14ae47e][*:4ab14ae47e]Malwarebytes verstrekt nu de volledige versie van MBAM.
    [*:4ab14ae47e]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie.
    [*:4ab14ae47e]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken.
    [*:4ab14ae47e]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:4ab14ae47e]
    [img:4ab14ae47e]http://img30.imageshack.us/img30/3928/mbam2.png[/img:4ab14ae47e]

    [*:4ab14ae47e][b:4ab14ae47e]Doe ook nog het volgende:[/b:4ab14ae47e]
    [list:4ab14ae47e][*:4ab14ae47e]Zodra het programma gestart is, ga dan naar het tabblad "[b:4ab14ae47e]Instellingen[/b:4ab14ae47e]".
    [*:4ab14ae47e]Vink hier aan: "[b:4ab14ae47e]Sluit Internet Explorer tijdens verwijdering van malware[/b:4ab14ae47e]".[/list:u:4ab14ae47e][/list:u:4ab14ae47e]
    [b:4ab14ae47e]Scannen[/b:4ab14ae47e]:
    [list:4ab14ae47e][*:4ab14ae47e] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
    [*:4ab14ae47e]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
    [*:4ab14ae47e]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:4ab14ae47e]
    [b:4ab14ae47e]Infecties gevonden[/b:4ab14ae47e]:
    [list:4ab14ae47e][*:4ab14ae47e]Klik nu eerst op OK om de melding weg te klikken
    [*:4ab14ae47e]Klik vervolgens rechtsonder op de knop Bekijk resultaten.
    [*:4ab14ae47e]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
    [*:4ab14ae47e]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    [*:4ab14ae47e]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
    [*:4ab14ae47e]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:4ab14ae47e]
    [b:4ab14ae47e]MBAM-Log[/b:4ab14ae47e]:
    [list:4ab14ae47e][*:4ab14ae47e] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.

    [/list:u:4ab14ae47e]
    [b:4ab14ae47e]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:4ab14ae47e]
  • .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_31
    Run by Desktop1 at 16:28:06 on 2012-04-03
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.12031.10375 [GMT 2:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
    FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Program Files\Sandboxie\SbieSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Macrium\Reflect\ReflectService.exe
    C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\Program Files\Sandboxie\SbieCtrl.exe
    C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
    C:\Program Files\Spamihilator\spamihilator.exe
    C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe
    C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
    uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    uRun: [<NO NAME>]
    uRun: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe"
    mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk"&"inst=NzctNzMxNzQ3NjkxLVNUMTJGT0krMS1ERFQrMC1FVUxBKzEtU1QxMkZBUFArMQ"&"prod=90"&"ver=2012.0.1809"&"mid=976a9517da6947d1bcbe6de7838a48a8-9f94b7e529eeb543e61c8400f77cb52237492586
    StartupFolder: C:\Users\Desktop1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SPAMIH~1.LNK - C:\Program Files (x86)\Spamihilator\spamihilator.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{9459511D-A535-4795-A9E8-4BAB8490A8F6} : DhcpNameServer = 192.168.1.1
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
    {3785D0AD-BFFF-47F6-BF5B-A587C162FED9}
    {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
    {DBC80044-A445-435b-BC74-9C25C1C588A9}
    {759D9886-0C6F-4498-BAB6-4A5F47C6C72F}
    EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
    mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun-x64: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe"
    mRun-x64: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRunOnce-x64: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk"&"inst=NzctNzMxNzQ3NjkxLVNUMTJGT0krMS1ERFQrMC1FVUxBKzEtU1QxMkZBUFArMQ"&"prod=90"&"ver=2012.0.1809"&"mid=976a9517da6947d1bcbe6de7838a48a8-9f94b7e529eeb543e61c8400f77cb52237492586
    AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll
    SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Desktop1\AppData\Roaming\Mozilla\Firefox\Profiles\wx8rcqhc.default\
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR
    ppdf32.dll
    FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2
    pdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2
    pjp2.dll
    FF - plugin: C:\Users\Desktop1\AppData\Roaming\Mozilla\Firefox\Profiles\wx8rcqhc.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins
    pqscan.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys –> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys –> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys –> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys –> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys –> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys –> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
    R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys –> C:\Windows\system32\DRIVERS\cmdguard.sys [?]
    R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys –> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]
    R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe –> C:\Windows\system32\atiesrxx.exe [?]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
    R2 ReflectService.exe;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2012-3-29 301720]
    R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-10-9 386344]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys –> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys –> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys –> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
    R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys –> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
    R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS
    usb3hub.sys –> C:\Windows\system32\DRIVERS
    usb3hub.sys [?]
    R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS
    usb3xhc.sys –> C:\Windows\system32\DRIVERS
    usb3xhc.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys –> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2011-8-27 156288]
    S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\system32\drivers
    mwcdnsucx64.sys –> C:\Windows\system32\drivers
    mwcdnsucx64.sys [?]
    S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers
    mwcdnsux64.sys –> C:\Windows\system32\drivers
    mwcdnsux64.sys [?]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys –> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys –> C:\Windows\system32\drivers\tsusbflt.sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-03-31 15:58:43 ——– d—–w- C:\Users\Desktop1\AppData\Roaming\Malwarebytes
    2012-03-31 15:58:37 23152 —-a-w- C:\Windows\System32\drivers\mbam.sys
    2012-03-31 15:58:37 ——– d—–w- C:\ProgramData\Malwarebytes
    2012-03-31 15:58:37 ——– d—–w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-03-31 13:28:53 ——– d–h–w- C:\ProgramData\CanonIJEGV
    2012-03-29 14:48:54 43672 —-a-w- C:\Windows\System32\drivers\psmounter.sys
    2012-03-29 14:48:54 13464 —-a-w- C:\Windows\System32\drivers\PSVolAcc.sys
    2012-03-26 17:12:48 ——– d—–w- C:\Users\Desktop1\AppData\Roaming\QuickScan
    2012-03-18 18:56:05 592824 —-a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
    2012-03-18 18:56:05 44472 —-a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
    2012-03-16 20:06:12 9216 —-a-w- C:\Windows\System32\rdrmemptylst.exe
    2012-03-16 20:06:12 77312 —-a-w- C:\Windows\System32\rdpwsx.dll
    2012-03-16 20:06:12 3145728 —-a-w- C:\Windows\System32\win32k.sys
    2012-03-16 20:06:12 149504 —-a-w- C:\Windows\System32\rdpcorekmts.dll
    2012-03-16 20:06:09 1544192 —-a-w- C:\Windows\System32\DWrite.dll
    2012-03-16 20:06:09 1077248 —-a-w- C:\Windows\SysWow64\DWrite.dll
    2012-03-16 20:06:08 826880 —-a-w- C:\Windows\SysWow64\rdpcore.dll
    2012-03-16 20:06:08 23552 —-a-w- C:\Windows\System32\drivers\tdtcp.sys
    2012-03-16 20:06:08 210944 —-a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-03-16 20:06:08 1112064 —-a-w- C:\Windows\System32\rdpcorets.dll
    2012-03-16 20:06:08 1031680 —-a-w- C:\Windows\System32\rdpcore.dll
    2012-03-13 18:31:58 ——– d—–w- C:\Users\Desktop1\AppData\Roaming\Belastingdienst
    2012-03-12 18:40:34 ——– d—–w- C:\Users\Desktop1\AppData\Roaming\f-secure
    2012-03-12 18:40:26 ——– d—–w- C:\ProgramData\F-Secure
    .
    ==================== Find3M ====================
    .
    2012-03-11 21:13:41 43248 —-a-w- C:\Windows\System32\drivers\cmdhlp.sys
    2012-03-11 21:13:40 577824 —-a-w- C:\Windows\System32\drivers\cmdGuard.sys
    2012-03-11 21:13:38 22696 —-a-w- C:\Windows\System32\drivers\cmderd.sys
    2012-03-11 21:13:20 41200 —-a-w- C:\Windows\System32\cmdcsr.dll
    2012-03-11 21:13:18 301224 —-a-w- C:\Windows\SysWow64\guard32.dll
    2012-03-11 21:13:17 389840 —-a-w- C:\Windows\System32\guard64.dll
    2012-03-02 08:38:15 472808 —-a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-02-22 14:33:50 414368 —-a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    .
    ============= FINISH: 16:28:28,49 ===============



    Malwarebytes Anti-Malware 1.60.1.1000
    www.malwarebytes.org

    Databaseversie: v2012.04.03.08

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 8.0.7601.17514
    Desktop1 :: DESKTOP1-PC [administrator]

    3-4-2012 16:31:35
    mbam-log-2012-04-03 (16-31-35).txt

    Scantype: Volledige scan
    Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scanopties: P2P
    Objecten gescand: 344588
    Verstreken tijd: 16 minuut/minuten, 49 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)
  • Je mag het volgende gaan doen:

    [b:e3fc04d98a]Stap •1•[/b:e3fc04d98a][/color:e3fc04d98a]
    [b:e3fc04d98a]Welk programma[/b:e3fc04d98a]: [b:e3fc04d98a]TDSSStarter.exe[/b:e3fc04d98a]
    [b:e3fc04d98a]Waarvoor/waarom[/b:e3fc04d98a]: Rootkitscanner
    [b:e3fc04d98a]Moeilijkheidsgraad[/b:e3fc04d98a]: geen
    Download [b:e3fc04d98a]TDSSStarter[/b:e3fc04d98a] naar het bureaublad.

    [b:e3fc04d98a]"TDSSSStarter.exe" gebruiken[/b:e3fc04d98a]:
    [list:e3fc04d98a][*:e3fc04d98a] [b:e3fc04d98a]Sluit nu eerst alle nog openstaande programmavensters![/color:e3fc04d98a][/b:e3fc04d98a]
    [list:e3fc04d98a][*:e3fc04d98a][b:e3fc04d98a]Windows 2000[/color:e3fc04d98a][/b:e3fc04d98a] en [b:e3fc04d98a]Windows XP[/b:e3fc04d98a][/color:e3fc04d98a]: start het tool middels dubbelklik op "[i:e3fc04d98a] TDSSStarter .exe[/i:e3fc04d98a]".
    [*:e3fc04d98a][b:e3fc04d98a]Windows Vista[/b:e3fc04d98a][/color:e3fc04d98a] en [b:e3fc04d98a]Windows 7[/b:e3fc04d98a][/color:e3fc04d98a]: start het tool middels rechtsklik op "[i:e3fc04d98a]TDSSStarter.exe[/i:e3fc04d98a]" en dan kiezen voor [i:e3fc04d98a][b:e3fc04d98a]Als Administrator uitvoeren[/b:e3fc04d98a][/i:e3fc04d98a].[/list:u:e3fc04d98a]

    [*:e3fc04d98a]Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten.
    [*:e3fc04d98a]Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.[/list:u:e3fc04d98a]


    [b:e3fc04d98a]Stap •2•[/b:e3fc04d98a][/color:e3fc04d98a]
    [b:e3fc04d98a]Welk programma[/b:e3fc04d98a]: ComboFix
    [b:e3fc04d98a]Waarvoor/waarom[/b:e3fc04d98a]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:e3fc04d98a]Moeilijkheidsgraad[/b:e3fc04d98a]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:e3fc04d98a]Downloadlokatie[/b:e3fc04d98a]: Dit programma absoluut naar het bureaublad downloaden!
    [b:e3fc04d98a]Download ComboFix via één van deze locaties[/b:e3fc04d98a]:
    [list:e3fc04d98a][*:e3fc04d98a][b:e3fc04d98a]Bleepingcomputer[/b:e3fc04d98a]
    [*:e3fc04d98a][b:e3fc04d98a]ForoSpyware[/b:e3fc04d98a]
    [*:e3fc04d98a][b:e3fc04d98a]Geekstogo[/b:e3fc04d98a][/list:u:e3fc04d98a]
    [b:e3fc04d98a]Hier[/b:e3fc04d98a] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:e3fc04d98a]Hier[/b:e3fc04d98a] en [b:e3fc04d98a]hier[/b:e3fc04d98a] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:e3fc04d98a]Voor alle duidelijkheid nogmaals[/b:e3fc04d98a]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:e3fc04d98a]Opmerkingen[/b:e3fc04d98a]:
    [list:e3fc04d98a][*:e3fc04d98a] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren!
    Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).[/list:u:e3fc04d98a]
    [b:e3fc04d98a]ComboFix opstarten[/b:e3fc04d98a]:
    [list:e3fc04d98a][*:e3fc04d98a] [b:e3fc04d98a]Sluit nu eerst alle nog openstaande programmavensters![/color:e3fc04d98a][/b:e3fc04d98a]
    [list:e3fc04d98a][*:e3fc04d98a][b:e3fc04d98a]Windows 2000[/color:e3fc04d98a][/b:e3fc04d98a] en [b:e3fc04d98a]Windows XP[/b:e3fc04d98a][/color:e3fc04d98a]: start ComboFix.exe middels dubbelklik op ComboFix.exe.
    [*:e3fc04d98a][b:e3fc04d98a]Windows Vista[/b:e3fc04d98a][/color:e3fc04d98a] en [b:e3fc04d98a]Windows 7[/b:e3fc04d98a][/color:e3fc04d98a]: start ComboFix.exe via rechtsklik op ComboFix.exe en kies dan voor [i:e3fc04d98a][b:e3fc04d98a]Als Administrator uitvoeren[/b:e3fc04d98a][/i:e3fc04d98a].[/list:u:e3fc04d98a][/list:u:e3fc04d98a]
    [b:e3fc04d98a]ComboFix is opgestart[/b:e3fc04d98a]:
    [list:e3fc04d98a][*:e3fc04d98a]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:e3fc04d98a]Combofix sluit tijdens de scan de internet verbinding; probeer deze tussentijds niet te herstellen!
    [*:e3fc04d98a]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:e3fc04d98a]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:e3fc04d98a]Post de inhoud van dit logbestand in je volgende bericht.
    [*:e3fc04d98a]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:e3fc04d98a]
    [b:e3fc04d98a]Belangrijke opmerking[/b:e3fc04d98a]:
    [list:e3fc04d98a][*:e3fc04d98a][b:e3fc04d98a]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:e3fc04d98a][/b:e3fc04d98a]
    [*:e3fc04d98a][b:e3fc04d98a]Illegal operation attempted on a registery key that has been marked for deletion.[/color:e3fc04d98a][/b:e3fc04d98a]
    [*:e3fc04d98a][b:e3fc04d98a]Start dan de computer opnieuw op.[/color:e3fc04d98a][/b:e3fc04d98a][/list:u:e3fc04d98a]

    [b:e3fc04d98a]Stap •3•[/b:e3fc04d98a][/color:e3fc04d98a]
    [b:e3fc04d98a]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:e3fc04d98a]
    [list:e3fc04d98a][*:e3fc04d98a] TDSSKStarter-log
    [*:e3fc04d98a] ComboFix.txt-log
    [/list:u:e3fc04d98a]
  • Nou daar komen ze: ( bedankt alvast voor je hulp)

    13:41:01.0981 4708 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
    13:41:01.0982 4708 ============================================================
    13:41:01.0982 4708 Current date / time: 2012/04/06 13:41:01.0982
    13:41:01.0982 4708 SystemInfo:
    13:41:01.0982 4708
    13:41:01.0982 4708 OS Version: 6.1.7601 ServicePack: 1.0
    13:41:01.0982 4708 Product type: Workstation
    13:41:01.0982 4708 ComputerName: DESKTOP1-PC
    13:41:01.0983 4708 UserName: Desktop1
    13:41:01.0983 4708 Windows directory: C:\Windows
    13:41:01.0983 4708 System windows directory: C:\Windows
    13:41:01.0983 4708 Running under WOW64
    13:41:01.0983 4708 Processor architecture: Intel x64
    13:41:01.0983 4708 Number of processors: 4
    13:41:01.0983 4708 Page size: 0x1000
    13:41:01.0983 4708 Boot type: Normal boot
    13:41:01.0983 4708 ============================================================
    13:41:02.0245 4708 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    13:41:02.0246 4708 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    13:41:02.0250 4708 Drive \Device\Harddisk2\DR2 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    13:41:02.0285 4708 \Device\Harddisk0\DR0:
    13:41:02.0285 4708 MBR used
    13:41:02.0285 4708 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    13:41:02.0285 4708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
    13:41:02.0285 4708 \Device\Harddisk1\DR1:
    13:41:02.0285 4708 MBR used
    13:41:02.0285 4708 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31E000
    13:41:02.0285 4708 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x30D40000
    13:41:02.0285 4708 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3D091000, BlocksNum 0x37675000
    13:41:02.0285 4708 \Device\Harddisk2\DR2:
    13:41:02.0291 4708 MBR used
    13:41:02.0291 4708 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
    13:41:02.0332 4708 Initialize success
    13:41:02.0332 4708 ============================================================
    13:41:02.0362 3556 ============================================================
    13:41:02.0362 3556 Scan started
    13:41:02.0362 3556 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
    13:41:02.0362 3556 ============================================================
    13:41:02.0680 3556 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    13:41:02.0746 3556 1394ohci - ok
    13:41:02.0762 3556 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    13:41:02.0777 3556 ACPI - ok
    13:41:02.0790 3556 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    13:41:02.0813 3556 AcpiPmi - ok
    13:41:02.0820 3556 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    13:41:02.0832 3556 AdobeActiveFileMonitor7.0 - ok
    13:41:02.0838 3556 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    13:41:02.0847 3556 AdobeARMservice - ok
    13:41:02.0860 3556 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    13:41:02.0873 3556 AdobeFlashPlayerUpdateSvc - ok
    13:41:02.0890 3556 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    13:41:02.0908 3556 adp94xx - ok
    13:41:02.0924 3556 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    13:41:02.0939 3556 adpahci - ok
    13:41:02.0954 3556 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    13:41:02.0967 3556 adpu320 - ok
    13:41:02.0978 3556 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
    13:41:03.0027 3556 AeLookupSvc - ok
    13:41:03.0044 3556 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
    13:41:03.0076 3556 AFD - ok
    13:41:03.0090 3556 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    13:41:03.0101 3556 agp440 - ok
    13:41:03.0113 3556 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
    13:41:03.0129 3556 ALG - ok
    13:41:03.0142 3556 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    13:41:03.0153 3556 aliide - ok
    13:41:03.0167 3556 AMD External Events Utility (e0fd88ead5d8b1fae64a500d1d825c6d) C:\Windows\system32\atiesrxx.exe
    13:41:03.0190 3556 AMD External Events Utility - ok
    13:41:03.0203 3556 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    13:41:03.0213 3556 amdide - ok
    13:41:03.0228 3556 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    13:41:03.0241 3556 AmdK8 - ok
    13:41:03.0301 3556 amdkmdag (9337b5fabc03ca44cd355f700da9b25b) C:\Windows\system32\DRIVERS\atipmdag.sys
    13:41:03.0383 3556 amdkmdag - ok
    13:41:03.0399 3556 amdkmdap (560688a447e7a87f43774a2ff23a3e52) C:\Windows\system32\DRIVERS\atikmpag.sys
    13:41:03.0416 3556 amdkmdap - ok
    13:41:03.0430 3556 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    13:41:03.0444 3556 AmdPPM - ok
    13:41:03.0458 3556 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
    13:41:03.0470 3556 amdsata - ok
    13:41:03.0485 3556 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    13:41:03.0498 3556 amdsbs - ok
    13:41:03.0512 3556 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
    13:41:03.0523 3556 amdxata - ok
    13:41:03.0537 3556 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    13:41:03.0593 3556 AppID - ok
    13:41:03.0604 3556 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
    13:41:03.0635 3556 AppIDSvc - ok
    13:41:03.0646 3556 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
    13:41:03.0676 3556 Appinfo - ok
    13:41:03.0689 3556 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
    13:41:03.0705 3556 AppMgmt - ok
    13:41:03.0719 3556 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    13:41:03.0730 3556 arc - ok
    13:41:03.0744 3556 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    13:41:03.0756 3556 arcsas - ok
    13:41:03.0770 3556 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    13:41:03.0801 3556 AsyncMac - ok
    13:41:03.0815 3556 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    13:41:03.0825 3556 atapi - ok
    13:41:03.0841 3556 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
    13:41:03.0854 3556 AtiHdmiService - ok
    13:41:03.0868 3556 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
    13:41:03.0897 3556 AtiPcie - ok
    13:41:03.0913 3556 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
    13:41:03.0949 3556 AudioEndpointBuilder - ok
    13:41:03.0956 3556 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
    13:41:03.0989 3556 AudioSrv - ok
    13:41:04.0029 3556 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    13:41:04.0101 3556 AVGIDSAgent - ok
    13:41:04.0115 3556 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
    13:41:04.0126 3556 AVGIDSDriver - ok
    13:41:04.0140 3556 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
    13:41:04.0149 3556 AVGIDSEH - ok
    13:41:04.0161 3556 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
    13:41:04.0171 3556 AVGIDSFilter - ok
    13:41:04.0187 3556 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
    13:41:04.0200 3556 Avgldx64 - ok
    13:41:04.0214 3556 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
    13:41:04.0223 3556 Avgmfx64 - ok
    13:41:04.0248 3556 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
    13:41:04.0258 3556 Avgrkx64 - ok
    13:41:04.0274 3556 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
    13:41:04.0288 3556 Avgtdia - ok
    13:41:04.0295 3556 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    13:41:04.0307 3556 avgwd - ok
    13:41:04.0319 3556 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
    13:41:04.0342 3556 AxInstSV - ok
    13:41:04.0359 3556 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    13:41:04.0377 3556 b06bdrv - ok
    13:41:04.0393 3556 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    13:41:04.0409 3556 b57nd60a - ok
    13:41:04.0422 3556 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
    13:41:04.0437 3556 BDESVC - ok
    13:41:04.0451 3556 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    13:41:04.0481 3556 Beep - ok
    13:41:04.0499 3556 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
    13:41:04.0535 3556 BFE - ok
    13:41:04.0553 3556 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
    13:41:04.0592 3556 BITS - ok
    13:41:04.0606 3556 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    13:41:04.0620 3556 blbdrive - ok
    13:41:04.0634 3556 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    13:41:04.0650 3556 bowser - ok
    13:41:04.0663 3556 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    13:41:04.0686 3556 BrFiltLo - ok
    13:41:04.0699 3556 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    13:41:04.0713 3556 BrFiltUp - ok
    13:41:04.0725 3556 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
    13:41:04.0756 3556 Browser - ok
    13:41:04.0772 3556 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    13:41:04.0789 3556 Brserid - ok
    13:41:04.0803 3556 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    13:41:04.0818 3556 BrSerWdm - ok
    13:41:04.0831 3556 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    13:41:04.0846 3556 BrUsbMdm - ok
    13:41:04.0859 3556 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    13:41:04.0872 3556 BrUsbSer - ok
    13:41:04.0887 3556 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    13:41:04.0903 3556 BTHMODEM - ok
    13:41:04.0914 3556 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
    13:41:04.0946 3556 bthserv - ok
    13:41:04.0960 3556 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    13:41:04.0991 3556 cdfs - ok
    13:41:05.0006 3556 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
    13:41:05.0020 3556 cdrom - ok
    13:41:05.0033 3556 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
    13:41:05.0063 3556 CertPropSvc - ok
    13:41:05.0077 3556 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    13:41:05.0092 3556 circlass - ok
    13:41:05.0106 3556 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    13:41:05.0122 3556 CLFS - ok
    13:41:05.0129 3556 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    13:41:05.0139 3556 clr_optimization_v2.0.50727_32 - ok
    13:41:05.0147 3556 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    13:41:05.0157 3556 clr_optimization_v2.0.50727_64 - ok
    13:41:05.0171 3556 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    13:41:05.0184 3556 CmBatt - ok
    13:41:05.0208 3556 cmdAgent (cee48ccc4d561ddb19c72f9fb55d28d5) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    13:41:05.0254 3556 cmdAgent - ok
    13:41:05.0273 3556 cmdGuard (0599d5a458d4e0e37ab84e9d1c5c73e5) C:\Windows\system32\DRIVERS\cmdguard.sys
    13:41:05.0290 3556 cmdGuard - ok
    13:41:05.0304 3556 cmdHlp (2d3e08c7106f748f9eff3dec14142d3e) C:\Windows\system32\DRIVERS\cmdhlp.sys
    13:41:05.0313 3556 cmdHlp - ok
    13:41:05.0327 3556 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    13:41:05.0338 3556 cmdide - ok
    13:41:05.0354 3556 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
    13:41:05.0377 3556 CNG - ok
    13:41:05.0391 3556 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    13:41:05.0402 3556 Compbatt - ok
    13:41:05.0416 3556 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    13:41:05.0431 3556 CompositeBus - ok
    13:41:05.0441 3556 COMSysApp - ok
    13:41:05.0451 3556 cpuz134 - ok
    13:41:05.0464 3556 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    13:41:05.0475 3556 crcdisk - ok
    13:41:05.0488 3556 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
    13:41:05.0519 3556 CryptSvc - ok
    13:41:05.0536 3556 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
    13:41:05.0555 3556 CSC - ok
    13:41:05.0570 3556 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
    13:41:05.0590 3556 CscService - ok
    13:41:05.0605 3556 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
    13:41:05.0640 3556 DcomLaunch - ok
    13:41:05.0654 3556 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
    13:41:05.0688 3556 defragsvc - ok
    13:41:05.0705 3556 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    13:41:05.0736 3556 DfsC - ok
    13:41:05.0749 3556 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
    13:41:05.0782 3556 Dhcp - ok
    13:41:05.0797 3556 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    13:41:05.0828 3556 discache - ok
    13:41:05.0842 3556 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    13:41:05.0854 3556 Disk - ok
    13:41:05.0866 3556 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
    13:41:05.0881 3556 Dnscache - ok
    13:41:05.0895 3556 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
    13:41:05.0927 3556 dot3svc - ok
    13:41:05.0939 3556 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
    13:41:05.0970 3556 DPS - ok
    13:41:05.0984 3556 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    13:41:05.0998 3556 drmkaud - ok
    13:41:06.0019 3556 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    13:41:06.0043 3556 DXGKrnl - ok
    13:41:06.0055 3556 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
    13:41:06.0087 3556 EapHost - ok
    13:41:06.0127 3556 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    13:41:06.0175 3556 ebdrv - ok
    13:41:06.0187 3556 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
    13:41:06.0201 3556 EFS - ok
    13:41:06.0211 3556 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
    13:41:06.0234 3556 ehRecvr - ok
    13:41:06.0240 3556 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
    13:41:06.0255 3556 ehSched - ok
    13:41:06.0273 3556 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    13:41:06.0291 3556 elxstor - ok
    13:41:06.0305 3556 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    13:41:06.0318 3556 ErrDev - ok
    13:41:06.0333 3556 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
    13:41:06.0368 3556 EventSystem - ok
    13:41:06.0383 3556 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    13:41:06.0415 3556 exfat - ok
    13:41:06.0430 3556 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    13:41:06.0463 3556 fastfat - ok
    13:41:06.0480 3556 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
    13:41:06.0500 3556 Fax - ok
    13:41:06.0514 3556 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    13:41:06.0527 3556 fdc - ok
    13:41:06.0538 3556 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
    13:41:06.0569 3556 fdPHost - ok
    13:41:06.0580 3556 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
    13:41:06.0611 3556 FDResPub - ok
    13:41:06.0625 3556 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    13:41:06.0637 3556 FileInfo - ok
    13:41:06.0650 3556 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    13:41:06.0681 3556 Filetrace - ok
    13:41:06.0690 3556 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    13:41:06.0732 3556 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
    13:41:06.0732 3556 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
    13:41:06.0746 3556 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    13:41:06.0759 3556 flpydisk - ok
    13:41:06.0775 3556 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    13:41:06.0790 3556 FltMgr - ok
    13:41:06.0809 3556 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
    13:41:06.0851 3556 FontCache - ok
    13:41:06.0857 3556 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    13:41:06.0867 3556 FontCache3.0.0.0 - ok
    13:41:06.0881 3556 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    13:41:06.0892 3556 FsDepends - ok
    13:41:06.0906 3556 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    13:41:06.0917 3556 Fs_Rec - ok
    13:41:06.0932 3556 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    13:41:06.0948 3556 fvevol - ok
    13:41:06.0962 3556 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    13:41:06.0974 3556 gagp30kx - ok
    13:41:06.0991 3556 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
    13:41:07.0028 3556 gpsvc - ok
    13:41:07.0043 3556 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    13:41:07.0057 3556 hcw85cir - ok
    13:41:07.0074 3556 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    13:41:07.0093 3556 HdAudAddService - ok
    13:41:07.0108 3556 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    13:41:07.0123 3556 HDAudBus - ok
    13:41:07.0137 3556 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    13:41:07.0150 3556 HidBatt - ok
    13:41:07.0164 3556 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    13:41:07.0180 3556 HidBth - ok
    13:41:07.0194 3556 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    13:41:07.0210 3556 HidIr - ok
    13:41:07.0220 3556 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
    13:41:07.0251 3556 hidserv - ok
    13:41:07.0266 3556 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
    13:41:07.0279 3556 HidUsb - ok
    13:41:07.0290 3556 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
    13:41:07.0320 3556 hkmsvc - ok
    13:41:07.0333 3556 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
    13:41:07.0349 3556 HomeGroupListener - ok
    13:41:07.0361 3556 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
    13:41:07.0376 3556 HomeGroupProvider - ok
    13:41:07.0391 3556 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    13:41:07.0402 3556 HpSAMD - ok
    13:41:07.0419 3556 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    13:41:07.0457 3556 HTTP - ok
    13:41:07.0471 3556 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    13:41:07.0481 3556 hwpolicy - ok
    13:41:07.0496 3556 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    13:41:07.0510 3556 i8042prt - ok
    13:41:07.0527 3556 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
    13:41:07.0543 3556 iaStorV - ok
    13:41:07.0555 3556 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    13:41:07.0576 3556 idsvc - ok
    13:41:07.0591 3556 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    13:41:07.0602 3556 iirsp - ok
    13:41:07.0619 3556 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
    13:41:07.0658 3556 IKEEXT - ok
    13:41:07.0673 3556 inspect (efff0afd27cc97bf0e5e0bab78419de7) C:\Windows\system32\DRIVERS\inspect.sys
    13:41:07.0684 3556 inspect - ok
    13:41:07.0717 3556 IntcAzAudAddService (f5872a11eb4f6db170d636cd4e53ca9f) C:\Windows\system32\drivers\RTKVHD64.sys
    13:41:07.0772 3556 IntcAzAudAddService - ok
    13:41:07.0786 3556 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    13:41:07.0796 3556 intelide - ok
    13:41:07.0810 3556 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    13:41:07.0824 3556 intelppm - ok
    13:41:07.0836 3556 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
    13:41:07.0867 3556 IPBusEnum - ok
    13:41:07.0881 3556 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    13:41:07.0912 3556 IpFilterDriver - ok
    13:41:07.0927 3556 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
    13:41:07.0962 3556 iphlpsvc - ok
    13:41:07.0976 3556 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    13:41:07.0990 3556 IPMIDRV - ok
    13:41:08.0004 3556 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    13:41:08.0036 3556 IPNAT - ok
    13:41:08.0050 3556 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    13:41:08.0072 3556 IRENUM - ok
    13:41:08.0085 3556 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    13:41:08.0096 3556 isapnp - ok
    13:41:08.0111 3556 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    13:41:08.0125 3556 iScsiPrt - ok
    13:41:08.0140 3556 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    13:41:08.0151 3556 kbdclass - ok
    13:41:08.0165 3556 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    13:41:08.0178 3556 kbdhid - ok
    13:41:08.0189 3556 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    13:41:08.0201 3556 KeyIso - ok
    13:41:08.0215 3556 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
    13:41:08.0227 3556 KSecDD - ok
    13:41:08.0242 3556 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
    13:41:08.0254 3556 KSecPkg - ok
    13:41:08.0268 3556 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    13:41:08.0299 3556 ksthunk - ok
    13:41:08.0312 3556 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
    13:41:08.0348 3556 KtmRm - ok
    13:41:08.0361 3556 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
    13:41:08.0393 3556 LanmanServer - ok
    13:41:08.0405 3556 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
    13:41:08.0436 3556 LanmanWorkstation - ok
    13:41:08.0451 3556 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    13:41:08.0483 3556 lltdio - ok
    13:41:08.0496 3556 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
    13:41:08.0531 3556 lltdsvc - ok
    13:41:08.0543 3556 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
    13:41:08.0573 3556 lmhosts - ok
    13:41:08.0588 3556 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    13:41:08.0600 3556 LSI_FC - ok
    13:41:08.0614 3556 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    13:41:08.0626 3556 LSI_SAS - ok
    13:41:08.0641 3556 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    13:41:08.0652 3556 LSI_SAS2 - ok
    13:41:08.0667 3556 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    13:41:08.0679 3556 LSI_SCSI - ok
    13:41:08.0694 3556 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    13:41:08.0726 3556 luafv - ok
    13:41:08.0738 3556 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
    13:41:08.0752 3556 Mcx2Svc - ok
    13:41:08.0766 3556 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    13:41:08.0777 3556 megasas - ok
    13:41:08.0792 3556 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    13:41:08.0807 3556 MegaSR - ok
    13:41:08.0814 3556 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
    13:41:08.0825 3556 Microsoft Office Groove Audit Service - ok
    13:41:08.0836 3556 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
    13:41:08.0867 3556 MMCSS - ok
    13:41:08.0881 3556 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    13:41:08.0912 3556 Modem - ok
    13:41:08.0926 3556 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    13:41:08.0940 3556 monitor - ok
    13:41:08.0954 3556 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    13:41:08.0966 3556 mouclass - ok
    13:41:08.0980 3556 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    13:41:08.0993 3556 mouhid - ok
    13:41:09.0007 3556 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    13:41:09.0020 3556 mountmgr - ok
    13:41:09.0033 3556 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    13:41:09.0046 3556 mpio - ok
    13:41:09.0060 3556 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    13:41:09.0091 3556 mpsdrv - ok
    13:41:09.0109 3556 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
    13:41:09.0147 3556 MpsSvc - ok
    13:41:09.0162 3556 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    13:41:09.0180 3556 MRxDAV - ok
    13:41:09.0195 3556 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    13:41:09.0210 3556 mrxsmb - ok
    13:41:09.0226 3556 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    13:41:09.0242 3556 mrxsmb10 - ok
    13:41:09.0308 3556 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    13:41:09.0328 3556 mrxsmb20 - ok
    13:41:09.0341 3556 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    13:41:09.0352 3556 msahci - ok
    13:41:09.0367 3556 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    13:41:09.0379 3556 msdsm - ok
    13:41:09.0391 3556 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
    13:41:09.0406 3556 MSDTC - ok
    13:41:09.0420 3556 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    13:41:09.0451 3556 Msfs - ok
    13:41:09.0464 3556 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    13:41:09.0495 3556 mshidkmdf - ok
    13:41:09.0508 3556 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    13:41:09.0519 3556 msisadrv - ok
    13:41:09.0531 3556 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
    13:41:09.0564 3556 MSiSCSI - ok
    13:41:09.0574 3556 msiserver - ok
    13:41:09.0588 3556 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    13:41:09.0619 3556 MSKSSRV - ok
    13:41:09.0632 3556 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    13:41:09.0663 3556 MSPCLOCK - ok
    13:41:09.0676 3556 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    13:41:09.0707 3556 MSPQM - ok
    13:41:09.0724 3556 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    13:41:09.0740 3556 MsRPC - ok
    13:41:09.0754 3556 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    13:41:09.0764 3556 mssmbios - ok
    13:41:09.0778 3556 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    13:41:09.0809 3556 MSTEE - ok
    13:41:09.0822 3556 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    13:41:09.0835 3556 MTConfig - ok
    13:41:09.0849 3556 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    13:41:09.0860 3556 Mup - ok
    13:41:09.0875 3556 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
    13:41:09.0910 3556 napagent - ok
    13:41:09.0927 3556 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS
    wifi.sys
    13:41:09.0946 3556 NativeWifiP - ok
    13:41:09.0968 3556 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers
    dis.sys
    13:41:09.0991 3556 NDIS - ok
    13:41:10.0005 3556 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS
    discap.sys
    13:41:10.0037 3556 NdisCap - ok
    13:41:10.0051 3556 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS
    distapi.sys
    13:41:10.0081 3556 NdisTapi - ok
    13:41:10.0095 3556 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS
    disuio.sys
    13:41:10.0125 3556 Ndisuio - ok
    13:41:10.0140 3556 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS
    diswan.sys
    13:41:10.0171 3556 NdisWan - ok
    13:41:10.0185 3556 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    13:41:10.0215 3556 NDProxy - ok
    13:41:10.0229 3556 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS
    etbios.sys
    13:41:10.0260 3556 NetBIOS - ok
    13:41:10.0275 3556 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS
    etbt.sys
    13:41:10.0307 3556 NetBT - ok
    13:41:10.0318 3556 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    13:41:10.0331 3556 Netlogon - ok
    13:41:10.0345 3556 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32
    etman.dll
    13:41:10.0379 3556 Netman - ok
    13:41:10.0395 3556 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32
    etprofm.dll
    13:41:10.0430 3556 netprofm - ok
    13:41:10.0437 3556 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    13:41:10.0463 3556 NetTcpPortSharing - ok
    13:41:10.0477 3556 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS
    frd960.sys
    13:41:10.0488 3556 nfrd960 - ok
    13:41:10.0502 3556 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32
    lasvc.dll
    13:41:10.0534 3556 NlaSvc - ok
    13:41:10.0549 3556 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys
    13:41:10.0574 3556 nmwcd - ok
    13:41:10.0588 3556 nmwcdc (41c1ac1f3613435eb32d67bcb80a5fa5) C:\Windows\system32\drivers\ccdcmbox64.sys
    13:41:10.0610 3556 nmwcdc - ok
    13:41:10.0624 3556 nmwcdnsucx64 (a962be6433ef016e0dfb52eca15a5378) C:\Windows\system32\drivers
    mwcdnsucx64.sys
    13:41:10.0646 3556 nmwcdnsucx64 - ok
    13:41:10.0662 3556 nmwcdnsux64 (9573223e205907247ae6d948e3453770) C:\Windows\system32\drivers
    mwcdnsux64.sys
    13:41:10.0686 3556 nmwcdnsux64 - ok
    13:41:10.0700 3556 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    13:41:10.0730 3556 Npfs - ok
    13:41:10.0742 3556 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32
    sisvc.dll
    13:41:10.0772 3556 nsi - ok
    13:41:10.0786 3556 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers
    siproxy.sys
    13:41:10.0817 3556 nsiproxy - ok
    13:41:10.0848 3556 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
    13:41:10.0882 3556 Ntfs - ok
    13:41:10.0898 3556 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    13:41:10.0928 3556 Null - ok
    13:41:10.0943 3556 nusb3hub (088cd71003f21f96f01c63955150a1fb) C:\Windows\system32\DRIVERS
    usb3hub.sys
    13:41:10.0955 3556 nusb3hub - ok
    13:41:10.0970 3556 nusb3xhc (d90a2d44e93daea47aea946d9e87000f) C:\Windows\system32\DRIVERS
    usb3xhc.sys
    13:41:10.0983 3556 nusb3xhc - ok
    13:41:10.0999 3556 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers
    vraid.sys
    13:41:11.0011 3556 nvraid - ok
    13:41:11.0026 3556 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers
    vstor.sys
    13:41:11.0039 3556 nvstor - ok
    13:41:11.0054 3556 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers
    v_agp.sys
    13:41:11.0066 3556 nv_agp - ok
    13:41:11.0074 3556 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    13:41:11.0090 3556 odserv - ok
    13:41:11.0105 3556 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    13:41:11.0118 3556 ohci1394 - ok
    13:41:11.0125 3556 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    13:41:11.0136 3556 ose - ok
    13:41:11.0151 3556 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
    13:41:11.0169 3556 p2pimsvc - ok
    13:41:11.0184 3556 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
    13:41:11.0201 3556 p2psvc - ok
    13:41:11.0216 3556 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    13:41:11.0229 3556 Parport - ok
    13:41:11.0244 3556 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    13:41:11.0255 3556 partmgr - ok
    13:41:11.0268 3556 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
    13:41:11.0286 3556 PcaSvc - ok
    13:41:11.0299 3556 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
    13:41:11.0320 3556 pccsmcfd - ok
    13:41:11.0335 3556 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    13:41:11.0348 3556 pci - ok
    13:41:11.0362 3556 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    13:41:11.0372 3556 pciide - ok
    13:41:11.0387 3556 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    13:41:11.0401 3556 pcmcia - ok
    13:41:11.0415 3556 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    13:41:11.0426 3556 pcw - ok
    13:41:11.0444 3556 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    13:41:11.0482 3556 PEAUTH - ok
    13:41:11.0506 3556 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
    13:41:11.0534 3556 PeerDistSvc - ok
    13:41:11.0546 3556 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
    13:41:11.0560 3556 PerfHost - ok
    13:41:11.0584 3556 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
    13:41:11.0629 3556 pla - ok
    13:41:11.0644 3556 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
    13:41:11.0662 3556 PlugPlay - ok
    13:41:11.0673 3556 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
    13:41:11.0687 3556 PNRPAutoReg - ok
    13:41:11.0700 3556 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
    13:41:11.0715 3556 PNRPsvc - ok
    13:41:11.0730 3556 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
    13:41:11.0764 3556 PolicyAgent - ok
    13:41:11.0777 3556 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
    13:41:11.0810 3556 Power - ok
    13:41:11.0825 3556 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    13:41:11.0855 3556 PptpMiniport - ok
    13:41:11.0869 3556 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    13:41:11.0883 3556 Processor - ok
    13:41:11.0896 3556 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
    13:41:11.0928 3556 ProfSvc - ok
    13:41:11.0940 3556 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    13:41:11.0952 3556 ProtectedStorage - ok
    13:41:11.0967 3556 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    13:41:11.0998 3556 Psched - ok
    13:41:12.0012 3556 PxHlpa64 (a6bf0a9b5a30d743623ca0d3be35df05) C:\Windows\system32\Drivers\PxHlpa64.sys
    13:41:12.0022 3556 PxHlpa64 - ok
    13:41:12.0047 3556 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    13:41:12.0079 3556 ql2300 - ok
    13:41:12.0094 3556 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    13:41:12.0106 3556 ql40xx - ok
    13:41:12.0119 3556 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
    13:41:12.0138 3556 QWAVE - ok
    13:41:12.0152 3556 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    13:41:12.0168 3556 QWAVEdrv - ok
    13:41:12.0182 3556 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    13:41:12.0213 3556 RasAcd - ok
    13:41:12.0227 3556 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    13:41:12.0258 3556 RasAgileVpn - ok
    13:41:12.0272 3556 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
    13:41:12.0304 3556 RasAuto - ok
    13:41:12.0319 3556 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    13:41:12.0349 3556 Rasl2tp - ok
    13:41:12.0363 3556 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
    13:41:12.0396 3556 RasMan - ok
    13:41:12.0411 3556 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    13:41:12.0444 3556 RasPppoe - ok
    13:41:12.0458 3556 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    13:41:12.0490 3556 RasSstp - ok
    13:41:12.0506 3556 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    13:41:12.0538 3556 rdbss - ok
    13:41:12.0553 3556 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    13:41:12.0568 3556 rdpbus - ok
    13:41:12.0581 3556 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    13:41:12.0612 3556 RDPCDD - ok
    13:41:12.0628 3556 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
    13:41:12.0642 3556 RDPDR - ok
    13:41:12.0657 3556 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    13:41:12.0687 3556 RDPENCDD - ok
    13:41:12.0703 3556 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    13:41:12.0733 3556 RDPREFMP - ok
    13:41:12.0750 3556 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
    13:41:12.0763 3556 RdpVideoMiniport - ok
    13:41:12.0779 3556 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
    13:41:12.0806 3556 RDPWD - ok
    13:41:12.0822 3556 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    13:41:12.0835 3556 rdyboost - ok
    13:41:12.0843 3556 ReflectService.exe (943ade1dd6789432419a87bb85884322) C:\Program Files\Macrium\Reflect\ReflectService.exe
    13:41:12.0857 3556 ReflectService.exe - ok
    13:41:12.0869 3556 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
    13:41:12.0901 3556 RemoteAccess - ok
    13:41:12.0914 3556 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
    13:41:12.0947 3556 RemoteRegistry - ok
    13:41:12.0956 3556 RichVideo64 (0b169fe016039571ecc6db70073f8979) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    13:41:12.0970 3556 RichVideo64 - ok
    13:41:12.0982 3556 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
    13:41:13.0013 3556 RpcEptMapper - ok
    13:41:13.0025 3556 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
    13:41:13.0038 3556 RpcLocator - ok
    13:41:13.0053 3556 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
    13:41:13.0087 3556 RpcSs - ok
    13:41:13.0101 3556 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    13:41:13.0133 3556 rspndr - ok
    13:41:13.0150 3556 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
    13:41:13.0175 3556 RTL8167 - ok
    13:41:13.0189 3556 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
    13:41:13.0202 3556 s3cap - ok
    13:41:13.0214 3556 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    13:41:13.0226 3556 SamSs - ok
    13:41:13.0232 3556 SbieDrv (742112ce7abb11dc17a561b4291be9c6) C:\Program Files\Sandboxie\SbieDrv.sys
    13:41:13.0256 3556 SbieDrv - ok
    13:41:13.0261 3556 SbieSvc (2419ed7e333b2bc2f81e50a6f5923fc6) C:\Program Files\Sandboxie\SbieSvc.exe
    13:41:13.0271 3556 SbieSvc - ok
    13:41:13.0286 3556 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    13:41:13.0298 3556 sbp2port - ok
    13:41:13.0311 3556 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
    13:41:13.0347 3556 SCardSvr - ok
    13:41:13.0361 3556 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    13:41:13.0391 3556 scfilter - ok
    13:41:13.0410 3556 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
    13:41:13.0452 3556 Schedule - ok
    13:41:13.0464 3556 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
    13:41:13.0493 3556 SCPolicySvc - ok
    13:41:13.0506 3556 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
    13:41:13.0522 3556 SDRSVC - ok
    13:41:13.0536 3556 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    13:41:13.0566 3556 secdrv - ok
    13:41:13.0578 3556 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
    13:41:13.0608 3556 seclogon - ok
    13:41:13.0620 3556 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
    13:41:13.0652 3556 SENS - ok
    13:41:13.0664 3556 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
    13:41:13.0678 3556 SensrSvc - ok
    13:41:13.0693 3556 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    13:41:13.0706 3556 Serenum - ok
    13:41:13.0721 3556 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    13:41:13.0735 3556 Serial - ok
    13:41:13.0750 3556 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    13:41:13.0763 3556 sermouse - ok
    13:41:13.0773 3556 ServiceLayer (668043f192ab9659761a349a4703600d) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
    13:41:13.0792 3556 ServiceLayer - ok
    13:41:13.0807 3556 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
    13:41:13.0839 3556 SessionEnv - ok
    13:41:13.0853 3556 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    13:41:13.0869 3556 sffdisk - ok
    13:41:13.0883 3556 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    13:41:13.0898 3556 sffp_mmc - ok
    13:41:13.0912 3556 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    13:41:13.0928 3556 sffp_sd - ok
    13:41:13.0942 3556 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    13:41:13.0956 3556 sfloppy - ok
    13:41:13.0970 3556 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
    13:41:14.0005 3556 SharedAccess - ok
    13:41:14.0020 3556 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
    13:41:14.0054 3556 ShellHWDetection - ok
    13:41:14.0068 3556 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    13:41:14.0079 3556 SiSRaid2 - ok
    13:41:14.0093 3556 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    13:41:14.0105 3556 SiSRaid4 - ok
    13:41:14.0119 3556 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    13:41:14.0151 3556 Smb - ok
    13:41:14.0164 3556 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
    13:41:14.0178 3556 SNMPTRAP - ok
    13:41:14.0192 3556 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    13:41:14.0203 3556 spldr - ok
    13:41:14.0218 3556 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
    13:41:14.0254 3556 Spooler - ok
    13:41:14.0293 3556 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
    13:41:14.0361 3556 sppsvc - ok
    13:41:14.0377 3556 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
    13:41:14.0409 3556 sppuinotify - ok
    13:41:14.0428 3556 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    13:41:14.0446 3556 srv - ok
    13:41:14.0464 3556 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    13:41:14.0481 3556 srv2 - ok
    13:41:14.0496 3556 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    13:41:14.0510 3556 srvnet - ok
    13:41:14.0523 3556 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
    13:41:14.0556 3556 SSDPSRV - ok
    13:41:14.0572 3556 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
    13:41:14.0581 3556 SSPORT - ok
    13:41:14.0593 3556 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
    13:41:14.0625 3556 SstpSvc - ok
    13:41:14.0639 3556 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    13:41:14.0649 3556 stexstor - ok
    13:41:14.0665 3556 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
    13:41:14.0689 3556 stisvc - ok
    13:41:14.0703 3556 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
    13:41:14.0714 3556 storflt - ok
    13:41:14.0728 3556 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
    13:41:14.0739 3556 storvsc - ok
    13:41:14.0753 3556 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    13:41:14.0764 3556 swenum - ok
    13:41:14.0779 3556 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
    13:41:14.0815 3556 swprv - ok
    13:41:14.0829 3556 Synth3dVsc - ok
    13:41:14.0854 3556 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
    13:41:14.0890 3556 SysMain - ok
    13:41:14.0902 3556 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
    13:41:14.0920 3556 TabletInputService - ok
    13:41:14.0934 3556 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
    13:41:14.0968 3556 TapiSrv - ok
    13:41:14.0978 3556 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
    13:41:15.0010 3556 TBS - ok
    13:41:15.0038 3556 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
    13:41:15.0076 3556 Tcpip - ok
    13:41:15.0105 3556 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
    13:41:15.0137 3556 TCPIP6 - ok
    13:41:15.0153 3556 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    13:41:15.0183 3556 tcpipreg - ok
    13:41:15.0198 3556 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    13:41:15.0211 3556 TDPIPE - ok
    13:41:15.0225 3556 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
    13:41:15.0246 3556 TDTCP - ok
    13:41:15.0261 3556 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    13:41:15.0292 3556 tdx - ok
    13:41:15.0306 3556 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    13:41:15.0318 3556 TermDD - ok
    13:41:15.0334 3556 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
    13:41:15.0371 3556 TermService - ok
    13:41:15.0383 3556 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
    13:41:15.0400 3556 Themes - ok
    13:41:15.0413 3556 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
    13:41:15.0443 3556 THREADORDER - ok
    13:41:15.0456 3556 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
    13:41:15.0488 3556 TrkWks - ok
    13:41:15.0494 3556 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
    13:41:15.0526 3556 TrustedInstaller - ok
    13:41:15.0550 3556 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    13:41:15.0579 3556 tssecsrv - ok
    13:41:15.0594 3556 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    13:41:15.0650 3556 TsUsbFlt - ok
    13:41:15.0664 3556 tsusbhub - ok
    13:41:15.0680 3556 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    13:41:15.0711 3556 tunnel - ok
    13:41:15.0725 3556 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    13:41:15.0737 3556 uagp35 - ok
    13:41:15.0754 3556 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    13:41:15.0786 3556 udfs - ok
    13:41:15.0800 3556 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
    13:41:15.0816 3556 UI0Detect - ok
    13:41:15.0830 3556 UimBus (34859d3801f4bd3dacfa131dd928455a) C:\Windows\system32\DRIVERS\uimx64.sys
    13:41:15.0841 3556 UimBus - ok
    13:41:15.0860 3556 Uim_IM (d3ce4776e7ffb25e6935b1c797f4650c) C:\Windows\system32\Drivers\Uim_IMx64.sys
    13:41:15.0877 3556 Uim_IM - ok
    13:41:15.0895 3556 Uim_VIM (532e4bed5c7803b2ee5681818b2528b7) C:\Windows\system32\Drivers\uim_vimx64.sys
    13:41:15.0909 3556 Uim_VIM - ok
    13:41:15.0924 3556 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    13:41:15.0936 3556 uliagpkx - ok
    13:41:15.0951 3556 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    13:41:15.0965 3556 umbus - ok
    13:41:15.0979 3556 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    13:41:15.0992 3556 UmPass - ok
    13:41:16.0006 3556 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
    13:41:16.0022 3556 UmRdpService - ok
    13:41:16.0037 3556 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
    13:41:16.0072 3556 upnphost - ok
    13:41:16.0086 3556 upperdev (4e93c8496359e97830c75ac36393654d) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
    13:41:16.0110 3556 upperdev - ok
    13:41:16.0124 3556 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys
    13:41:16.0139 3556 usbccgp - ok
    13:41:16.0154 3556 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    13:41:16.0169 3556 usbcir - ok
    13:41:16.0184 3556 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
    13:41:16.0198 3556 usbehci - ok
    13:41:16.0215 3556 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
    13:41:16.0232 3556 usbhub - ok
    13:41:16.0247 3556 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
    13:41:16.0260 3556 usbohci - ok
    13:41:16.0275 3556 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    13:41:16.0289 3556 usbprint - ok
    13:41:16.0303 3556 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
    13:41:16.0318 3556 usbser - ok
    13:41:16.0333 3556 UsbserFilt (8844cb19a37b65e27049d4a7786726a9) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
    13:41:16.0356 3556 UsbserFilt - ok
    13:41:16.0371 3556 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    13:41:16.0385 3556 USBSTOR - ok
    13:41:16.0400 3556 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
    13:41:16.0413 3556 usbuhci - ok
    13:41:16.0425 3556 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
    13:41:16.0459 3556 UxSms - ok
    13:41:16.0470 3556 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    13:41:16.0483 3556 VaultSvc - ok
    13:41:16.0497 3556 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    13:41:16.0508 3556 vdrvroot - ok
    13:41:16.0524 3556 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
    13:41:16.0559 3556 vds - ok
    13:41:16.0574 3556 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    13:41:16.0589 3556 vga - ok
    13:41:16.0603 3556 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    13:41:16.0634 3556 VgaSave - ok
    13:41:16.0648 3556 VGPU - ok
    13:41:16.0665 3556 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    13:41:16.0679 3556 vhdmp - ok
    13:41:16.0693 3556 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    13:41:16.0704 3556 viaide - ok
    13:41:16.0720 3556 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
    13:41:16.0733 3556 vmbus - ok
    13:41:16.0748 3556 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
    13:41:16.0760 3556 VMBusHID - ok
    13:41:16.0776 3556 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    13:41:16.0787 3556 volmgr - ok
    13:41:16.0804 3556 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    13:41:16.0820 3556 volmgrx - ok
    13:41:16.0837 3556 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    13:41:16.0853 3556 volsnap - ok
    13:41:16.0869 3556 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    13:41:16.0882 3556 vsmraid - ok
    13:41:16.0906 3556 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
    13:41:16.0950 3556 VSS - ok
    13:41:16.0966 3556 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
    13:41:16.0981 3556 vwifibus - ok
    13:41:16.0995 3556 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
    13:41:17.0031 3556 W32Time - ok
    13:41:17.0047 3556 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    13:41:17.0060 3556 WacomPen - ok
    13:41:17.0076 3556 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    13:41:17.0106 3556 WANARP - ok
    13:41:17.0109 3556 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    13:41:17.0138 3556 Wanarpv6 - ok
    13:41:17.0162 3556 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
    13:41:17.0192 3556 wbengine - ok
    13:41:17.0206 3556 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
    13:41:17.0225 3556 WbioSrvc - ok
    13:41:17.0239 3556 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
    13:41:17.0260 3556 wcncsvc - ok
    13:41:17.0272 3556 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
    13:41:17.0287 3556 WcsPlugInService - ok
    13:41:17.0302 3556 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    13:41:17.0312 3556 Wd - ok
    13:41:17.0332 3556 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    13:41:17.0351 3556 Wdf01000 - ok
    13:41:17.0364 3556 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
    13:41:17.0391 3556 WdiServiceHost - ok
    13:41:17.0394 3556 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
    13:41:17.0411 3556 WdiSystemHost - ok
    13:41:17.0425 3556 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
    13:41:17.0446 3556 WebClient - ok
    13:41:17.0460 3556 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
    13:41:17.0494 3556 Wecsvc - ok
    13:41:17.0506 3556 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
    13:41:17.0538 3556 wercplsupport - ok
    13:41:17.0551 3556 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
    13:41:17.0583 3556 WerSvc - ok
    13:41:17.0598 3556 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    13:41:17.0629 3556 WfpLwf - ok
    13:41:17.0644 3556 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    13:41:17.0654 3556 WIMMount - ok
    13:41:17.0658 3556 WinDefend - ok
    13:41:17.0660 3556 WinHttpAutoProxySvc - ok
    13:41:17.0676 3556 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
    13:41:17.0709 3556 Winmgmt - ok
    13:41:17.0736 3556 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
    13:41:17.0788 3556 WinRM - ok
    13:41:17.0806 3556 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    13:41:17.0822 3556 WinUsb - ok
    13:41:17.0841 3556 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
    13:41:17.0867 3556 Wlansvc - ok
    13:41:17.0882 3556 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    13:41:17.0895 3556 WmiAcpi - ok
    13:41:17.0912 3556 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
    13:41:17.0928 3556 wmiApSrv - ok
    13:41:17.0931 3556 WMPNetworkSvc - ok
    13:41:17.0943 3556 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
    13:41:17.0957 3556 WPCSvc - ok
    13:41:17.0970 3556 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
    13:41:17.0987 3556 WPDBusEnum - ok
    13:41:18.0001 3556 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    13:41:18.0032 3556 ws2ifsl - ok
    13:41:18.0044 3556 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
    13:41:18.0062 3556 wscsvc - ok
    13:41:18.0073 3556 WSearch - ok
    13:41:18.0101 3556 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
    13:41:18.0157 3556 wuauserv - ok
    13:41:18.0172 3556 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    13:41:18.0203 3556 WudfPf - ok
    13:41:18.0218 3556 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    13:41:18.0250 3556 WUDFRd - ok
    13:41:18.0262 3556 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
    13:41:18.0292 3556 wudfsvc - ok
    13:41:18.0306 3556 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
    13:41:18.0325 3556 WwanSvc - ok
    13:41:18.0330 3556 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    13:41:18.0359 3556 \Device\Harddisk0\DR0 - ok
    13:41:18.0360 3556 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
    13:41:18.0427 3556 \Device\Harddisk1\DR1 - ok
    13:41:18.0434 3556 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
    13:41:18.0566 3556 \Device\Harddisk2\DR2 - ok
    13:41:18.0567 3556 Boot (0x1200) (c1e7289526f1488585aa93657b17f3e8) \Device\Harddisk0\DR0\Partition0
    13:41:18.0568 3556 \Device\Harddisk0\DR0\Partition0 - ok
    13:41:18.0568 3556 Boot (0x1200) (bbf02225c6b79d0df5becfba49094375) \Device\Harddisk0\DR0\Partition1
    13:41:18.0569 3556 \Device\Harddisk0\DR0\Partition1 - ok
    13:41:18.0570 3556 Boot (0x1200) (02bde9c5a37c692cca6aef4a80575d73) \Device\Harddisk1\DR1\Partition0
    13:41:18.0571 3556 \Device\Harddisk1\DR1\Partition0 - ok
    13:41:18.0571 3556 Boot (0x1200) (926888faff2e88ef8e1c0e3888528d9d) \Device\Harddisk1\DR1\Partition1
    13:41:18.0572 3556 \Device\Harddisk1\DR1\Partition1 - ok
    13:41:18.0573 3556 Boot (0x1200) (bffac1465be97d9e04c18b9ab8b04a4f) \Device\Harddisk1\DR1\Partition2
    13:41:18.0574 3556 \Device\Harddisk1\DR1\Partition2 - ok
    13:41:18.0576 3556 Boot (0x1200) (3a0384995f02ae85daf1e85c96e259f5) \Device\Harddisk2\DR2\Partition0
    13:41:18.0578 3556 \Device\Harddisk2\DR2\Partition0 - ok
    13:41:18.0578 3556 ============================================================
    13:41:18.0578 3556 Scan finished
    13:41:18.0578 3556 ============================================================
    13:41:19.0120 4804 Deinitialize success

    ==============================================
    System Restore Point Check:

    TDSSKiller Starter Restore Point Created Succesfully
    ==============================================
    EOF


    …………………………………………..
    ComboFix 12-04-04.02 - Desktop1 06-04-2012 13:49:28.1.4 - x64
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.12031.10858 [GMT 2:00]
    Gestart vanuit: c:\users\Desktop1\Desktop\ComboFix.exe
    AV
  • ComboFix 12-04-04.02 - Desktop1 06-04-2012 13:49:28.1.4 - x64
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.12031.10858 [GMT 2:00]
    Gestart vanuit: c:\users\Desktop1\Desktop\ComboFix.exe
    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
    SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    F:\install.exe
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-03-06 to 2012-04-06 ))))))))))))))))))))))))))))))
    .
    .
    2012-04-06 11:40 . 2012-04-06 11:41 ——– d—–w- C:\TDSSStarter
    2012-04-06 11:02 . 2012-04-06 11:02 ——– d—–w- C:\archive_db
    2012-04-06 10:58 . 2012-04-06 10:58 ——– d—–w- c:\programdata\backup
    2012-04-06 10:58 . 2012-04-06 10:58 ——– d—–w- c:\programdata\explauncher
    2012-04-06 10:58 . 2012-04-06 10:58 ——– d—–w- c:\programdata\launcher
    2012-04-06 10:57 . 2012-04-06 10:57 ——– d—–w- c:\program files (x86)\Paragon Software
    2012-04-06 09:27 . 2012-04-06 09:28 ——– d—–w- c:\program files (x86)\Scan Assistant
    2012-04-06 09:27 . 2012-04-06 09:27 ——– d—–w- c:\program files\Common Files\Common Desktop Agent
    2012-04-06 09:27 . 2012-04-06 09:27 ——– d—–w- c:\program files (x86)\Common Files\Common Desktop Agent
    2012-04-06 09:26 . 2012-04-06 09:27 ——– d—–w- c:\program files (x86)\Samsung
    2012-04-05 19:30 . 2012-04-06 09:27 ——– d—–w- c:\users\Desktop1\AppData\Roaming\Samsung
    2012-04-05 19:29 . 2011-12-20 10:53 149880 —-a-w- c:\windows\Wiainst64.exe
    2012-04-05 19:29 . 2011-03-21 08:37 49152 —-a-r- c:\windows\SysWow64\Ssusbpn.dll
    2012-04-05 19:29 . 2011-03-21 08:37 43520 —-a-r- c:\windows\system32\Ssusbp64.dll
    2012-04-05 19:29 . 2011-03-18 05:49 323072 —-a-r- c:\windows\system32\SaMinDrv.dll
    2012-04-05 19:29 . 2011-03-18 05:49 123904 —-a-r- c:\windows\system32\SaImgFlt.dll
    2012-04-05 19:29 . 2011-03-18 05:49 55296 —-a-r- c:\windows\system32\SaErHdlr.dll
    2012-04-05 19:29 . 2012-04-06 09:27 ——– d—–w- c:\programdata\Samsung
    2012-04-05 19:29 . 2011-05-02 04:40 36864 —-a-w- c:\windows\system32\Spool\prtprocs\x64\ssm1mpc.dll
    2012-04-05 19:28 . 2011-05-02 04:40 34304 —-a-w- c:\windows\system32\ssm1mlm.dll
    2012-04-05 19:28 . 2011-03-22 08:31 151552 —-a-w- c:\windows\system32\ssm1mci.exe
    2012-04-05 19:28 . 2011-03-22 08:31 89600 —-a-w- c:\windows\system32\ssm1mci.dll
    2012-04-05 06:15 . 2012-04-05 06:15 418464 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-03-31 15:58 . 2012-03-31 15:58 ——– d—–w- c:\users\Desktop1\AppData\Roaming\Malwarebytes
    2012-03-31 15:58 . 2012-03-31 15:58 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2012-03-31 15:58 . 2012-03-31 15:58 ——– d—–w- c:\programdata\Malwarebytes
    2012-03-31 15:58 . 2011-12-10 13:24 23152 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-03-31 13:28 . 2012-03-31 13:28 ——– d–h–w- c:\programdata\CanonIJEGV
    2012-03-29 14:48 . 2012-03-29 14:29 13464 —-a-w- c:\windows\system32\drivers\PSVolAcc.sys
    2012-03-29 14:48 . 2012-03-29 14:29 43672 —-a-w- c:\windows\system32\drivers\psmounter.sys
    2012-03-26 17:12 . 2012-04-05 06:34 ——– d—–w- c:\users\Desktop1\AppData\Roaming\QuickScan
    2012-03-18 18:56 . 2012-03-18 18:56 592824 —-a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
    2012-03-18 18:56 . 2012-03-18 18:56 44472 —-a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
    2012-03-16 20:06 . 2012-02-03 04:34 3145728 —-a-w- c:\windows\system32\win32k.sys
    2012-03-16 20:06 . 2012-01-25 06:38 77312 —-a-w- c:\windows\system32\rdpwsx.dll
    2012-03-16 20:06 . 2012-01-25 06:38 149504 —-a-w- c:\windows\system32\rdpcorekmts.dll
    2012-03-16 20:06 . 2012-01-25 06:33 9216 —-a-w- c:\windows\system32\rdrmemptylst.exe
    2012-03-16 20:06 . 2012-02-10 06:36 1544192 —-a-w- c:\windows\system32\DWrite.dll
    2012-03-16 20:06 . 2012-02-10 05:38 1077248 —-a-w- c:\windows\SysWow64\DWrite.dll
    2012-03-16 20:06 . 2012-02-17 06:38 1112064 —-a-w- c:\windows\system32\rdpcorets.dll
    2012-03-16 20:06 . 2012-02-17 06:38 1031680 —-a-w- c:\windows\system32\rdpcore.dll
    2012-03-16 20:06 . 2012-02-17 05:34 826880 —-a-w- c:\windows\SysWow64\rdpcore.dll
    2012-03-16 20:06 . 2012-02-17 04:58 210944 —-a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-03-16 20:06 . 2012-02-17 04:57 23552 —-a-w- c:\windows\system32\drivers\tdtcp.sys
    2012-03-13 18:31 . 2012-03-13 19:50 ——– d—–w- c:\users\Desktop1\AppData\Roaming\Belastingdienst
    2012-03-12 18:40 . 2012-03-12 18:40 ——– d—–w- c:\users\Desktop1\AppData\Roaming\f-secure
    2012-03-12 18:40 . 2012-03-12 18:40 ——– d—–w- c:\programdata\F-Secure
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-04-05 06:15 . 2011-09-21 14:20 70304 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-03-11 21:13 . 2011-06-30 07:38 43248 —-a-w- c:\windows\system32\drivers\cmdhlp.sys
    2012-03-11 21:13 . 2011-06-30 07:38 577824 —-a-w- c:\windows\system32\drivers\cmdGuard.sys
    2012-03-11 21:13 . 2011-06-30 07:38 22696 —-a-w- c:\windows\system32\drivers\cmderd.sys
    2012-03-11 21:13 . 2011-10-21 11:23 41200 —-a-w- c:\windows\system32\cmdcsr.dll
    2012-03-11 21:13 . 2011-06-30 07:37 301224 —-a-w- c:\windows\SysWow64\guard32.dll
    2012-03-11 21:13 . 2011-06-30 07:37 389840 —-a-w- c:\windows\system32\guard64.dll
    2012-03-02 08:38 . 2011-09-27 15:04 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2011-08-27 638736]
    "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
    "NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2011-11-01 1053056]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 98304]
    "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
    "NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe" [2010-03-30 113296]
    "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
    "AvgUninstallURL"="start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk&inst=NzctNzMxNzQ3NjkxLVNUMTJGT0krMS1ERFQrMC1FVUxBKzEtU1QxMkZBUFArMQ&prod=90&ver=2012.0.1809&mid=976a9517da6947d1bcbe6de7838a48a8-9f94b7e529eeb543e61c8400f77cb52237492586" [?]
    .
    c:\users\Desktop1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Spamihilator.lnk - c:\program files\Spamihilator\spamihilator.exe [2011-11-10 2430464]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync
    estart
    .
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 253600]
    R3 cpuz134;cpuz134;c:\users\Desktop1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
    R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers
    mwcdnsucx64.sys [x]
    R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers
    mwcdnsux64.sys [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
    S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
    S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
    S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
    S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
    S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
    S1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys [x]
    S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
    S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
    S2 ReflectService.exe;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2012-03-29 301720]
    S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]
    S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
    S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS
    usb3hub.sys [x]
    S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS
    usb3xhc.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - WS2IFSL
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 06:15]
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-09-21 11057768]
    "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096]
    "CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2010-12-17 438784]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x1
    "AppInit_DLLs"=c:\windows\System32\guard64.dll
    .
    ——- Bijkomende Scan ——-
    .
    uLocal Page = c:\windows\system32\blank.htm
    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
    Trusted Zone: samsungsetup.com\www
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\Desktop1\AppData\Roaming\Mozilla\Firefox\Profiles\wx8rcqhc.default\
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.9"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
    "v5Licence0"="15-ZPW3-5BEC-7GJ2-91R9-ME4S-MP2VRN5"
    "Activated"="Y"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2012-04-06 13:57:50 - machine werd herstart
    ComboFix-quarantined-files.txt 2012-04-06 11:57
    .
    Pre-Run: 58.772.000.768 bytes beschikbaar
    Post-Run: 58.489.098.240 bytes beschikbaar
    .
    - - End Of File - - 1F7B1C9D50606E665582D3C08C13A30E
  • Heb je F-Secure als demoversie uitgeprobeerd?

    Zorg ervoor dat alle openstaande webbrowservensters gesloten zijn.
    Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:e045e7bb47]Kladblok (of Notepad)[/b:e045e7bb47]". .

    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:e045e7bb47]ClearJavaCache::

    Folder::
    c:\programdata\F-Secure[/color:e045e7bb47][/b:e045e7bb47]


    Sla dit kladblokbestand op je bureaublad op als [b:e045e7bb47]CFScript.txt[/b:e045e7bb47].

    [b:e045e7bb47]Nu eerst de antivirus deaktiveren![/color:e045e7bb47][/b:e045e7bb47]


    Sleep CFScript.txt in ComboFix.exe


    [img:e045e7bb47]http://crew.nucia.eu/smeenk/CFScript.gif[/img:e045e7bb47]

    Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.


    Post het Combofix log dat na het opnieuw starten wordt getoond!
    Ingeval Combofix je computer opnieuw heeft opgestart (of jij dat hebt gedaan), vindt je het log ook in [b:e045e7bb47]C:\Combofix.txt[/b:e045e7bb47]

    [b:e045e7bb47]Belangrijke opmerking[/b:e045e7bb47]:
    [list:e045e7bb47][*:e045e7bb47][b:e045e7bb47]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:e045e7bb47][/b:e045e7bb47]
    [*:e045e7bb47][b:e045e7bb47]Illegal operation attempted on a registery key that has been marked for deletion.[/color:e045e7bb47][/b:e045e7bb47]
    [*:e045e7bb47][b:e045e7bb47]Start dan de computer opnieuw op.[/color:e045e7bb47][/b:e045e7bb47][/list:u:e045e7bb47]
  • Heb je F-Secure als demoversie uitgeprobeerd?

    Ik gebruik naast avg f-secure regelmatig als online scanner.

    Moet ik desondanks jouw verdere instructies volgen met clearjavacache::?

    En heb je verder nog iets kunnen vinden in verband met lsass.exe?

    Bedankt,
  • Ik schoon mijn computer ook met CCleaner. Kun je dat ook zo instellen dat het de cache verwijdert? Er staat iets van cache bij geavanceerd: dns cache, systeemvakcache en lettertype cache. Of haal ik nu dingen door elkaar?
  • Laat het ComboFixscript maar achterwege inderdaad, indien het enkel de F-Secure onlinescanner betreft.

    Wat betreft die mappen: laat Windows die maar beheren.

    [b:56f7905949]Doe de ESET online scan (Klik).[/b:56f7905949]
    [list:56f7905949]
    [*:56f7905949]Klik op de knop [b:56f7905949]ESET Online Scanner[/b:56f7905949]
    [*:56f7905949]Zet een vinkje bij [b:56f7905949]YES, I accept the Terms of Use[/b:56f7905949]
    [*:56f7905949]Klik op [b:56f7905949]Start[/b:56f7905949]
    [*:56f7905949]Sta het ActiveX control toe om te installeren.
    [*:56f7905949]Zet een vinkje bij de volgende opties:
    [list:56f7905949][*:56f7905949][b:56f7905949]Remove found threats[/b:56f7905949]
    [*:56f7905949][b:56f7905949]Scan archives[/b:56f7905949][/list:u:56f7905949]
    [*:56f7905949]Klik vervolgens op [b:56f7905949]"Advanced Settings"[/color:56f7905949][/b:56f7905949]
    [list:56f7905949][*:56f7905949][b:56f7905949]Scan for potentially unwanted applications[/b:56f7905949]
    [*:56f7905949][b:56f7905949]Scan for potentially unsafe applications[/b:56f7905949]
    [*:56f7905949][b:56f7905949]Enable Anti-Stealth technology [/b:56f7905949][/list:u:56f7905949]
    [*:56f7905949]Klik op [b:56f7905949]Start[/b:56f7905949]
    [*:56f7905949]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.
    [*:56f7905949]is de scan klaar, daarna mag jij het venster sluiten omdat de scan klaar is.
    [*:56f7905949]Ga vervolgens naar C:\Program Files\ESET\ESET Online Scanner en klik daar op log.txt
    [*:56f7905949]Selekteer, kopieer en plak dan de inhoud van dit log in je volgende bericht.[/list:u:56f7905949]
    [b:56f7905949]N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller![/b:56f7905949][/color:56f7905949]
  • Hier de resultaten:
    ESETSmartInstaller@High as downloader log:
    all ok
    # version=7
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6583
    # api_version=3.0.2
    # EOSSerial=3604d7a1a4f26d40bd5b0c4643b9ff63
    # end=finished
    # remove_checked=true
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2012-04-08 08:01:25
    # local_time=2012-04-08 10:01:25 (+0100, West-Europa (zomertijd))
    # country="Netherlands"
    # lang=1033
    # osver=6.1.7601 NT Service Pack 1
    # compatibility_mode=1024 16777215 100 0 17297759 17297759 0 0
    # compatibility_mode=3073 16777213 80 71 2330076 9593981 0 0
    # compatibility_mode=5893 16776574 100 94 17283990 85541415 0 0
    # compatibility_mode=8192 67108863 100 0 134 134 0 0
    # scanned=175123
    # found=8
    # cleaned=8
    # scan_time=3720
    C:\Users\Desktop1\Downloads\cnet2_dvdflick_setup_1_3_0_7_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    C:\Users\Desktop1\Downloads\cnet_SopCast_zip.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    C:\Users\Desktop1\Downloads\CrystalDiskMark3_0_1b-en.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C
    C:\Users\Desktop1\Downloads\SoftonicDownloader_for_sopcast.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    H:\laptop schijf D juli 2008\verwisselbare schijf november 2006\NOD32\NOD32-FiX 1.8.exe Win32/RiskWare.HackAV.FU application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    H:\Nieuwe map
    ieuw HDD\Install\NOD32\NOD32-FiX 1.8.exe Win32/RiskWare.HackAV.FU application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    H:\Nieuwe map
    ieuw HDD\laptop schijf D juli 2008\verwisselbare schijf november 2006\NOD32\NOD32-FiX 1.8.exe Win32/RiskWare.HackAV.FU application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    H:\Nieuwe map
    ieuw HDD\laptop schijf D juli 2008\verwisselbare schijf november 2006\WINRAR\WinRAR v3.60 corporate FINAL.rar probably a variant of Win32/Agent.FTMYHHE trojan (deleted - quarantined) 00000000000000000000000000000000 C
  • Hallo Jan, een kleine waarschuwing over het downloaden via CNET en SofTonic.
    De downloads van deze sites zitten in een wrapper.
    Die van CNET is wat dat betreft onschuldiger dan die van SofTonic, die in sommige gevallen zelfs de vieze Babylon Toolbar installeert, zonder dat je er weet van hebt!
    In ieder geval wordt ook spyware in je PC gezet om gebruiksgegevens door te zenden!

    En verwijder geheel die oude downloads uit 2006/2008.
    Die heb je echt niet meer nodig.

    Ondervindt je overigens nog hinder in jouw Windows?
  • [quote:50563da07c="Abraham54"]Hallo Jan, een kleine waarschuwing over het downloaden via CNET en SofTonic.
    De downloads van deze sites zitten in een wrapper.
    Die van CNET is wat dat betreft onschuldiger dan die van SofTonic, die in sommige gevallen zelfs de vieze Babylon Toolbar installeert, zonder dat je er weet van hebt!
    In ieder geval wordt ook spyware in je PC gezet om gebruiksgegevens door te zenden!

    En verwijder geheel die oude downloads uit 2006/2008.
    Die heb je echt niet meer nodig.

    Ondervindt je overigens nog hinder in jouw Windows?[/quote:50563da07c]

    Dacht dat downloaden via CNET en Softonic veilig was….Van welke sites kun je dan wel 'veilig' downloaden? Heb nooit erg hinder ervaren met windows. Vroeg mij alleen af of die file lsass.exe wel veilig is en waarom die genoemde poorten niet stealth zijn. Kennelijk is lsass.exe wel een veilig windowsbestand.

    Nod32 vindt kennelijk meer dan AVG! Gebruik deze laatste omdat hij gratis is. Ja..inderdaad moet mijn computer eens opschonen.

    Bedankt voor het meekijken en je reacties.

    Groeten,
  • Avast 7 Free is nog beter dan AVG.
    En Nod schijn je eerder illegitiem gebruikt te hebben.
  • Gebruik nod was idd illegaal. Ik vind dat ze software veel goedkoper moeten aanbieden. Verdwijnt de illegaliteit ook grotendeels vanzelf.
    Bedankt voor al je reacties.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.