Vraag & Antwoord

Beveiliging & privacy

Isass.exe? en poorten closed?

15 antwoorden
  • 1) Heb als firewall comodo. En deze geeft aan dat er een actief proces is: (gebruik windows 7) c:\windows\system32\Isass.exe [956] tcp luisteren op 49168 tcp luisteren op 49168 bytes in: 0 bytes out: 0 Wat is dit voor proces? Een virus oid? Het gekke is dat op deze computer Isass.exe wel als actief vermeld staat en op een andere computer bij mij niet. Hierop zit ook windows 7. Is dat gebruikelijk? 2) Als ik poorten scan via pc Flank zegt PCflank dat poorten 135, 137, 138, 139 closed zijn. Test ik deze poorten via GRC/ shield up dan zijn al mijn poorten stealth. Vreemd. Hoe kan dit? Kan dit te maken hebben dat ik een wireless printer gebruik: canon mp640? Zet ik op mijn router het wireless uit, dan zijn deze poorten stealth! Overigens heb ik het gevoel dat mijn computer het gewoon goed doet! Maar toch even deze vragen.
  • Het kan zijn dat het bestand door malware is aangepast! Want in mijn OnlineArmor komt het bestand niet voor als luisterend. [b:4ab14ae47e]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:4ab14ae47e] [color=#0000FF:4ab14ae47e][list:4ab14ae47e][*:4ab14ae47e]Lees telkens elke instruktie eerst goed door. [*:4ab14ae47e]De gegeven instrukties gelden alleen jouw Windows. [*:4ab14ae47e]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat mogelijk serieuze problemen in Windows veroorzaken. [*:4ab14ae47e][b:4ab14ae47e]Installeer geen nieuwe programma's, updates of nieuwe hardware terwijl we met de fix bezig zijn. [*:4ab14ae47e]Gebruik ook geen andere programma's of tools dan diegenen waartoe ik opdracht geef.[/b:4ab14ae47e] [*:4ab14ae47e] Emoticons (smileys) a.u.b. uitzetten, wanneer je een log post. [*:4ab14ae47e]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:4ab14ae47e]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:4ab14ae47e]Ook indien je iets niet begrijpt, meldt dat dan. [*:4ab14ae47e]De fix, eenmaal gestart, dient afgewerkt te worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:4ab14ae47e][/color:4ab14ae47e] [color=#FF0000:4ab14ae47e][b:4ab14ae47e]Stap •1•[/b:4ab14ae47e][/color:4ab14ae47e] [b:4ab14ae47e]Welk programma[/b:4ab14ae47e]: sUbs [b:4ab14ae47e]dds[/b:4ab14ae47e] [b:4ab14ae47e]Waarvoor/waarom[/b:4ab14ae47e]: DDS is een diagnosetool en maakt gebruik van scripts. [b:4ab14ae47e]Moeilijkheidsgraad[/b:4ab14ae47e]: Lees eerst goed wat te doen. [b:4ab14ae47e]Downloadlokatie[/b:4ab14ae47e]: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen! [b:4ab14ae47e]Download DDS[/b:4ab14ae47e] van [b:4ab14ae47e]sUBS[/b:4ab14ae47e] van één van deze locaties en plaats het op je [b:4ab14ae47e]bureaublad[/b:4ab14ae47e]: [b:4ab14ae47e][url=http://download.bleepingcomputer.com/sUBs/dds.com]DDS - Bleeping Computer download[/url]. [url=http://download.bleepingcomputer.com/sUBs/dds.scr]DDS - Bleeping Computer download[/url]. [url=http://www.infospyware.net/sUBs/dds]DDS - Infospyware[/url].[/b:4ab14ae47e] [img:4ab14ae47e]http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif[/img:4ab14ae47e] [b:4ab14ae47e]sUBs dds.scr gebruiken[/b:4ab14ae47e]: [list:4ab14ae47e][*:4ab14ae47e][b:4ab14ae47e][color=#FF0000:4ab14ae47e]Belangrijk[/color:4ab14ae47e][/b:4ab14ae47e]: deaktiveer eerst de antivirussoftware en de aktieve spywarescanners! [*:4ab14ae47e] [b:4ab14ae47e][color=#0000FF:4ab14ae47e]Sluit vervolgens eerst alle nog openstaande programmavensters![/color:4ab14ae47e][/b:4ab14ae47e] [list:4ab14ae47e][*:4ab14ae47e]Windows 2000 en Windows XP: start sUBs dds.scr middels dubbelklik op de snelkoppeling. [*:4ab14ae47e]Windows Vista en Windows 7: start sUBs dds.scr rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:4ab14ae47e] [*:4ab14ae47e] Na de scan worden twee tekstdocumnenten geopend - DDS.txt en Attach.txt [*:4ab14ae47e] Kopieer en plak de gehele inhoud van de [b:4ab14ae47e]DDS-logfile[/b:4ab14ae47e] in jouw volgende bericht. [*:4ab14ae47e] Attach.txt post je pas wanneer ik er om vraag.[/list:u:4ab14ae47e] [color=#FF0000:4ab14ae47e][b:4ab14ae47e]Stap •2•[/b:4ab14ae47e][/color:4ab14ae47e] [b:4ab14ae47e]Welk programma[/b:4ab14ae47e]: Malwarebytes MBAM [b:4ab14ae47e]Waarvoor/waarom[/b:4ab14ae47e]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:4ab14ae47e]Moeilijkheidsgraad[/b:4ab14ae47e]: geen. [b:4ab14ae47e]Download Malwarebytes MBAM via één van deze locaties[/b:4ab14ae47e]: [list:4ab14ae47e][*:4ab14ae47e][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:4ab14ae47e]Softpedia.com[/b:4ab14ae47e][/url][*:4ab14ae47e][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:4ab14ae47e]Majorgeeks.com[/b:4ab14ae47e][/url][/list:u:4ab14ae47e] [b:4ab14ae47e]Allereerst[/b:4ab14ae47e]:[list:4ab14ae47e][*:4ab14ae47e] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:4ab14ae47e] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'! [b:4ab14ae47e]Malwarebytes MBAM opstarten[/b:4ab14ae47e]: [list:4ab14ae47e][*:4ab14ae47e] [b:4ab14ae47e][color=#0000FF:4ab14ae47e]Sluit nu eerst alle nog openstaande programmavensters![/color:4ab14ae47e][/b:4ab14ae47e] [list:4ab14ae47e][*:4ab14ae47e][b:4ab14ae47e][color=#0000FF:4ab14ae47e]Windows 2000[/color:4ab14ae47e][/b:4ab14ae47e] en [color=#0000FF:4ab14ae47e][b:4ab14ae47e]Windows XP[/b:4ab14ae47e][/color:4ab14ae47e]: start MBAM middels dubbelklik op de snelkoppeling. [*:4ab14ae47e][color=#0000FF:4ab14ae47e][b:4ab14ae47e]Windows Vista[/b:4ab14ae47e][/color:4ab14ae47e] en [color=#0000FF:4ab14ae47e][b:4ab14ae47e]Windows 7[/b:4ab14ae47e][/color:4ab14ae47e]: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:4ab14ae47e][/list:u:4ab14ae47e][/list:u:4ab14ae47e] [list:4ab14ae47e][*:4ab14ae47e][b:4ab14ae47e]Let op:[/b:4ab14ae47e] [list:4ab14ae47e][*:4ab14ae47e]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:4ab14ae47e]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie. [*:4ab14ae47e]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:4ab14ae47e]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:4ab14ae47e] [img:4ab14ae47e]http://img30.imageshack.us/img30/3928/mbam2.png[/img:4ab14ae47e] [*:4ab14ae47e][b:4ab14ae47e]Doe ook nog het volgende:[/b:4ab14ae47e] [list:4ab14ae47e][*:4ab14ae47e]Zodra het programma gestart is, ga dan naar het tabblad "[b:4ab14ae47e]Instellingen[/b:4ab14ae47e]". [*:4ab14ae47e]Vink hier aan: "[b:4ab14ae47e]Sluit Internet Explorer tijdens verwijdering van malware[/b:4ab14ae47e]".[/list:u:4ab14ae47e][/list:u:4ab14ae47e] [b:4ab14ae47e]Scannen[/b:4ab14ae47e]: [list:4ab14ae47e][*:4ab14ae47e] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:4ab14ae47e]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:4ab14ae47e]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:4ab14ae47e] [b:4ab14ae47e]Infecties gevonden[/b:4ab14ae47e]: [list:4ab14ae47e][*:4ab14ae47e]Klik nu eerst op OK om de melding weg te klikken [*:4ab14ae47e]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:4ab14ae47e]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:4ab14ae47e]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:4ab14ae47e]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:4ab14ae47e]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:4ab14ae47e] [b:4ab14ae47e]MBAM-Log[/b:4ab14ae47e]: [list:4ab14ae47e][*:4ab14ae47e] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'. [/list:u:4ab14ae47e] [b:4ab14ae47e]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:4ab14ae47e]
  • . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_31 Run by Desktop1 at 16:28:06 on 2012-04-03 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.12031.10375 [GMT 2:00] . AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Program Files\Sandboxie\SbieSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Macrium\Reflect\ReflectService.exe C:\Program Files\CyberLink\Shared files\RichVideo64.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\Sandboxie\SbieCtrl.exe C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup uRun: [<NO NAME>] uRun: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk"&"inst=NzctNzMxNzQ3NjkxLVNUMTJGT0krMS1ERFQrMC1FVUxBKzEtU1QxMkZBUFArMQ"&"prod=90"&"ver=2012.0.1809"&"mid=976a9517da6947d1bcbe6de7838a48a8-9f94b7e529eeb543e61c8400f77cb52237492586 StartupFolder: C:\Users\Desktop1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SPAMIH~1.LNK - C:\Program Files (x86)\Spamihilator\spamihilator.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{9459511D-A535-4795-A9E8-4BAB8490A8F6} : DhcpNameServer = 192.168.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} {72853161-30C5-4D22-B7F9-0BBC1D38A37E} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {DBC80044-A445-435b-BC74-9C25C1C588A9} {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun-x64: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRunOnce-x64: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk"&"inst=NzctNzMxNzQ3NjkxLVNUMTJGT0krMS1ERFQrMC1FVUxBKzEtU1QxMkZBUFArMQ"&"prod=90"&"ver=2012.0.1809"&"mid=976a9517da6947d1bcbe6de7838a48a8-9f94b7e529eeb543e61c8400f77cb52237492586 AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Desktop1\AppData\Roaming\Mozilla\Firefox\Profiles\wx8rcqhc.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: C:\Users\Desktop1\AppData\Roaming\Mozilla\Firefox\Profiles\wx8rcqhc.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?] R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?] R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776] R2 ReflectService.exe;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2012-3-29 301720] R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-10-9 386344] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2011-8-27 156288] S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\system32\drivers\nmwcdnsucx64.sys --> C:\Windows\system32\drivers\nmwcdnsucx64.sys [?] S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers\nmwcdnsux64.sys --> C:\Windows\system32\drivers\nmwcdnsux64.sys [?] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] . =============== Created Last 30 ================ . 2012-03-31 15:58:43 -------- d-----w- C:\Users\Desktop1\AppData\Roaming\Malwarebytes 2012-03-31 15:58:37 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-03-31 15:58:37 -------- d-----w- C:\ProgramData\Malwarebytes 2012-03-31 15:58:37 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-03-31 13:28:53 -------- d--h--w- C:\ProgramData\CanonIJEGV 2012-03-29 14:48:54 43672 ----a-w- C:\Windows\System32\drivers\psmounter.sys 2012-03-29 14:48:54 13464 ----a-w- C:\Windows\System32\drivers\PSVolAcc.sys 2012-03-26 17:12:48 -------- d-----w- C:\Users\Desktop1\AppData\Roaming\QuickScan 2012-03-18 18:56:05 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll 2012-03-18 18:56:05 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll 2012-03-16 20:06:12 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-03-16 20:06:12 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-03-16 20:06:12 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-03-16 20:06:12 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-03-16 20:06:09 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2012-03-16 20:06:09 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-03-16 20:06:08 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-03-16 20:06:08 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-03-16 20:06:08 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-03-16 20:06:08 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll 2012-03-16 20:06:08 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-03-13 18:31:58 -------- d-----w- C:\Users\Desktop1\AppData\Roaming\Belastingdienst 2012-03-12 18:40:34 -------- d-----w- C:\Users\Desktop1\AppData\Roaming\f-secure 2012-03-12 18:40:26 -------- d-----w- C:\ProgramData\F-Secure . ==================== Find3M ==================== . 2012-03-11 21:13:41 43248 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys 2012-03-11 21:13:40 577824 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys 2012-03-11 21:13:38 22696 ----a-w- C:\Windows\System32\drivers\cmderd.sys 2012-03-11 21:13:20 41200 ----a-w- C:\Windows\System32\cmdcsr.dll 2012-03-11 21:13:18 301224 ----a-w- C:\Windows\SysWow64\guard32.dll 2012-03-11 21:13:17 389840 ----a-w- C:\Windows\System32\guard64.dll 2012-03-02 08:38:15 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-02-22 14:33:50 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl . ============= FINISH: 16:28:28,49 =============== Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.04.03.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Desktop1 :: DESKTOP1-PC [administrator] 3-4-2012 16:31:35 mbam-log-2012-04-03 (16-31-35).txt Scantype: Volledige scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 344588 Verstreken tijd: 16 minuut/minuten, 49 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
  • Je mag het volgende gaan doen: [color=#FF0000:e3fc04d98a][b:e3fc04d98a]Stap •1•[/b:e3fc04d98a][/color:e3fc04d98a] [b:e3fc04d98a]Welk programma[/b:e3fc04d98a]: [b:e3fc04d98a]TDSSStarter.exe[/b:e3fc04d98a] [b:e3fc04d98a]Waarvoor/waarom[/b:e3fc04d98a]: Rootkitscanner [b:e3fc04d98a]Moeilijkheidsgraad[/b:e3fc04d98a]: geen Download [b:e3fc04d98a][url=http://home.kpn.nl/stefsmeenk/tools/TDSSKStarter.exe]TDSSStarter[/url][/b:e3fc04d98a] naar het bureaublad. [b:e3fc04d98a]"TDSSSStarter.exe" gebruiken[/b:e3fc04d98a]: [list:e3fc04d98a][*:e3fc04d98a] [b:e3fc04d98a][color=#0000FF:e3fc04d98a]Sluit nu eerst alle nog openstaande programmavensters![/color:e3fc04d98a][/b:e3fc04d98a] [list:e3fc04d98a][*:e3fc04d98a][b:e3fc04d98a][color=#0000FF:e3fc04d98a]Windows 2000[/color:e3fc04d98a][/b:e3fc04d98a] en [color=#0000FF:e3fc04d98a][b:e3fc04d98a]Windows XP[/b:e3fc04d98a][/color:e3fc04d98a]: start het tool middels dubbelklik op "[i:e3fc04d98a] TDSSStarter .exe[/i:e3fc04d98a]". [*:e3fc04d98a][color=#0000FF:e3fc04d98a][b:e3fc04d98a]Windows Vista[/b:e3fc04d98a][/color:e3fc04d98a] en [color=#0000FF:e3fc04d98a][b:e3fc04d98a]Windows 7[/b:e3fc04d98a][/color:e3fc04d98a]: start het tool middels rechtsklik op "[i:e3fc04d98a]TDSSStarter.exe[/i:e3fc04d98a]" en dan kiezen voor [i:e3fc04d98a][b:e3fc04d98a]Als Administrator uitvoeren[/b:e3fc04d98a][/i:e3fc04d98a].[/list:u:e3fc04d98a] [*:e3fc04d98a]Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten. [*:e3fc04d98a]Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.[/list:u:e3fc04d98a] [color=#FF0000:e3fc04d98a][b:e3fc04d98a]Stap •2•[/b:e3fc04d98a][/color:e3fc04d98a] [b:e3fc04d98a]Welk programma[/b:e3fc04d98a]: ComboFix [b:e3fc04d98a]Waarvoor/waarom[/b:e3fc04d98a]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:e3fc04d98a]Moeilijkheidsgraad[/b:e3fc04d98a]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:e3fc04d98a]Downloadlokatie[/b:e3fc04d98a]: Dit programma absoluut naar het bureaublad downloaden! [b:e3fc04d98a]Download ComboFix via één van deze locaties[/b:e3fc04d98a]: [list:e3fc04d98a][*:e3fc04d98a][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:e3fc04d98a]Bleepingcomputer[/b:e3fc04d98a][/url] [*:e3fc04d98a][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:e3fc04d98a]ForoSpyware[/b:e3fc04d98a][/url] [*:e3fc04d98a][url=http://subs.geekstogo.com/ComboFix.exe][b:e3fc04d98a]Geekstogo[/b:e3fc04d98a][/url][/list:u:e3fc04d98a] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:e3fc04d98a]Hier[/b:e3fc04d98a][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:e3fc04d98a]Hier[/b:e3fc04d98a][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:e3fc04d98a]hier[/b:e3fc04d98a][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:e3fc04d98a]Voor alle duidelijkheid nogmaals[/b:e3fc04d98a]: ComboFix dient vanaf het bureaublad gestart te worden. [b:e3fc04d98a]Opmerkingen[/b:e3fc04d98a]: [list:e3fc04d98a][*:e3fc04d98a] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).[/list:u:e3fc04d98a] [b:e3fc04d98a]ComboFix opstarten[/b:e3fc04d98a]: [list:e3fc04d98a][*:e3fc04d98a] [b:e3fc04d98a][color=#0000FF:e3fc04d98a]Sluit nu eerst alle nog openstaande programmavensters![/color:e3fc04d98a][/b:e3fc04d98a] [list:e3fc04d98a][*:e3fc04d98a][b:e3fc04d98a][color=#0000FF:e3fc04d98a]Windows 2000[/color:e3fc04d98a][/b:e3fc04d98a] en [color=#0000FF:e3fc04d98a][b:e3fc04d98a]Windows XP[/b:e3fc04d98a][/color:e3fc04d98a]: start ComboFix.exe middels dubbelklik op ComboFix.exe. [*:e3fc04d98a][color=#0000FF:e3fc04d98a][b:e3fc04d98a]Windows Vista[/b:e3fc04d98a][/color:e3fc04d98a] en [color=#0000FF:e3fc04d98a][b:e3fc04d98a]Windows 7[/b:e3fc04d98a][/color:e3fc04d98a]: start ComboFix.exe via rechtsklik op ComboFix.exe en kies dan voor [i:e3fc04d98a][b:e3fc04d98a]Als Administrator uitvoeren[/b:e3fc04d98a][/i:e3fc04d98a].[/list:u:e3fc04d98a][/list:u:e3fc04d98a] [b:e3fc04d98a]ComboFix is opgestart[/b:e3fc04d98a]: [list:e3fc04d98a][*:e3fc04d98a]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:e3fc04d98a]Combofix sluit tijdens de scan de internet verbinding; probeer deze tussentijds niet te herstellen! [*:e3fc04d98a]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:e3fc04d98a]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:e3fc04d98a]Post de inhoud van dit logbestand in je volgende bericht. [*:e3fc04d98a]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:e3fc04d98a] [b:e3fc04d98a]Belangrijke opmerking[/b:e3fc04d98a]: [list:e3fc04d98a][*:e3fc04d98a][b:e3fc04d98a][color=Red:e3fc04d98a]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:e3fc04d98a][/b:e3fc04d98a] [*:e3fc04d98a][b:e3fc04d98a][color=blue:e3fc04d98a]Illegal operation attempted on a registery key that has been marked for deletion.[/color:e3fc04d98a][/b:e3fc04d98a] [*:e3fc04d98a][b:e3fc04d98a][color=Red:e3fc04d98a]Start dan de computer opnieuw op.[/color:e3fc04d98a][/b:e3fc04d98a][/list:u:e3fc04d98a] [color=#FF0000:e3fc04d98a][b:e3fc04d98a]Stap •3•[/b:e3fc04d98a][/color:e3fc04d98a] [b:e3fc04d98a]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:e3fc04d98a] [list:e3fc04d98a][*:e3fc04d98a] TDSSKStarter-log [*:e3fc04d98a] ComboFix.txt-log [/list:u:e3fc04d98a]
  • Nou daar komen ze: ( bedankt alvast voor je hulp) 13:41:01.0981 4708 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02 13:41:01.0982 4708 ============================================================ 13:41:01.0982 4708 Current date / time: 2012/04/06 13:41:01.0982 13:41:01.0982 4708 SystemInfo: 13:41:01.0982 4708 13:41:01.0982 4708 OS Version: 6.1.7601 ServicePack: 1.0 13:41:01.0982 4708 Product type: Workstation 13:41:01.0982 4708 ComputerName: DESKTOP1-PC 13:41:01.0983 4708 UserName: Desktop1 13:41:01.0983 4708 Windows directory: C:\Windows 13:41:01.0983 4708 System windows directory: C:\Windows 13:41:01.0983 4708 Running under WOW64 13:41:01.0983 4708 Processor architecture: Intel x64 13:41:01.0983 4708 Number of processors: 4 13:41:01.0983 4708 Page size: 0x1000 13:41:01.0983 4708 Boot type: Normal boot 13:41:01.0983 4708 ============================================================ 13:41:02.0245 4708 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:41:02.0246 4708 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:41:02.0250 4708 Drive \Device\Harddisk2\DR2 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 13:41:02.0285 4708 \Device\Harddisk0\DR0: 13:41:02.0285 4708 MBR used 13:41:02.0285 4708 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 13:41:02.0285 4708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000 13:41:02.0285 4708 \Device\Harddisk1\DR1: 13:41:02.0285 4708 MBR used 13:41:02.0285 4708 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31E000 13:41:02.0285 4708 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x30D40000 13:41:02.0285 4708 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3D091000, BlocksNum 0x37675000 13:41:02.0285 4708 \Device\Harddisk2\DR2: 13:41:02.0291 4708 MBR used 13:41:02.0291 4708 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682 13:41:02.0332 4708 Initialize success 13:41:02.0332 4708 ============================================================ 13:41:02.0362 3556 ============================================================ 13:41:02.0362 3556 Scan started 13:41:02.0362 3556 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent; 13:41:02.0362 3556 ============================================================ 13:41:02.0680 3556 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 13:41:02.0746 3556 1394ohci - ok 13:41:02.0762 3556 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 13:41:02.0777 3556 ACPI - ok 13:41:02.0790 3556 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 13:41:02.0813 3556 AcpiPmi - ok 13:41:02.0820 3556 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe 13:41:02.0832 3556 AdobeActiveFileMonitor7.0 - ok 13:41:02.0838 3556 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 13:41:02.0847 3556 AdobeARMservice - ok 13:41:02.0860 3556 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 13:41:02.0873 3556 AdobeFlashPlayerUpdateSvc - ok 13:41:02.0890 3556 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 13:41:02.0908 3556 adp94xx - ok 13:41:02.0924 3556 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 13:41:02.0939 3556 adpahci - ok 13:41:02.0954 3556 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 13:41:02.0967 3556 adpu320 - ok 13:41:02.0978 3556 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 13:41:03.0027 3556 AeLookupSvc - ok 13:41:03.0044 3556 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 13:41:03.0076 3556 AFD - ok 13:41:03.0090 3556 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 13:41:03.0101 3556 agp440 - ok 13:41:03.0113 3556 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 13:41:03.0129 3556 ALG - ok 13:41:03.0142 3556 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 13:41:03.0153 3556 aliide - ok 13:41:03.0167 3556 AMD External Events Utility (e0fd88ead5d8b1fae64a500d1d825c6d) C:\Windows\system32\atiesrxx.exe 13:41:03.0190 3556 AMD External Events Utility - ok 13:41:03.0203 3556 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 13:41:03.0213 3556 amdide - ok 13:41:03.0228 3556 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 13:41:03.0241 3556 AmdK8 - ok 13:41:03.0301 3556 amdkmdag (9337b5fabc03ca44cd355f700da9b25b) C:\Windows\system32\DRIVERS\atipmdag.sys 13:41:03.0383 3556 amdkmdag - ok 13:41:03.0399 3556 amdkmdap (560688a447e7a87f43774a2ff23a3e52) C:\Windows\system32\DRIVERS\atikmpag.sys 13:41:03.0416 3556 amdkmdap - ok 13:41:03.0430 3556 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 13:41:03.0444 3556 AmdPPM - ok 13:41:03.0458 3556 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys 13:41:03.0470 3556 amdsata - ok 13:41:03.0485 3556 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 13:41:03.0498 3556 amdsbs - ok 13:41:03.0512 3556 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys 13:41:03.0523 3556 amdxata - ok 13:41:03.0537 3556 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 13:41:03.0593 3556 AppID - ok 13:41:03.0604 3556 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 13:41:03.0635 3556 AppIDSvc - ok 13:41:03.0646 3556 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 13:41:03.0676 3556 Appinfo - ok 13:41:03.0689 3556 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 13:41:03.0705 3556 AppMgmt - ok 13:41:03.0719 3556 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 13:41:03.0730 3556 arc - ok 13:41:03.0744 3556 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 13:41:03.0756 3556 arcsas - ok 13:41:03.0770 3556 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 13:41:03.0801 3556 AsyncMac - ok 13:41:03.0815 3556 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 13:41:03.0825 3556 atapi - ok 13:41:03.0841 3556 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys 13:41:03.0854 3556 AtiHdmiService - ok 13:41:03.0868 3556 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys 13:41:03.0897 3556 AtiPcie - ok 13:41:03.0913 3556 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 13:41:03.0949 3556 AudioEndpointBuilder - ok 13:41:03.0956 3556 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 13:41:03.0989 3556 AudioSrv - ok 13:41:04.0029 3556 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 13:41:04.0101 3556 AVGIDSAgent - ok 13:41:04.0115 3556 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 13:41:04.0126 3556 AVGIDSDriver - ok 13:41:04.0140 3556 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys 13:41:04.0149 3556 AVGIDSEH - ok 13:41:04.0161 3556 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 13:41:04.0171 3556 AVGIDSFilter - ok 13:41:04.0187 3556 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys 13:41:04.0200 3556 Avgldx64 - ok 13:41:04.0214 3556 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys 13:41:04.0223 3556 Avgmfx64 - ok 13:41:04.0248 3556 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys 13:41:04.0258 3556 Avgrkx64 - ok 13:41:04.0274 3556 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys 13:41:04.0288 3556 Avgtdia - ok 13:41:04.0295 3556 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 13:41:04.0307 3556 avgwd - ok 13:41:04.0319 3556 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 13:41:04.0342 3556 AxInstSV - ok 13:41:04.0359 3556 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 13:41:04.0377 3556 b06bdrv - ok 13:41:04.0393 3556 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 13:41:04.0409 3556 b57nd60a - ok 13:41:04.0422 3556 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 13:41:04.0437 3556 BDESVC - ok 13:41:04.0451 3556 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 13:41:04.0481 3556 Beep - ok 13:41:04.0499 3556 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 13:41:04.0535 3556 BFE - ok 13:41:04.0553 3556 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 13:41:04.0592 3556 BITS - ok 13:41:04.0606 3556 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 13:41:04.0620 3556 blbdrive - ok 13:41:04.0634 3556 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 13:41:04.0650 3556 bowser - ok 13:41:04.0663 3556 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 13:41:04.0686 3556 BrFiltLo - ok 13:41:04.0699 3556 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 13:41:04.0713 3556 BrFiltUp - ok 13:41:04.0725 3556 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 13:41:04.0756 3556 Browser - ok 13:41:04.0772 3556 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 13:41:04.0789 3556 Brserid - ok 13:41:04.0803 3556 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 13:41:04.0818 3556 BrSerWdm - ok 13:41:04.0831 3556 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 13:41:04.0846 3556 BrUsbMdm - ok 13:41:04.0859 3556 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 13:41:04.0872 3556 BrUsbSer - ok 13:41:04.0887 3556 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 13:41:04.0903 3556 BTHMODEM - ok 13:41:04.0914 3556 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 13:41:04.0946 3556 bthserv - ok 13:41:04.0960 3556 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 13:41:04.0991 3556 cdfs - ok 13:41:05.0006 3556 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 13:41:05.0020 3556 cdrom - ok 13:41:05.0033 3556 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 13:41:05.0063 3556 CertPropSvc - ok 13:41:05.0077 3556 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 13:41:05.0092 3556 circlass - ok 13:41:05.0106 3556 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 13:41:05.0122 3556 CLFS - ok 13:41:05.0129 3556 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:41:05.0139 3556 clr_optimization_v2.0.50727_32 - ok 13:41:05.0147 3556 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 13:41:05.0157 3556 clr_optimization_v2.0.50727_64 - ok 13:41:05.0171 3556 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 13:41:05.0184 3556 CmBatt - ok 13:41:05.0208 3556 cmdAgent (cee48ccc4d561ddb19c72f9fb55d28d5) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 13:41:05.0254 3556 cmdAgent - ok 13:41:05.0273 3556 cmdGuard (0599d5a458d4e0e37ab84e9d1c5c73e5) C:\Windows\system32\DRIVERS\cmdguard.sys 13:41:05.0290 3556 cmdGuard - ok 13:41:05.0304 3556 cmdHlp (2d3e08c7106f748f9eff3dec14142d3e) C:\Windows\system32\DRIVERS\cmdhlp.sys 13:41:05.0313 3556 cmdHlp - ok 13:41:05.0327 3556 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 13:41:05.0338 3556 cmdide - ok 13:41:05.0354 3556 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 13:41:05.0377 3556 CNG - ok 13:41:05.0391 3556 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 13:41:05.0402 3556 Compbatt - ok 13:41:05.0416 3556 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 13:41:05.0431 3556 CompositeBus - ok 13:41:05.0441 3556 COMSysApp - ok 13:41:05.0451 3556 cpuz134 - ok 13:41:05.0464 3556 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 13:41:05.0475 3556 crcdisk - ok 13:41:05.0488 3556 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 13:41:05.0519 3556 CryptSvc - ok 13:41:05.0536 3556 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 13:41:05.0555 3556 CSC - ok 13:41:05.0570 3556 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 13:41:05.0590 3556 CscService - ok 13:41:05.0605 3556 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 13:41:05.0640 3556 DcomLaunch - ok 13:41:05.0654 3556 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 13:41:05.0688 3556 defragsvc - ok 13:41:05.0705 3556 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 13:41:05.0736 3556 DfsC - ok 13:41:05.0749 3556 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 13:41:05.0782 3556 Dhcp - ok 13:41:05.0797 3556 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 13:41:05.0828 3556 discache - ok 13:41:05.0842 3556 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 13:41:05.0854 3556 Disk - ok 13:41:05.0866 3556 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 13:41:05.0881 3556 Dnscache - ok 13:41:05.0895 3556 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 13:41:05.0927 3556 dot3svc - ok 13:41:05.0939 3556 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 13:41:05.0970 3556 DPS - ok 13:41:05.0984 3556 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 13:41:05.0998 3556 drmkaud - ok 13:41:06.0019 3556 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 13:41:06.0043 3556 DXGKrnl - ok 13:41:06.0055 3556 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 13:41:06.0087 3556 EapHost - ok 13:41:06.0127 3556 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 13:41:06.0175 3556 ebdrv - ok 13:41:06.0187 3556 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 13:41:06.0201 3556 EFS - ok 13:41:06.0211 3556 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 13:41:06.0234 3556 ehRecvr - ok 13:41:06.0240 3556 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 13:41:06.0255 3556 ehSched - ok 13:41:06.0273 3556 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 13:41:06.0291 3556 elxstor - ok 13:41:06.0305 3556 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 13:41:06.0318 3556 ErrDev - ok 13:41:06.0333 3556 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 13:41:06.0368 3556 EventSystem - ok 13:41:06.0383 3556 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 13:41:06.0415 3556 exfat - ok 13:41:06.0430 3556 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 13:41:06.0463 3556 fastfat - ok 13:41:06.0480 3556 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 13:41:06.0500 3556 Fax - ok 13:41:06.0514 3556 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 13:41:06.0527 3556 fdc - ok 13:41:06.0538 3556 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 13:41:06.0569 3556 fdPHost - ok 13:41:06.0580 3556 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 13:41:06.0611 3556 FDResPub - ok 13:41:06.0625 3556 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 13:41:06.0637 3556 FileInfo - ok 13:41:06.0650 3556 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 13:41:06.0681 3556 Filetrace - ok 13:41:06.0690 3556 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 13:41:06.0732 3556 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning 13:41:06.0732 3556 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1) 13:41:06.0746 3556 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 13:41:06.0759 3556 flpydisk - ok 13:41:06.0775 3556 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 13:41:06.0790 3556 FltMgr - ok 13:41:06.0809 3556 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll 13:41:06.0851 3556 FontCache - ok 13:41:06.0857 3556 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:41:06.0867 3556 FontCache3.0.0.0 - ok 13:41:06.0881 3556 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 13:41:06.0892 3556 FsDepends - ok 13:41:06.0906 3556 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 13:41:06.0917 3556 Fs_Rec - ok 13:41:06.0932 3556 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 13:41:06.0948 3556 fvevol - ok 13:41:06.0962 3556 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 13:41:06.0974 3556 gagp30kx - ok 13:41:06.0991 3556 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 13:41:07.0028 3556 gpsvc - ok 13:41:07.0043 3556 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 13:41:07.0057 3556 hcw85cir - ok 13:41:07.0074 3556 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 13:41:07.0093 3556 HdAudAddService - ok 13:41:07.0108 3556 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 13:41:07.0123 3556 HDAudBus - ok 13:41:07.0137 3556 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 13:41:07.0150 3556 HidBatt - ok 13:41:07.0164 3556 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 13:41:07.0180 3556 HidBth - ok 13:41:07.0194 3556 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 13:41:07.0210 3556 HidIr - ok 13:41:07.0220 3556 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 13:41:07.0251 3556 hidserv - ok 13:41:07.0266 3556 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 13:41:07.0279 3556 HidUsb - ok 13:41:07.0290 3556 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 13:41:07.0320 3556 hkmsvc - ok 13:41:07.0333 3556 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 13:41:07.0349 3556 HomeGroupListener - ok 13:41:07.0361 3556 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 13:41:07.0376 3556 HomeGroupProvider - ok 13:41:07.0391 3556 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 13:41:07.0402 3556 HpSAMD - ok 13:41:07.0419 3556 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 13:41:07.0457 3556 HTTP - ok 13:41:07.0471 3556 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 13:41:07.0481 3556 hwpolicy - ok 13:41:07.0496 3556 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 13:41:07.0510 3556 i8042prt - ok 13:41:07.0527 3556 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys 13:41:07.0543 3556 iaStorV - ok 13:41:07.0555 3556 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 13:41:07.0576 3556 idsvc - ok 13:41:07.0591 3556 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 13:41:07.0602 3556 iirsp - ok 13:41:07.0619 3556 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 13:41:07.0658 3556 IKEEXT - ok 13:41:07.0673 3556 inspect (efff0afd27cc97bf0e5e0bab78419de7) C:\Windows\system32\DRIVERS\inspect.sys 13:41:07.0684 3556 inspect - ok 13:41:07.0717 3556 IntcAzAudAddService (f5872a11eb4f6db170d636cd4e53ca9f) C:\Windows\system32\drivers\RTKVHD64.sys 13:41:07.0772 3556 IntcAzAudAddService - ok 13:41:07.0786 3556 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 13:41:07.0796 3556 intelide - ok 13:41:07.0810 3556 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 13:41:07.0824 3556 intelppm - ok 13:41:07.0836 3556 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 13:41:07.0867 3556 IPBusEnum - ok 13:41:07.0881 3556 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:41:07.0912 3556 IpFilterDriver - ok 13:41:07.0927 3556 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 13:41:07.0962 3556 iphlpsvc - ok 13:41:07.0976 3556 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 13:41:07.0990 3556 IPMIDRV - ok 13:41:08.0004 3556 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 13:41:08.0036 3556 IPNAT - ok 13:41:08.0050 3556 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 13:41:08.0072 3556 IRENUM - ok 13:41:08.0085 3556 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 13:41:08.0096 3556 isapnp - ok 13:41:08.0111 3556 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 13:41:08.0125 3556 iScsiPrt - ok 13:41:08.0140 3556 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 13:41:08.0151 3556 kbdclass - ok 13:41:08.0165 3556 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 13:41:08.0178 3556 kbdhid - ok 13:41:08.0189 3556 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:41:08.0201 3556 KeyIso - ok 13:41:08.0215 3556 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 13:41:08.0227 3556 KSecDD - ok 13:41:08.0242 3556 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 13:41:08.0254 3556 KSecPkg - ok 13:41:08.0268 3556 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 13:41:08.0299 3556 ksthunk - ok 13:41:08.0312 3556 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 13:41:08.0348 3556 KtmRm - ok 13:41:08.0361 3556 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 13:41:08.0393 3556 LanmanServer - ok 13:41:08.0405 3556 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 13:41:08.0436 3556 LanmanWorkstation - ok 13:41:08.0451 3556 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 13:41:08.0483 3556 lltdio - ok 13:41:08.0496 3556 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 13:41:08.0531 3556 lltdsvc - ok 13:41:08.0543 3556 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 13:41:08.0573 3556 lmhosts - ok 13:41:08.0588 3556 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 13:41:08.0600 3556 LSI_FC - ok 13:41:08.0614 3556 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 13:41:08.0626 3556 LSI_SAS - ok 13:41:08.0641 3556 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 13:41:08.0652 3556 LSI_SAS2 - ok 13:41:08.0667 3556 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 13:41:08.0679 3556 LSI_SCSI - ok 13:41:08.0694 3556 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 13:41:08.0726 3556 luafv - ok 13:41:08.0738 3556 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 13:41:08.0752 3556 Mcx2Svc - ok 13:41:08.0766 3556 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 13:41:08.0777 3556 megasas - ok 13:41:08.0792 3556 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 13:41:08.0807 3556 MegaSR - ok 13:41:08.0814 3556 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 13:41:08.0825 3556 Microsoft Office Groove Audit Service - ok 13:41:08.0836 3556 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 13:41:08.0867 3556 MMCSS - ok 13:41:08.0881 3556 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 13:41:08.0912 3556 Modem - ok 13:41:08.0926 3556 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 13:41:08.0940 3556 monitor - ok 13:41:08.0954 3556 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 13:41:08.0966 3556 mouclass - ok 13:41:08.0980 3556 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 13:41:08.0993 3556 mouhid - ok 13:41:09.0007 3556 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 13:41:09.0020 3556 mountmgr - ok 13:41:09.0033 3556 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 13:41:09.0046 3556 mpio - ok 13:41:09.0060 3556 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 13:41:09.0091 3556 mpsdrv - ok 13:41:09.0109 3556 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 13:41:09.0147 3556 MpsSvc - ok 13:41:09.0162 3556 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 13:41:09.0180 3556 MRxDAV - ok 13:41:09.0195 3556 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 13:41:09.0210 3556 mrxsmb - ok 13:41:09.0226 3556 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:41:09.0242 3556 mrxsmb10 - ok 13:41:09.0308 3556 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:41:09.0328 3556 mrxsmb20 - ok 13:41:09.0341 3556 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 13:41:09.0352 3556 msahci - ok 13:41:09.0367 3556 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 13:41:09.0379 3556 msdsm - ok 13:41:09.0391 3556 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 13:41:09.0406 3556 MSDTC - ok 13:41:09.0420 3556 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 13:41:09.0451 3556 Msfs - ok 13:41:09.0464 3556 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 13:41:09.0495 3556 mshidkmdf - ok 13:41:09.0508 3556 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 13:41:09.0519 3556 msisadrv - ok 13:41:09.0531 3556 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 13:41:09.0564 3556 MSiSCSI - ok 13:41:09.0574 3556 msiserver - ok 13:41:09.0588 3556 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 13:41:09.0619 3556 MSKSSRV - ok 13:41:09.0632 3556 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 13:41:09.0663 3556 MSPCLOCK - ok 13:41:09.0676 3556 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 13:41:09.0707 3556 MSPQM - ok 13:41:09.0724 3556 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 13:41:09.0740 3556 MsRPC - ok 13:41:09.0754 3556 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 13:41:09.0764 3556 mssmbios - ok 13:41:09.0778 3556 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 13:41:09.0809 3556 MSTEE - ok 13:41:09.0822 3556 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 13:41:09.0835 3556 MTConfig - ok 13:41:09.0849 3556 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 13:41:09.0860 3556 Mup - ok 13:41:09.0875 3556 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 13:41:09.0910 3556 napagent - ok 13:41:09.0927 3556 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 13:41:09.0946 3556 NativeWifiP - ok 13:41:09.0968 3556 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 13:41:09.0991 3556 NDIS - ok 13:41:10.0005 3556 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 13:41:10.0037 3556 NdisCap - ok 13:41:10.0051 3556 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 13:41:10.0081 3556 NdisTapi - ok 13:41:10.0095 3556 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 13:41:10.0125 3556 Ndisuio - ok 13:41:10.0140 3556 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 13:41:10.0171 3556 NdisWan - ok 13:41:10.0185 3556 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 13:41:10.0215 3556 NDProxy - ok 13:41:10.0229 3556 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 13:41:10.0260 3556 NetBIOS - ok 13:41:10.0275 3556 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 13:41:10.0307 3556 NetBT - ok 13:41:10.0318 3556 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:41:10.0331 3556 Netlogon - ok 13:41:10.0345 3556 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 13:41:10.0379 3556 Netman - ok 13:41:10.0395 3556 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 13:41:10.0430 3556 netprofm - ok 13:41:10.0437 3556 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 13:41:10.0463 3556 NetTcpPortSharing - ok 13:41:10.0477 3556 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 13:41:10.0488 3556 nfrd960 - ok 13:41:10.0502 3556 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 13:41:10.0534 3556 NlaSvc - ok 13:41:10.0549 3556 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys 13:41:10.0574 3556 nmwcd - ok 13:41:10.0588 3556 nmwcdc (41c1ac1f3613435eb32d67bcb80a5fa5) C:\Windows\system32\drivers\ccdcmbox64.sys 13:41:10.0610 3556 nmwcdc - ok 13:41:10.0624 3556 nmwcdnsucx64 (a962be6433ef016e0dfb52eca15a5378) C:\Windows\system32\drivers\nmwcdnsucx64.sys 13:41:10.0646 3556 nmwcdnsucx64 - ok 13:41:10.0662 3556 nmwcdnsux64 (9573223e205907247ae6d948e3453770) C:\Windows\system32\drivers\nmwcdnsux64.sys 13:41:10.0686 3556 nmwcdnsux64 - ok 13:41:10.0700 3556 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 13:41:10.0730 3556 Npfs - ok 13:41:10.0742 3556 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 13:41:10.0772 3556 nsi - ok 13:41:10.0786 3556 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 13:41:10.0817 3556 nsiproxy - ok 13:41:10.0848 3556 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys 13:41:10.0882 3556 Ntfs - ok 13:41:10.0898 3556 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 13:41:10.0928 3556 Null - ok 13:41:10.0943 3556 nusb3hub (088cd71003f21f96f01c63955150a1fb) C:\Windows\system32\DRIVERS\nusb3hub.sys 13:41:10.0955 3556 nusb3hub - ok 13:41:10.0970 3556 nusb3xhc (d90a2d44e93daea47aea946d9e87000f) C:\Windows\system32\DRIVERS\nusb3xhc.sys 13:41:10.0983 3556 nusb3xhc - ok 13:41:10.0999 3556 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys 13:41:11.0011 3556 nvraid - ok 13:41:11.0026 3556 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys 13:41:11.0039 3556 nvstor - ok 13:41:11.0054 3556 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 13:41:11.0066 3556 nv_agp - ok 13:41:11.0074 3556 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 13:41:11.0090 3556 odserv - ok 13:41:11.0105 3556 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 13:41:11.0118 3556 ohci1394 - ok 13:41:11.0125 3556 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 13:41:11.0136 3556 ose - ok 13:41:11.0151 3556 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 13:41:11.0169 3556 p2pimsvc - ok 13:41:11.0184 3556 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 13:41:11.0201 3556 p2psvc - ok 13:41:11.0216 3556 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 13:41:11.0229 3556 Parport - ok 13:41:11.0244 3556 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 13:41:11.0255 3556 partmgr - ok 13:41:11.0268 3556 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 13:41:11.0286 3556 PcaSvc - ok 13:41:11.0299 3556 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 13:41:11.0320 3556 pccsmcfd - ok 13:41:11.0335 3556 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 13:41:11.0348 3556 pci - ok 13:41:11.0362 3556 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 13:41:11.0372 3556 pciide - ok 13:41:11.0387 3556 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 13:41:11.0401 3556 pcmcia - ok 13:41:11.0415 3556 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 13:41:11.0426 3556 pcw - ok 13:41:11.0444 3556 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 13:41:11.0482 3556 PEAUTH - ok 13:41:11.0506 3556 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 13:41:11.0534 3556 PeerDistSvc - ok 13:41:11.0546 3556 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 13:41:11.0560 3556 PerfHost - ok 13:41:11.0584 3556 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 13:41:11.0629 3556 pla - ok 13:41:11.0644 3556 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 13:41:11.0662 3556 PlugPlay - ok 13:41:11.0673 3556 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 13:41:11.0687 3556 PNRPAutoReg - ok 13:41:11.0700 3556 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 13:41:11.0715 3556 PNRPsvc - ok 13:41:11.0730 3556 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 13:41:11.0764 3556 PolicyAgent - ok 13:41:11.0777 3556 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 13:41:11.0810 3556 Power - ok 13:41:11.0825 3556 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 13:41:11.0855 3556 PptpMiniport - ok 13:41:11.0869 3556 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 13:41:11.0883 3556 Processor - ok 13:41:11.0896 3556 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 13:41:11.0928 3556 ProfSvc - ok 13:41:11.0940 3556 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:41:11.0952 3556 ProtectedStorage - ok 13:41:11.0967 3556 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 13:41:11.0998 3556 Psched - ok 13:41:12.0012 3556 PxHlpa64 (a6bf0a9b5a30d743623ca0d3be35df05) C:\Windows\system32\Drivers\PxHlpa64.sys 13:41:12.0022 3556 PxHlpa64 - ok 13:41:12.0047 3556 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 13:41:12.0079 3556 ql2300 - ok 13:41:12.0094 3556 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 13:41:12.0106 3556 ql40xx - ok 13:41:12.0119 3556 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 13:41:12.0138 3556 QWAVE - ok 13:41:12.0152 3556 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 13:41:12.0168 3556 QWAVEdrv - ok 13:41:12.0182 3556 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 13:41:12.0213 3556 RasAcd - ok 13:41:12.0227 3556 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 13:41:12.0258 3556 RasAgileVpn - ok 13:41:12.0272 3556 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 13:41:12.0304 3556 RasAuto - ok 13:41:12.0319 3556 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 13:41:12.0349 3556 Rasl2tp - ok 13:41:12.0363 3556 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 13:41:12.0396 3556 RasMan - ok 13:41:12.0411 3556 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 13:41:12.0444 3556 RasPppoe - ok 13:41:12.0458 3556 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 13:41:12.0490 3556 RasSstp - ok 13:41:12.0506 3556 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 13:41:12.0538 3556 rdbss - ok 13:41:12.0553 3556 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 13:41:12.0568 3556 rdpbus - ok 13:41:12.0581 3556 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 13:41:12.0612 3556 RDPCDD - ok 13:41:12.0628 3556 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 13:41:12.0642 3556 RDPDR - ok 13:41:12.0657 3556 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 13:41:12.0687 3556 RDPENCDD - ok 13:41:12.0703 3556 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 13:41:12.0733 3556 RDPREFMP - ok 13:41:12.0750 3556 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 13:41:12.0763 3556 RdpVideoMiniport - ok 13:41:12.0779 3556 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 13:41:12.0806 3556 RDPWD - ok 13:41:12.0822 3556 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 13:41:12.0835 3556 rdyboost - ok 13:41:12.0843 3556 ReflectService.exe (943ade1dd6789432419a87bb85884322) C:\Program Files\Macrium\Reflect\ReflectService.exe 13:41:12.0857 3556 ReflectService.exe - ok 13:41:12.0869 3556 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 13:41:12.0901 3556 RemoteAccess - ok 13:41:12.0914 3556 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 13:41:12.0947 3556 RemoteRegistry - ok 13:41:12.0956 3556 RichVideo64 (0b169fe016039571ecc6db70073f8979) C:\Program Files\CyberLink\Shared files\RichVideo64.exe 13:41:12.0970 3556 RichVideo64 - ok 13:41:12.0982 3556 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 13:41:13.0013 3556 RpcEptMapper - ok 13:41:13.0025 3556 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 13:41:13.0038 3556 RpcLocator - ok 13:41:13.0053 3556 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 13:41:13.0087 3556 RpcSs - ok 13:41:13.0101 3556 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 13:41:13.0133 3556 rspndr - ok 13:41:13.0150 3556 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys 13:41:13.0175 3556 RTL8167 - ok 13:41:13.0189 3556 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 13:41:13.0202 3556 s3cap - ok 13:41:13.0214 3556 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:41:13.0226 3556 SamSs - ok 13:41:13.0232 3556 SbieDrv (742112ce7abb11dc17a561b4291be9c6) C:\Program Files\Sandboxie\SbieDrv.sys 13:41:13.0256 3556 SbieDrv - ok 13:41:13.0261 3556 SbieSvc (2419ed7e333b2bc2f81e50a6f5923fc6) C:\Program Files\Sandboxie\SbieSvc.exe 13:41:13.0271 3556 SbieSvc - ok 13:41:13.0286 3556 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 13:41:13.0298 3556 sbp2port - ok 13:41:13.0311 3556 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 13:41:13.0347 3556 SCardSvr - ok 13:41:13.0361 3556 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 13:41:13.0391 3556 scfilter - ok 13:41:13.0410 3556 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 13:41:13.0452 3556 Schedule - ok 13:41:13.0464 3556 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 13:41:13.0493 3556 SCPolicySvc - ok 13:41:13.0506 3556 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 13:41:13.0522 3556 SDRSVC - ok 13:41:13.0536 3556 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 13:41:13.0566 3556 secdrv - ok 13:41:13.0578 3556 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 13:41:13.0608 3556 seclogon - ok 13:41:13.0620 3556 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 13:41:13.0652 3556 SENS - ok 13:41:13.0664 3556 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 13:41:13.0678 3556 SensrSvc - ok 13:41:13.0693 3556 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 13:41:13.0706 3556 Serenum - ok 13:41:13.0721 3556 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 13:41:13.0735 3556 Serial - ok 13:41:13.0750 3556 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 13:41:13.0763 3556 sermouse - ok 13:41:13.0773 3556 ServiceLayer (668043f192ab9659761a349a4703600d) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 13:41:13.0792 3556 ServiceLayer - ok 13:41:13.0807 3556 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 13:41:13.0839 3556 SessionEnv - ok 13:41:13.0853 3556 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 13:41:13.0869 3556 sffdisk - ok 13:41:13.0883 3556 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 13:41:13.0898 3556 sffp_mmc - ok 13:41:13.0912 3556 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 13:41:13.0928 3556 sffp_sd - ok 13:41:13.0942 3556 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 13:41:13.0956 3556 sfloppy - ok 13:41:13.0970 3556 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 13:41:14.0005 3556 SharedAccess - ok 13:41:14.0020 3556 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 13:41:14.0054 3556 ShellHWDetection - ok 13:41:14.0068 3556 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 13:41:14.0079 3556 SiSRaid2 - ok 13:41:14.0093 3556 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 13:41:14.0105 3556 SiSRaid4 - ok 13:41:14.0119 3556 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 13:41:14.0151 3556 Smb - ok 13:41:14.0164 3556 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 13:41:14.0178 3556 SNMPTRAP - ok 13:41:14.0192 3556 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 13:41:14.0203 3556 spldr - ok 13:41:14.0218 3556 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 13:41:14.0254 3556 Spooler - ok 13:41:14.0293 3556 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 13:41:14.0361 3556 sppsvc - ok 13:41:14.0377 3556 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 13:41:14.0409 3556 sppuinotify - ok 13:41:14.0428 3556 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 13:41:14.0446 3556 srv - ok 13:41:14.0464 3556 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 13:41:14.0481 3556 srv2 - ok 13:41:14.0496 3556 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 13:41:14.0510 3556 srvnet - ok 13:41:14.0523 3556 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 13:41:14.0556 3556 SSDPSRV - ok 13:41:14.0572 3556 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys 13:41:14.0581 3556 SSPORT - ok 13:41:14.0593 3556 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 13:41:14.0625 3556 SstpSvc - ok 13:41:14.0639 3556 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 13:41:14.0649 3556 stexstor - ok 13:41:14.0665 3556 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 13:41:14.0689 3556 stisvc - ok 13:41:14.0703 3556 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 13:41:14.0714 3556 storflt - ok 13:41:14.0728 3556 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 13:41:14.0739 3556 storvsc - ok 13:41:14.0753 3556 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 13:41:14.0764 3556 swenum - ok 13:41:14.0779 3556 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 13:41:14.0815 3556 swprv - ok 13:41:14.0829 3556 Synth3dVsc - ok 13:41:14.0854 3556 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 13:41:14.0890 3556 SysMain - ok 13:41:14.0902 3556 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 13:41:14.0920 3556 TabletInputService - ok 13:41:14.0934 3556 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 13:41:14.0968 3556 TapiSrv - ok 13:41:14.0978 3556 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 13:41:15.0010 3556 TBS - ok 13:41:15.0038 3556 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 13:41:15.0076 3556 Tcpip - ok 13:41:15.0105 3556 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 13:41:15.0137 3556 TCPIP6 - ok 13:41:15.0153 3556 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 13:41:15.0183 3556 tcpipreg - ok 13:41:15.0198 3556 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 13:41:15.0211 3556 TDPIPE - ok 13:41:15.0225 3556 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 13:41:15.0246 3556 TDTCP - ok 13:41:15.0261 3556 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 13:41:15.0292 3556 tdx - ok 13:41:15.0306 3556 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 13:41:15.0318 3556 TermDD - ok 13:41:15.0334 3556 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 13:41:15.0371 3556 TermService - ok 13:41:15.0383 3556 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 13:41:15.0400 3556 Themes - ok 13:41:15.0413 3556 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 13:41:15.0443 3556 THREADORDER - ok 13:41:15.0456 3556 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 13:41:15.0488 3556 TrkWks - ok 13:41:15.0494 3556 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 13:41:15.0526 3556 TrustedInstaller - ok 13:41:15.0550 3556 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 13:41:15.0579 3556 tssecsrv - ok 13:41:15.0594 3556 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 13:41:15.0650 3556 TsUsbFlt - ok 13:41:15.0664 3556 tsusbhub - ok 13:41:15.0680 3556 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 13:41:15.0711 3556 tunnel - ok 13:41:15.0725 3556 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 13:41:15.0737 3556 uagp35 - ok 13:41:15.0754 3556 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 13:41:15.0786 3556 udfs - ok 13:41:15.0800 3556 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 13:41:15.0816 3556 UI0Detect - ok 13:41:15.0830 3556 UimBus (34859d3801f4bd3dacfa131dd928455a) C:\Windows\system32\DRIVERS\uimx64.sys 13:41:15.0841 3556 UimBus - ok 13:41:15.0860 3556 Uim_IM (d3ce4776e7ffb25e6935b1c797f4650c) C:\Windows\system32\Drivers\Uim_IMx64.sys 13:41:15.0877 3556 Uim_IM - ok 13:41:15.0895 3556 Uim_VIM (532e4bed5c7803b2ee5681818b2528b7) C:\Windows\system32\Drivers\uim_vimx64.sys 13:41:15.0909 3556 Uim_VIM - ok 13:41:15.0924 3556 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 13:41:15.0936 3556 uliagpkx - ok 13:41:15.0951 3556 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 13:41:15.0965 3556 umbus - ok 13:41:15.0979 3556 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 13:41:15.0992 3556 UmPass - ok 13:41:16.0006 3556 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 13:41:16.0022 3556 UmRdpService - ok 13:41:16.0037 3556 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 13:41:16.0072 3556 upnphost - ok 13:41:16.0086 3556 upperdev (4e93c8496359e97830c75ac36393654d) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 13:41:16.0110 3556 upperdev - ok 13:41:16.0124 3556 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys 13:41:16.0139 3556 usbccgp - ok 13:41:16.0154 3556 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 13:41:16.0169 3556 usbcir - ok 13:41:16.0184 3556 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys 13:41:16.0198 3556 usbehci - ok 13:41:16.0215 3556 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys 13:41:16.0232 3556 usbhub - ok 13:41:16.0247 3556 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys 13:41:16.0260 3556 usbohci - ok 13:41:16.0275 3556 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 13:41:16.0289 3556 usbprint - ok 13:41:16.0303 3556 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys 13:41:16.0318 3556 usbser - ok 13:41:16.0333 3556 UsbserFilt (8844cb19a37b65e27049d4a7786726a9) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys 13:41:16.0356 3556 UsbserFilt - ok 13:41:16.0371 3556 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:41:16.0385 3556 USBSTOR - ok 13:41:16.0400 3556 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys 13:41:16.0413 3556 usbuhci - ok 13:41:16.0425 3556 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 13:41:16.0459 3556 UxSms - ok 13:41:16.0470 3556 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:41:16.0483 3556 VaultSvc - ok 13:41:16.0497 3556 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 13:41:16.0508 3556 vdrvroot - ok 13:41:16.0524 3556 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 13:41:16.0559 3556 vds - ok 13:41:16.0574 3556 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 13:41:16.0589 3556 vga - ok 13:41:16.0603 3556 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 13:41:16.0634 3556 VgaSave - ok 13:41:16.0648 3556 VGPU - ok 13:41:16.0665 3556 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 13:41:16.0679 3556 vhdmp - ok 13:41:16.0693 3556 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 13:41:16.0704 3556 viaide - ok 13:41:16.0720 3556 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 13:41:16.0733 3556 vmbus - ok 13:41:16.0748 3556 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 13:41:16.0760 3556 VMBusHID - ok 13:41:16.0776 3556 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 13:41:16.0787 3556 volmgr - ok 13:41:16.0804 3556 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 13:41:16.0820 3556 volmgrx - ok 13:41:16.0837 3556 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 13:41:16.0853 3556 volsnap - ok 13:41:16.0869 3556 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 13:41:16.0882 3556 vsmraid - ok 13:41:16.0906 3556 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 13:41:16.0950 3556 VSS - ok 13:41:16.0966 3556 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 13:41:16.0981 3556 vwifibus - ok 13:41:16.0995 3556 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 13:41:17.0031 3556 W32Time - ok 13:41:17.0047 3556 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 13:41:17.0060 3556 WacomPen - ok 13:41:17.0076 3556 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 13:41:17.0106 3556 WANARP - ok 13:41:17.0109 3556 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 13:41:17.0138 3556 Wanarpv6 - ok 13:41:17.0162 3556 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 13:41:17.0192 3556 wbengine - ok 13:41:17.0206 3556 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 13:41:17.0225 3556 WbioSrvc - ok 13:41:17.0239 3556 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 13:41:17.0260 3556 wcncsvc - ok 13:41:17.0272 3556 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 13:41:17.0287 3556 WcsPlugInService - ok 13:41:17.0302 3556 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 13:41:17.0312 3556 Wd - ok 13:41:17.0332 3556 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 13:41:17.0351 3556 Wdf01000 - ok 13:41:17.0364 3556 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 13:41:17.0391 3556 WdiServiceHost - ok 13:41:17.0394 3556 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 13:41:17.0411 3556 WdiSystemHost - ok 13:41:17.0425 3556 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 13:41:17.0446 3556 WebClient - ok 13:41:17.0460 3556 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 13:41:17.0494 3556 Wecsvc - ok 13:41:17.0506 3556 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 13:41:17.0538 3556 wercplsupport - ok 13:41:17.0551 3556 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 13:41:17.0583 3556 WerSvc - ok 13:41:17.0598 3556 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 13:41:17.0629 3556 WfpLwf - ok 13:41:17.0644 3556 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 13:41:17.0654 3556 WIMMount - ok 13:41:17.0658 3556 WinDefend - ok 13:41:17.0660 3556 WinHttpAutoProxySvc - ok 13:41:17.0676 3556 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 13:41:17.0709 3556 Winmgmt - ok 13:41:17.0736 3556 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 13:41:17.0788 3556 WinRM - ok 13:41:17.0806 3556 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 13:41:17.0822 3556 WinUsb - ok 13:41:17.0841 3556 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 13:41:17.0867 3556 Wlansvc - ok 13:41:17.0882 3556 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 13:41:17.0895 3556 WmiAcpi - ok 13:41:17.0912 3556 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 13:41:17.0928 3556 wmiApSrv - ok 13:41:17.0931 3556 WMPNetworkSvc - ok 13:41:17.0943 3556 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 13:41:17.0957 3556 WPCSvc - ok 13:41:17.0970 3556 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 13:41:17.0987 3556 WPDBusEnum - ok 13:41:18.0001 3556 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 13:41:18.0032 3556 ws2ifsl - ok 13:41:18.0044 3556 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 13:41:18.0062 3556 wscsvc - ok 13:41:18.0073 3556 WSearch - ok 13:41:18.0101 3556 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 13:41:18.0157 3556 wuauserv - ok 13:41:18.0172 3556 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 13:41:18.0203 3556 WudfPf - ok 13:41:18.0218 3556 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 13:41:18.0250 3556 WUDFRd - ok 13:41:18.0262 3556 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 13:41:18.0292 3556 wudfsvc - ok 13:41:18.0306 3556 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 13:41:18.0325 3556 WwanSvc - ok 13:41:18.0330 3556 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 13:41:18.0359 3556 \Device\Harddisk0\DR0 - ok 13:41:18.0360 3556 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1 13:41:18.0427 3556 \Device\Harddisk1\DR1 - ok 13:41:18.0434 3556 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2 13:41:18.0566 3556 \Device\Harddisk2\DR2 - ok 13:41:18.0567 3556 Boot (0x1200) (c1e7289526f1488585aa93657b17f3e8) \Device\Harddisk0\DR0\Partition0 13:41:18.0568 3556 \Device\Harddisk0\DR0\Partition0 - ok 13:41:18.0568 3556 Boot (0x1200) (bbf02225c6b79d0df5becfba49094375) \Device\Harddisk0\DR0\Partition1 13:41:18.0569 3556 \Device\Harddisk0\DR0\Partition1 - ok 13:41:18.0570 3556 Boot (0x1200) (02bde9c5a37c692cca6aef4a80575d73) \Device\Harddisk1\DR1\Partition0 13:41:18.0571 3556 \Device\Harddisk1\DR1\Partition0 - ok 13:41:18.0571 3556 Boot (0x1200) (926888faff2e88ef8e1c0e3888528d9d) \Device\Harddisk1\DR1\Partition1 13:41:18.0572 3556 \Device\Harddisk1\DR1\Partition1 - ok 13:41:18.0573 3556 Boot (0x1200) (bffac1465be97d9e04c18b9ab8b04a4f) \Device\Harddisk1\DR1\Partition2 13:41:18.0574 3556 \Device\Harddisk1\DR1\Partition2 - ok 13:41:18.0576 3556 Boot (0x1200) (3a0384995f02ae85daf1e85c96e259f5) \Device\Harddisk2\DR2\Partition0 13:41:18.0578 3556 \Device\Harddisk2\DR2\Partition0 - ok 13:41:18.0578 3556 ============================================================ 13:41:18.0578 3556 Scan finished 13:41:18.0578 3556 ============================================================ 13:41:19.0120 4804 Deinitialize success ============================================== System Restore Point Check: TDSSKiller Starter Restore Point Created Succesfully ============================================== EOF .................................................. ComboFix 12-04-04.02 - Desktop1 06-04-2012 13:49:28.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.12031.10858 [GMT 2:00] Gestart vanuit: c:\users\Desktop1\Desktop\ComboFix.exe AV
  • ComboFix 12-04-04.02 - Desktop1 06-04-2012 13:49:28.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.12031.10858 [GMT 2:00] Gestart vanuit: c:\users\Desktop1\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . F:\install.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-03-06 to 2012-04-06 )))))))))))))))))))))))))))))) . . 2012-04-06 11:40 . 2012-04-06 11:41 -------- d-----w- C:\TDSSStarter 2012-04-06 11:02 . 2012-04-06 11:02 -------- d-----w- C:\archive_db 2012-04-06 10:58 . 2012-04-06 10:58 -------- d-----w- c:\programdata\backup 2012-04-06 10:58 . 2012-04-06 10:58 -------- d-----w- c:\programdata\explauncher 2012-04-06 10:58 . 2012-04-06 10:58 -------- d-----w- c:\programdata\launcher 2012-04-06 10:57 . 2012-04-06 10:57 -------- d-----w- c:\program files (x86)\Paragon Software 2012-04-06 09:27 . 2012-04-06 09:28 -------- d-----w- c:\program files (x86)\Scan Assistant 2012-04-06 09:27 . 2012-04-06 09:27 -------- d-----w- c:\program files\Common Files\Common Desktop Agent 2012-04-06 09:27 . 2012-04-06 09:27 -------- d-----w- c:\program files (x86)\Common Files\Common Desktop Agent 2012-04-06 09:26 . 2012-04-06 09:27 -------- d-----w- c:\program files (x86)\Samsung 2012-04-05 19:30 . 2012-04-06 09:27 -------- d-----w- c:\users\Desktop1\AppData\Roaming\Samsung 2012-04-05 19:29 . 2011-12-20 10:53 149880 ----a-w- c:\windows\Wiainst64.exe 2012-04-05 19:29 . 2011-03-21 08:37 49152 ----a-r- c:\windows\SysWow64\Ssusbpn.dll 2012-04-05 19:29 . 2011-03-21 08:37 43520 ----a-r- c:\windows\system32\Ssusbp64.dll 2012-04-05 19:29 . 2011-03-18 05:49 323072 ----a-r- c:\windows\system32\SaMinDrv.dll 2012-04-05 19:29 . 2011-03-18 05:49 123904 ----a-r- c:\windows\system32\SaImgFlt.dll 2012-04-05 19:29 . 2011-03-18 05:49 55296 ----a-r- c:\windows\system32\SaErHdlr.dll 2012-04-05 19:29 . 2012-04-06 09:27 -------- d-----w- c:\programdata\Samsung 2012-04-05 19:29 . 2011-05-02 04:40 36864 ----a-w- c:\windows\system32\Spool\prtprocs\x64\ssm1mpc.dll 2012-04-05 19:28 . 2011-05-02 04:40 34304 ----a-w- c:\windows\system32\ssm1mlm.dll 2012-04-05 19:28 . 2011-03-22 08:31 151552 ----a-w- c:\windows\system32\ssm1mci.exe 2012-04-05 19:28 . 2011-03-22 08:31 89600 ----a-w- c:\windows\system32\ssm1mci.dll 2012-04-05 06:15 . 2012-04-05 06:15 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-03-31 15:58 . 2012-03-31 15:58 -------- d-----w- c:\users\Desktop1\AppData\Roaming\Malwarebytes 2012-03-31 15:58 . 2012-03-31 15:58 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-03-31 15:58 . 2012-03-31 15:58 -------- d-----w- c:\programdata\Malwarebytes 2012-03-31 15:58 . 2011-12-10 13:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-31 13:28 . 2012-03-31 13:28 -------- d--h--w- c:\programdata\CanonIJEGV 2012-03-29 14:48 . 2012-03-29 14:29 13464 ----a-w- c:\windows\system32\drivers\PSVolAcc.sys 2012-03-29 14:48 . 2012-03-29 14:29 43672 ----a-w- c:\windows\system32\drivers\psmounter.sys 2012-03-26 17:12 . 2012-04-05 06:34 -------- d-----w- c:\users\Desktop1\AppData\Roaming\QuickScan 2012-03-18 18:56 . 2012-03-18 18:56 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll 2012-03-18 18:56 . 2012-03-18 18:56 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll 2012-03-16 20:06 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-03-16 20:06 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-03-16 20:06 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-03-16 20:06 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-03-16 20:06 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll 2012-03-16 20:06 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-03-16 20:06 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll 2012-03-16 20:06 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-03-16 20:06 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-03-16 20:06 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-03-16 20:06 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-03-13 18:31 . 2012-03-13 19:50 -------- d-----w- c:\users\Desktop1\AppData\Roaming\Belastingdienst 2012-03-12 18:40 . 2012-03-12 18:40 -------- d-----w- c:\users\Desktop1\AppData\Roaming\f-secure 2012-03-12 18:40 . 2012-03-12 18:40 -------- d-----w- c:\programdata\F-Secure . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-05 06:15 . 2011-09-21 14:20 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-03-11 21:13 . 2011-06-30 07:38 43248 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2012-03-11 21:13 . 2011-06-30 07:38 577824 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2012-03-11 21:13 . 2011-06-30 07:38 22696 ----a-w- c:\windows\system32\drivers\cmderd.sys 2012-03-11 21:13 . 2011-10-21 11:23 41200 ----a-w- c:\windows\system32\cmdcsr.dll 2012-03-11 21:13 . 2011-06-30 07:37 301224 ----a-w- c:\windows\SysWow64\guard32.dll 2012-03-11 21:13 . 2011-06-30 07:37 389840 ----a-w- c:\windows\system32\guard64.dll 2012-03-02 08:38 . 2011-09-27 15:04 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2011-08-27 638736] "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608] "NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2011-11-01 1053056] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 98304] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-03-30 113296] "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk&inst=NzctNzMxNzQ3NjkxLVNUMTJGT0krMS1ERFQrMC1FVUxBKzEtU1QxMkZBUFArMQ&prod=90&ver=2012.0.1809&mid=976a9517da6947d1bcbe6de7838a48a8-9f94b7e529eeb543e61c8400f77cb52237492586" [?] . c:\users\Desktop1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Spamihilator.lnk - c:\program files\Spamihilator\spamihilator.exe [2011-11-10 2430464] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 253600] R3 cpuz134;cpuz134;c:\users\Desktop1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x] R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x] R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x] S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x] S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x] S1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys [x] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776] S2 ReflectService.exe;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2012-03-29 301720] S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344] S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x] S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 06:15] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-09-21 11057768] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096] "CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2010-12-17 438784] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\guard64.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 Trusted Zone: samsungsetup.com\www TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Desktop1\AppData\Roaming\Mozilla\Firefox\Profiles\wx8rcqhc.default\ . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.9" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] @Denied: (A 2) (Everyone) @="IFlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*] "v5Licence0"="15-ZPW3-5BEC-7GJ2-91R9-ME4S-MP2VRN5" "Activated"="Y" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-04-06 13:57:50 - machine werd herstart ComboFix-quarantined-files.txt 2012-04-06 11:57 . Pre-Run: 58.772.000.768 bytes beschikbaar Post-Run: 58.489.098.240 bytes beschikbaar . - - End Of File - - 1F7B1C9D50606E665582D3C08C13A30E
  • Heb je F-Secure als demoversie uitgeprobeerd? Zorg ervoor dat alle openstaande webbrowservensters gesloten zijn. Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:e045e7bb47]Kladblok (of Notepad)[/b:e045e7bb47]". . Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster [b:e045e7bb47][color=#0000FF:e045e7bb47]ClearJavaCache:: Folder:: c:\programdata\F-Secure[/color:e045e7bb47][/b:e045e7bb47] Sla dit kladblokbestand op je bureaublad op als [b:e045e7bb47]CFScript.txt[/b:e045e7bb47]. [b:e045e7bb47][color=#FF0000:e045e7bb47]Nu eerst de antivirus deaktiveren![/color:e045e7bb47][/b:e045e7bb47] Sleep CFScript.txt in ComboFix.exe [img:e045e7bb47]http://crew.nucia.eu/smeenk/CFScript.gif[/img:e045e7bb47] Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt. Post het Combofix log dat na het opnieuw starten wordt getoond! Ingeval Combofix je computer opnieuw heeft opgestart (of jij dat hebt gedaan), vindt je het log ook in [b:e045e7bb47]C:\Combofix.txt[/b:e045e7bb47] [b:e045e7bb47]Belangrijke opmerking[/b:e045e7bb47]: [list:e045e7bb47][*:e045e7bb47][b:e045e7bb47][color=Red:e045e7bb47]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:e045e7bb47][/b:e045e7bb47] [*:e045e7bb47][b:e045e7bb47][color=blue:e045e7bb47]Illegal operation attempted on a registery key that has been marked for deletion.[/color:e045e7bb47][/b:e045e7bb47] [*:e045e7bb47][b:e045e7bb47][color=Red:e045e7bb47]Start dan de computer opnieuw op.[/color:e045e7bb47][/b:e045e7bb47][/list:u:e045e7bb47]
  • Heb je F-Secure als demoversie uitgeprobeerd? Ik gebruik naast avg f-secure regelmatig als online scanner. Moet ik desondanks jouw verdere instructies volgen met clearjavacache::? En heb je verder nog iets kunnen vinden in verband met lsass.exe? Bedankt,
  • Ik schoon mijn computer ook met CCleaner. Kun je dat ook zo instellen dat het de cache verwijdert? Er staat iets van cache bij geavanceerd: dns cache, systeemvakcache en lettertype cache. Of haal ik nu dingen door elkaar?
  • Laat het ComboFixscript maar achterwege inderdaad, indien het enkel de F-Secure onlinescanner betreft. Wat betreft die mappen: laat Windows die maar beheren. [b:56f7905949][url=http://www.eset.com/onlinescan/]Doe de ESET online scan (Klik).[/url][/b:56f7905949] [list:56f7905949] [*:56f7905949]Klik op de knop [b:56f7905949]ESET Online Scanner[/b:56f7905949] [*:56f7905949]Zet een vinkje bij [b:56f7905949]YES, I accept the Terms of Use[/b:56f7905949] [*:56f7905949]Klik op [b:56f7905949]Start[/b:56f7905949] [*:56f7905949]Sta het ActiveX control toe om te installeren. [*:56f7905949]Zet een vinkje bij de volgende opties: [list:56f7905949][*:56f7905949][b:56f7905949]Remove found threats[/b:56f7905949] [*:56f7905949][b:56f7905949]Scan archives[/b:56f7905949][/list:u:56f7905949] [*:56f7905949]Klik vervolgens op [b:56f7905949][color=#0000FF:56f7905949]"Advanced Settings"[/color:56f7905949][/b:56f7905949] [list:56f7905949][*:56f7905949][b:56f7905949]Scan for potentially unwanted applications[/b:56f7905949] [*:56f7905949][b:56f7905949]Scan for potentially unsafe applications[/b:56f7905949] [*:56f7905949][b:56f7905949]Enable Anti-Stealth technology [/b:56f7905949][/list:u:56f7905949] [*:56f7905949]Klik op [b:56f7905949]Start[/b:56f7905949] [*:56f7905949]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:56f7905949]is de scan klaar, daarna mag jij het venster sluiten omdat de scan klaar is. [*:56f7905949]Ga vervolgens naar C:\Program Files\ESET\ESET Online Scanner en klik daar op log.txt [*:56f7905949]Selekteer, kopieer en plak dan de inhoud van dit log in je volgende bericht.[/list:u:56f7905949] [color=#0000FF:56f7905949][b:56f7905949]N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller![/b:56f7905949][/color:56f7905949]
  • Hier de resultaten: ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=3604d7a1a4f26d40bd5b0c4643b9ff63 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-04-08 08:01:25 # local_time=2012-04-08 10:01:25 (+0100, West-Europa (zomertijd)) # country="Netherlands" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1024 16777215 100 0 17297759 17297759 0 0 # compatibility_mode=3073 16777213 80 71 2330076 9593981 0 0 # compatibility_mode=5893 16776574 100 94 17283990 85541415 0 0 # compatibility_mode=8192 67108863 100 0 134 134 0 0 # scanned=175123 # found=8 # cleaned=8 # scan_time=3720 C:\Users\Desktop1\Downloads\cnet2_dvdflick_setup_1_3_0_7_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Desktop1\Downloads\cnet_SopCast_zip.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Desktop1\Downloads\CrystalDiskMark3_0_1b-en.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\Desktop1\Downloads\SoftonicDownloader_for_sopcast.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C H:\laptop schijf D juli 2008\verwisselbare schijf november 2006\NOD32\NOD32-FiX 1.8.exe Win32/RiskWare.HackAV.FU application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C H:\Nieuwe map\nieuw HDD\Install\NOD32\NOD32-FiX 1.8.exe Win32/RiskWare.HackAV.FU application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C H:\Nieuwe map\nieuw HDD\laptop schijf D juli 2008\verwisselbare schijf november 2006\NOD32\NOD32-FiX 1.8.exe Win32/RiskWare.HackAV.FU application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C H:\Nieuwe map\nieuw HDD\laptop schijf D juli 2008\verwisselbare schijf november 2006\WINRAR\WinRAR v3.60 corporate FINAL.rar probably a variant of Win32/Agent.FTMYHHE trojan (deleted - quarantined) 00000000000000000000000000000000 C
  • Hallo Jan, een kleine waarschuwing over het downloaden via CNET en SofTonic. De downloads van deze sites zitten in een wrapper. Die van CNET is wat dat betreft onschuldiger dan die van SofTonic, die in sommige gevallen zelfs de vieze Babylon Toolbar installeert, zonder dat je er weet van hebt! In ieder geval wordt ook spyware in je PC gezet om gebruiksgegevens door te zenden! En verwijder geheel die oude downloads uit 2006/2008. Die heb je echt niet meer nodig. Ondervindt je overigens nog hinder in jouw Windows?
  • [quote:50563da07c="Abraham54"]Hallo Jan, een kleine waarschuwing over het downloaden via CNET en SofTonic. De downloads van deze sites zitten in een wrapper. Die van CNET is wat dat betreft onschuldiger dan die van SofTonic, die in sommige gevallen zelfs de vieze Babylon Toolbar installeert, zonder dat je er weet van hebt! In ieder geval wordt ook spyware in je PC gezet om gebruiksgegevens door te zenden! En verwijder geheel die oude downloads uit 2006/2008. Die heb je echt niet meer nodig. Ondervindt je overigens nog hinder in jouw Windows?[/quote:50563da07c] Dacht dat downloaden via CNET en Softonic veilig was....Van welke sites kun je dan wel 'veilig' downloaden? Heb nooit erg hinder ervaren met windows. Vroeg mij alleen af of die file lsass.exe wel veilig is en waarom die genoemde poorten niet stealth zijn. Kennelijk is lsass.exe wel een veilig windowsbestand. Nod32 vindt kennelijk meer dan AVG! Gebruik deze laatste omdat hij gratis is. Ja..inderdaad moet mijn computer eens opschonen. Bedankt voor het meekijken en je reacties. Groeten,
  • Avast 7 Free is nog beter dan AVG. En Nod schijn je eerder illegitiem gebruikt te hebben.
  • Gebruik nod was idd illegaal. Ik vind dat ze software veel goedkoper moeten aanbieden. Verdwijnt de illegaliteit ook grotendeels vanzelf. Bedankt voor al je reacties.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.