Vraag & Antwoord

Beveiliging & privacy

Laptop hapert constant eventjes

102 antwoorden
  • Heb je wel eens de melding dat Explorer.exe niet reageert?
  • Nee, nooit. Ik weet niet of het er wat mee te maken heeft, maar ik maak eigenlijk nooit gebruik van Internet Explorer, maar altijd van Google Chrome. Wat overigens ook wel makkelijk is om te weten is het model laptop dat ik heb. Het gaat hier om een Acer Aspire 5750G met een Intel Core i7-2630QM (2.0GHz, 6MB L3 cache) processor. Met een NVIDIA GeForce GT540M. Met 4 GB DDR3 Memory en 640 GB HDD.
  • Explorer.exe (Windows generiek) niet verwarren met IExplore.exe (Internet Explorer). Maar blijkbaar is dat het probleem niet. Welke beveiligingssoftware gebruik je?
  • Uhm.., 'Avast!', 'Hitman Pro' en 'Malwarebytes' heb ik erop staan. Deze heb ik er gisteren allemaal overheen gegooid en de enkele fouten/virussen die Hitman Pro vond heb ik verwijderd.
  • Het bekijken van filmpjes in Full HD gaat overigens ook niet meer zo soepel als voorheen. Voorheen was het geen enkel probleem, nu moet ik vaak genoeg de kwaliteit verlagen om vlekkeloos te kunnen streamen..
  • Deïnstalleer weer HitmanPro. En doe nu het volgende eerst: [b:5dc0776652]Welk programma[/b:5dc0776652]: sUbs [b:5dc0776652]dds[/b:5dc0776652] [b:5dc0776652]Waarvoor/waarom[/b:5dc0776652]: DDS is een diagnosetool en maakt gebruik van scripts. [b:5dc0776652]Moeilijkheidsgraad[/b:5dc0776652]: Lees eerst goed wat te doen. [b:5dc0776652]Downloadlokatie[/b:5dc0776652]: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen! [b:5dc0776652]Download DDS[/b:5dc0776652] van [b:5dc0776652]sUBS[/b:5dc0776652] van één van deze locaties en plaats het op je [b:5dc0776652]bureaublad[/b:5dc0776652]: [b:5dc0776652][url=http://download.bleepingcomputer.com/sUBs/dds.com]DDS - Bleeping Computer download[/url]. [url=http://download.bleepingcomputer.com/sUBs/dds.scr]DDS - Bleeping Computer download[/url]. [url=http://www.infospyware.net/sUBs/dds]DDS - Infospyware[/url].[/b:5dc0776652] [img:5dc0776652]http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif[/img:5dc0776652] [b:5dc0776652]sUBs dds. gebruiken[/b:5dc0776652]: [list:5dc0776652][*:5dc0776652][b:5dc0776652][color=#0000FF:5dc0776652]Sluit vervolgens eerst alle nog openstaande programmavensters![/color:5dc0776652][/b:5dc0776652] [*:5dc0776652] [b:5dc0776652][color=#008000:5dc0776652]Deaktiveer vervolgens de actieve beveiligingssoftware[/color:5dc0776652][/b:5dc0776652] [list:5dc0776652][*:5dc0776652][b:5dc0776652][color=#0000FF:5dc0776652]Windows 2000[/color:5dc0776652][/b:5dc0776652] en [color=#0000FF:5dc0776652][b:5dc0776652]Windows XP[/b:5dc0776652][/color:5dc0776652]: start sUBs dds. middels dubbelklik op de snelkoppeling. [*:5dc0776652][color=#0000FF:5dc0776652][b:5dc0776652]Windows Vista[/b:5dc0776652][/color:5dc0776652] en [color=#0000FF:5dc0776652][b:5dc0776652]Windows 7[/b:5dc0776652][/color:5dc0776652]: start sUBs dds. rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:5dc0776652][/list:u:5dc0776652] [b:5dc0776652]Na de scan[/b:5dc0776652] [list:5dc0776652][*:5dc0776652] [b:5dc0776652][color=#FF0000:5dc0776652]Heraktiveer nu de actieve beveiligingssoftware[/color:5dc0776652][/b:5dc0776652] [*:5dc0776652]Er worden twee tekstdocumnenten geopend - DDS.txt en Attach.txt - let even op het volgende! [*:5dc0776652]Kopieer en plak de gehele inhoud van de [b:5dc0776652]DDS-logfile[/b:5dc0776652] in jouw volgende bericht. [*:5dc0776652]De inhoud van [b:5dc0776652]Attach.txt[/b:5dc0776652] post je wanneer ik daarom vraag.[/list:u:5dc0776652]
  • Hallo Abraham54, bedankt voor uw hulp in ieder geval. Hierbij het gevraagde bestand: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 Run by Jordy at 12:30:26 on 2012-05-22 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3948.2656 [GMT 2:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Acer\Registration\GREGsvc.exe c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\igfxext.exe C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\BrowserCompanion\BCHelper.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank uDefault_Page_URL = hxxp://acer.msn.com uSearch Page = hxxp://nl.woofi.info mDefault_Page_URL = hxxp://acer.msn.com mStart Page = hxxp://nl.woofi.info mSearch Page = hxxp://nl.woofi.info uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe BHO: Chatvibes Browser Helper: {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Chatvibes Browser Helper Verifier: {963b125b-8b21-49a2-a3a8-e37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: {51FCF544-34E1-47E6-B661-FBC5280C2E74} - No File TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File uRun: [Google Update] "C:\Users\Jordy\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [Spotify Web Helper] "C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun: [MDS_Menu] "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1" mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - hxxps://webmail.saxion.nl/dwa85W.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 213.46.228.196 62.179.104.196 TCP: Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA} : DhcpNameServer = 213.46.228.196 62.179.104.196 TCP: Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}\4556C65623D2D6F64656D6 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}\64F4E4F564255454F594E4455425E45445 : DhcpNameServer = 192.168.182.1 192.168.182.1 TCP: Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}\7516E61646F6F6F566534613 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}\B6F6C6B6D616E6 : DhcpNameServer = 62.179.104.196 213.46.228.196 TCP: Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}\C496371662A41637D696E6 : DhcpNameServer = 192.168.1.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL {00cbb66b-1d3b-46d3-9577-323a336acb50} {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {2EECD738-5844-4a99-B4B6-146BF802613B} {72853161-30C5-4D22-B7F9-0BBC1D38A37E} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} {9030D464-4C02-4ABF-8ECC-5164760863C6} {963B125B-8B21-49A2-A3A8-E37092276531} {B164E929-A1B6-4A06-B104-2CD0E90A88FF} {B4F3A835-0E21-4959-BA22-42B3008E02FF} {DBC80044-A445-435b-BC74-9C25C1C588A9} {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} {98889811-442D-49dd-99D7-DC866BE87DBC} {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} TB-X64: {51FCF544-34E1-47E6-B661-FBC5280C2E74} - No File TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe mRun-x64: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun-x64: [MDS_Menu] "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1" mRun-x64: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?] R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?] R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-5-20 44768] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-12-10 311376] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-12-6 868224] R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-6 13336] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2012-2-23 103440] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-12-29 1993320] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-8-12 87040] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-29 2655768] R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-12-6 243232] R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\system32\DRIVERS\b57xdbd.sys --> C:\Windows\system32\DRIVERS\b57xdbd.sys [?] R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\system32\DRIVERS\b57xdmp.sys --> C:\Windows\system32\DRIVERS\b57xdmp.sys [?] R3 bScsiMSa;bScsiMSa;C:\Windows\system32\DRIVERS\bScsiMSa.sys --> C:\Windows\system32\DRIVERS\bScsiMSa.sys [?] R3 bScsiSDa;bScsiSDa;C:\Windows\system32\DRIVERS\bScsiSDa.sys --> C:\Windows\system32\DRIVERS\bScsiSDa.sys [?] R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?] R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 cphs;Intel(R) Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248] S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-9-28 172912] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-8 150016] S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?] S3 WSDScan;Ondersteuning voor WSD-scan via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys --> C:\Windows\system32\DRIVERS\WSDScan.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-05-20 16:29:42 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-05-20 16:29:42 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-05-20 16:29:42 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-05-20 16:29:25 41184 ----a-w- C:\Windows\avastSS.scr 2012-05-20 16:29:15 -------- d-----w- C:\ProgramData\AVAST Software 2012-05-20 16:29:15 -------- d-----w- C:\Program Files\AVAST Software 2012-05-20 16:22:25 -------- d-----w- C:\Windows\SysWow64\drivers\AVG 2012-05-20 15:53:09 -------- d-----w- C:\Users\Jordy\AppData\Roaming\Malwarebytes 2012-05-20 15:53:04 -------- d-----w- C:\ProgramData\Malwarebytes 2012-05-20 15:52:57 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-05-20 15:52:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-05-20 12:07:25 -------- d-----w- C:\Windows\pss 2012-05-20 11:25:51 8802128 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2012-05-20 11:25:36 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{67DE3638-979D-4CC5-8198-EA94F2CB9A56}\mpengine.dll 2012-05-20 10:51:14 121344 ----a-w- C:\Windows\System32\IntelOpenCL64.dll 2012-05-20 10:51:09 86528 ----a-w- C:\Windows\SysWow64\IntelOpenCL32.dll 2012-05-20 10:01:21 12872 ----a-w- C:\Windows\System32\bootdelete.exe 2012-05-20 09:53:57 -------- d-----w- C:\ProgramData\HitmanPro 2012-05-20 09:16:00 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2012-05-20 09:16:00 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy . ==================== Find3M ==================== . 2012-03-31 06:05:57 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-03-31 04:39:37 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-03-31 04:39:37 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-03-31 03:10:03 3146240 ----a-w- C:\Windows\System32\win32k.sys 2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-03-19 21:44:20 5888792 ----a-w- C:\Windows\System32\GfxUI.exe 2012-03-19 21:44:20 509720 ----a-w- C:\Windows\System32\igfxsrvc.exe 2012-03-19 21:44:20 439064 ----a-w- C:\Windows\System32\igfxpers.exe 2012-03-19 21:44:20 398616 ----a-w- C:\Windows\System32\hkcmd.exe 2012-03-19 21:44:20 276248 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe 2012-03-19 21:44:20 250136 ----a-w- C:\Windows\System32\igfxext.exe 2012-03-19 21:44:20 184600 ----a-w- C:\Windows\System32\difx64.exe 2012-03-19 21:44:20 170264 ----a-w- C:\Windows\System32\igfxtray.exe 2012-03-19 21:42:08 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2696.dll 2012-03-19 21:32:04 14745600 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys 2012-03-19 21:31:56 8087040 ----a-w- C:\Windows\System32\igdumd64.dll 2012-03-19 21:31:16 963912 ----a-w- C:\Windows\SysWow64\igkrng600.bin 2012-03-19 21:31:16 963912 ----a-w- C:\Windows\System32\igkrng600.bin 2012-03-19 21:31:16 261208 ----a-w- C:\Windows\SysWow64\igfcg600m.bin 2012-03-19 21:31:16 261208 ----a-w- C:\Windows\System32\igfcg600m.bin 2012-03-19 21:31:14 79360 ----a-w- C:\Windows\System32\igdde64.dll 2012-03-19 21:26:56 6120960 ----a-w- C:\Windows\SysWow64\igdumd32.dll 2012-03-19 21:25:58 58880 ----a-w- C:\Windows\SysWow64\igdde32.dll 2012-03-19 21:22:10 9605632 ----a-w- C:\Windows\System32\igd10umd64.dll 2012-03-19 21:11:38 7795200 ----a-w- C:\Windows\SysWow64\igd10umd32.dll 2012-03-19 20:31:14 18137088 ----a-w- C:\Windows\System32\ig4icd64.dll 2012-03-19 20:21:14 13212672 ----a-w- C:\Windows\SysWow64\ig4icd32.dll 2012-03-19 20:17:56 28672 ----a-w- C:\Windows\System32\igfxexps.dll 2012-03-19 20:17:46 63488 ----a-w- C:\Windows\System32\igfxsrvc.dll 2012-03-19 20:17:22 110592 ----a-w- C:\Windows\System32\hccutils.dll 2012-03-19 20:17:14 9216 ----a-w- C:\Windows\System32\IGFXDEVLib.dll 2012-03-19 20:17:14 434688 ----a-w- C:\Windows\System32\igfxdev.dll 2012-03-19 20:17:14 172032 ----a-w- C:\Windows\System32\gfxSrvc.dll 2012-03-19 20:16:40 286208 ----a-w- C:\Windows\System32\igfxrenu.lrc 2012-03-19 20:16:38 142336 ----a-w- C:\Windows\System32\igfxdo.dll 2012-03-19 20:16:36 9007616 ----a-w- C:\Windows\System32\igfxress.dll 2012-03-19 20:12:06 25088 ----a-w- C:\Windows\SysWow64\igfxexps32.dll 2012-03-19 20:11:22 325120 ----a-w- C:\Windows\SysWow64\igfxdv32.dll 2012-03-19 20:09:08 524800 ----a-w- C:\Windows\System32\iglhsip64.dll 2012-03-19 20:09:08 519680 ----a-w- C:\Windows\SysWow64\iglhsip32.dll 2012-03-19 20:09:08 2967040 ----a-w- C:\Windows\System32\igfxcmjit64.dll 2012-03-19 20:09:08 237056 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll 2012-03-19 20:09:08 2321408 ----a-w- C:\Windows\SysWow64\igfxcmjit32.dll 2012-03-19 20:09:08 213504 ----a-w- C:\Windows\System32\iglhcp64.dll 2012-03-19 20:09:08 193024 ----a-w- C:\Windows\System32\igfxcmrt64.dll 2012-03-19 20:09:08 177152 ----a-w- C:\Windows\SysWow64\iglhcp32.dll 2012-03-17 07:58:57 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2012-03-11 00:17:18 20992 ----a-w- C:\Windows\System32\OpenCL.dll 2012-03-11 00:09:46 17920 ----a-w- C:\Windows\SysWow64\OpenCL.dll 2012-03-03 06:35:38 1544704 ----a-w- C:\Windows\System32\DWrite.dll 2012-03-03 05:31:19 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-02-28 12:44:19 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-02-28 06:39:37 1188864 ----a-w- C:\Windows\System32\wininet.dll 2012-02-28 05:38:52 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-02-28 04:31:38 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-28 03:52:27 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-23 08:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 12:32:01,54 ===============
  • Hallo Jordy, navigeer nu eerst naar [b:740b8460c1]C:\Program Files (x86)[/b:740b8460c1] en verwijder daa de volgende mappen: [b:740b8460c1]BrowserCompanion[/b:740b8460c1] en [b:740b8460c1]BabylonToolbar\BabylonToolbar[/b:740b8460c1] Leeg aansluitend de prullnbak en start daarna je PC opnieuw op. Doe daarna het volgende: [b:740b8460c1]Welk programma[/b:740b8460c1]: [color=#008000:740b8460c1][b:740b8460c1]Emsisoft Emergency Kit 1.0[/b:740b8460c1][/color:740b8460c1] [b:740b8460c1]Waarvoor/waarom[/b:740b8460c1]: Detecteert en verwijdert malware [b:740b8460c1]Moeilijkheidsgraad[/b:740b8460c1]: geen. Download: [b:740b8460c1][url=http://download11.emsisoft.com/EmsisoftEmergencyKit.zip][color=#FF0000:740b8460c1]Emsisoft Emergency Kit[/color:740b8460c1][/url][/b:740b8460c1] [b:740b8460c1]Opmerkingen[/b:740b8460c1]:[list:740b8460c1][*:740b8460c1]de download is gecomprimeerd, pak EmsisoftEmergencyKit.zip uit en plaats de nieuwe map op het bureaublad. [*:740b8460c1]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:740b8460c1] [b:740b8460c1]Emsisoft Emergency Kit opstarten[/b:740b8460c1] door de map "[b:740b8460c1]EmsisoftEmergencyKit[/b:740b8460c1]" te openen [list:740b8460c1][list:740b8460c1][*:740b8460c1][b:740b8460c1][color=#0000FF:740b8460c1]Windows 2000[/color:740b8460c1][/b:740b8460c1] en [color=#0000FF:740b8460c1][b:740b8460c1]Windows XP[/b:740b8460c1][/color:740b8460c1]: dubbelklik op "Start.exe". [*:740b8460c1][color=#0000FF:740b8460c1][b:740b8460c1]Windows Vista[/b:740b8460c1][/color:740b8460c1] en [color=#0000FF:740b8460c1][b:740b8460c1]Windows 7[/b:740b8460c1][/color:740b8460c1]: via rechtsklik op "Start.exe" en kies voor "Als Administrator uitvoeren".[/list:u:740b8460c1][/list:u:740b8460c1] [b:740b8460c1]Scannen[/b:740b8460c1]: [list:740b8460c1][*:740b8460c1] Klik nu in het keuzescherm op "[b:740b8460c1]Emergency Kit Scanner[/b:740b8460c1]" en aansluitend komt dan de melding, dat het is aanbevolen om eerst te updaten. [img:740b8460c1]http://www.imgdumper.nl/uploads5/4f8d1a3bd534a/4f8d1a3bd3fbd-EmsisoftEK11.jpg[/img:740b8460c1] [*:740b8460c1]Doe dit dan ook door te klikken op "[b:740b8460c1]Ja[/b:740b8460c1]" [*:740b8460c1]Wanneer het updaten gereed is volgt de melding "[b:740b8460c1]Update proces is succesvol afgerond[/b:740b8460c1]" [*:740b8460c1]Klik nu op"[b:740b8460c1]Menu[/b:740b8460c1]" en dan op "[b:740b8460c1]Scan PC[/b:740b8460c1]" [*:740b8460c1] Selecteer de optie "[b:740b8460c1]Diep[/b:740b8460c1]" als deze niet standaard al zo is ingesteld. [*:740b8460c1] Klik aansluitend op de knop "[b:740b8460c1]Scan[/b:740b8460c1]" [list:740b8460c1][*:740b8460c1]Wees geduldig en doe verder niets met de computer gedurende de scan, daar de scan geruime tijd kan duren.[/list:u:740b8460c1] [*:740b8460c1] Het venster met de waarschuwing over een verhoogd risico kan gesloten worden, wanneer de scan gereed is. [*:740b8460c1] Zorg ervoor dat alle gevonden items zijn aangevinkt en klik dan op de knop "[b:740b8460c1]Verwijder geselecteerde[/b:740b8460c1]" - dan zal de volgende melding komen: [img:740b8460c1]http://www.imgdumper.nl/uploads5/4f8d1a4d63784/4f8d1a4d61ffa-EmsisoftEK2.jpg[/img:740b8460c1] [*:740b8460c1]Klik aansluitend dus op "[b:740b8460c1]Ja[/b:740b8460c1]" [*:740b8460c1] Wanneer het verwijderen klaar is, klik dan op de knop "[b:740b8460c1]View report[/b:740b8460c1]" en selecteer het tekstbestand van deze scan met de naam zoals: [b:740b8460c1]a2scan_110730-111615.txt[/b:740b8460c1] [*:740b8460c1] Plaats de inhoud van dat LOG bestand straks in het nieuwe bericht.[/list:u:740b8460c1] [color=#008000:740b8460c1][b:740b8460c1]Notabene:[/b:740b8460c1][/color:740b8460c1] Herstart nu de computer.
  • De map browsercompanion kan ik niet verwijderen omdat het mapje BCHelper nog actief is. Ik zal de volgende stappen vast uit gaan voeren.
  • De scan duurde even.., maar hier de resultaten: Emsisoft Emergency Kit - Versie 1.0 Laatste Update: 5/22/2012 3:25:44 PM Scaninstellingen: Scantype: Diepe Scan Objecten: Geheugen, Sporen, Cookies, C:\, Q:\ Scan archieven: Aan Heuristieken: Uit ADS Scan: Aan Scan gestart: 5/22/2012 3:27:00 PM Value: HKEY_LOCAL_MACHINE\SOFTWARE\Freeze.com\Installer --> id Ontdekt: Trace.Registry.EZ Game Cheats!A2 Key: HKEY_LOCAL_MACHINE\software\Freeze.com\ Ontdekt: Trace.Registry.Freeze!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F} Ontdekt: Trace.Registry.StylishProfile!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\tdataprotocol.DLL Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\updatebho.DLL Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\wit4ie.DLL Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C} Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511} Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\InprocServer32 Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\ProgID Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\TypeLib Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\VersionIndependentProgID Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\InprocServer32 Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\ProgID Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\Programmable Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\TypeLib Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\VersionIndependentProgID Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}\ProxyStubClsid32 Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}\TypeLib Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData\CLSID Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData\CurVer Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData.1 Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData.1\CLSID Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0 Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\0 Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\0\win32 Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\FLAGS Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\HELPDIR Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0 Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\0 Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\0\win32 Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\FLAGS Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\HELPDIR Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO\CLSID Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO\CurVer Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO.1 Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO.1\CLSID Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO\CLSID Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO\CurVer Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO.2 Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO.2\CLSID Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}\iexplore Ontdekt: Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\WhiteSmoke Ontdekt: Trace.Registry.WhiteSmoke!A2 Key: HKEY_CURRENT_USER\software\WhiteSmoke Ontdekt: Trace.Registry.WhiteSmoke!A2 Gescand Bestanden: 240811 Sporen: 447427 Cookies: 56 Processen: 84 Gevonden Bestanden: 0 Sporen: 53 Cookies: 0 Processen: 0 Registersleutels: 0 Scan Geëindigd: 5/22/2012 6:04:56 PM Scantijd: 2:37:56 Key: HKEY_LOCAL_MACHINE\software\WhiteSmoke Verwijderd Trace.Registry.WhiteSmoke!A2 Key: HKEY_CURRENT_USER\software\WhiteSmoke Verwijderd Trace.Registry.WhiteSmoke!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\tdataprotocol.DLL Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\updatebho.DLL Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\wit4ie.DLL Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C} Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511} Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\InprocServer32 Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\ProgID Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\TypeLib Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\VersionIndependentProgID Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\InprocServer32 Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\ProgID Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\Programmable Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\TypeLib Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\VersionIndependentProgID Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}\ProxyStubClsid32 Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}\TypeLib Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData\CLSID Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData\CurVer Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData.1 Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData.1\CLSID Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0 Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\0 Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\0\win32 Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\FLAGS Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\HELPDIR Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0 Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\0 Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\0\win32 Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\FLAGS Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\HELPDIR Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO\CLSID Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO\CurVer Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO.1 Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO.1\CLSID Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO\CLSID Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO\CurVer Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO.2 Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO.2\CLSID Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}\iexplore Verwijderd Trace.Registry.GetStyles!A2 Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F} Verwijderd Trace.Registry.StylishProfile!A2 Key: HKEY_LOCAL_MACHINE\software\Freeze.com\ Verwijderd Trace.Registry.Freeze!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Freeze.com\Installer --> id Verwijderd Trace.Registry.EZ Game Cheats!A2 Verwijderd Bestanden: 0 Sporen: 53 Cookies: 0
  • Heb het overigens ook voor elkaar gekregen om het mapje BrowserCompanion te verwijderen.
  • Goed zo. We gaan dieper kijken. [b:c130081936]Welk programma[/b:c130081936]: [color=#008000:c130081936][b:c130081936]TDSSStarter.exe[/b:c130081936][/color:c130081936] [b:c130081936]Waarvoor/waarom[/b:c130081936]: Rootkitscanner [b:c130081936]Moeilijkheidsgraad[/b:c130081936]: geen Download [b:c130081936][url=http://home.kpn.nl/stefsmeenk/tools/TDSSKStarter.exe]TDSSStarter[/url][/b:c130081936] naar het bureaublad. [b:c130081936]"TDSSSStarter.exe" gebruiken[/b:c130081936]: [list:c130081936][*:c130081936] [b:c130081936][color=#0000FF:c130081936]Sluit nu eerst alle nog openstaande programmavensters![/color:c130081936][/b:c130081936] [list:c130081936][*:c130081936][b:c130081936][color=#0000FF:c130081936]Windows 2000[/color:c130081936][/b:c130081936] en [color=#0000FF:c130081936][b:c130081936]Windows XP[/b:c130081936][/color:c130081936]: start het tool middels dubbelklik op "[i:c130081936] TDSSStarter .exe[/i:c130081936]". [*:c130081936][color=#0000FF:c130081936][b:c130081936]Windows Vista[/b:c130081936][/color:c130081936] en [color=#0000FF:c130081936][b:c130081936]Windows 7[/b:c130081936][/color:c130081936]: start het tool middels rechtsklik op "[i:c130081936]TDSSStarter.exe[/i:c130081936]" en dan kiezen voor [i:c130081936][b:c130081936]Als Administrator uitvoeren[/b:c130081936][/i:c130081936].[/list:u:c130081936] [*:c130081936]Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten. [*:c130081936]Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.[/list:u:c130081936]
  • Hier het rapport: 08:03:23.0815 3536 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16 08:03:23.0815 3536 ============================================================ 08:03:23.0815 3536 Current date / time: 2012/05/23 08:03:23.0815 08:03:23.0815 3536 SystemInfo: 08:03:23.0815 3536 08:03:23.0815 3536 OS Version: 6.1.7601 ServicePack: 1.0 08:03:23.0815 3536 Product type: Workstation 08:03:23.0815 3536 ComputerName: JORDY-PC 08:03:23.0815 3536 UserName: Jordy 08:03:23.0815 3536 Windows directory: C:\Windows 08:03:23.0815 3536 System windows directory: C:\Windows 08:03:23.0815 3536 Running under WOW64 08:03:23.0815 3536 Processor architecture: Intel x64 08:03:23.0815 3536 Number of processors: 8 08:03:23.0815 3536 Page size: 0x1000 08:03:23.0815 3536 Boot type: Normal boot 08:03:23.0815 3536 ============================================================ 08:03:24.0314 3536 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 08:03:24.0314 3536 ============================================================ 08:03:24.0314 3536 \Device\Harddisk0\DR0: 08:03:24.0314 3536 MBR partitions: 08:03:24.0314 3536 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000 08:03:24.0314 3536 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x48A25000 08:03:24.0314 3536 ============================================================ 08:03:24.0346 3536 C: <-> \Device\Harddisk0\DR0\Partition1 08:03:24.0346 3536 ============================================================ 08:03:24.0346 3536 Initialize success 08:03:24.0346 3536 ============================================================ 08:03:24.0377 3744 ============================================================ 08:03:24.0377 3744 Scan started 08:03:24.0377 3744 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent; 08:03:24.0377 3744 ============================================================ 08:03:25.0703 3744 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 08:03:25.0859 3744 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 08:03:25.0937 3744 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 08:03:26.0046 3744 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 08:03:26.0108 3744 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 08:03:26.0140 3744 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 08:03:26.0218 3744 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 08:03:26.0405 3744 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 08:03:26.0530 3744 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 08:03:26.0608 3744 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 08:03:26.0701 3744 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 08:03:26.0764 3744 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 08:03:26.0842 3744 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 08:03:26.0966 3744 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 08:03:27.0091 3744 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 08:03:27.0200 3744 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 08:03:27.0263 3744 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 08:03:27.0325 3744 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 08:03:27.0466 3744 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 08:03:27.0622 3744 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 08:03:27.0762 3744 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 08:03:27.0793 3744 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 08:03:27.0902 3744 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys 08:03:28.0136 3744 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys 08:03:28.0199 3744 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys 08:03:28.0292 3744 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys 08:03:28.0386 3744 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys 08:03:28.0464 3744 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys 08:03:28.0495 3744 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 08:03:28.0589 3744 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 08:03:28.0823 3744 athr (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys 08:03:29.0150 3744 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 08:03:29.0322 3744 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 08:03:29.0494 3744 avast\Program Files\AVAST Software\Avast\AvastSvc.exe 08:03:29.0572 3744 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 08:03:29.0868 3744 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 08:03:29.0962 3744 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 08:03:30.0086 3744 b57xdbd (2618e15514736fb469b105ce729b6d9d) C:\Windows\system32\DRIVERS\b57xdbd.sys 08:03:30.0133 3744 b57xdmp (baba4f0e2978b69b4e0b260ef7150dd6) C:\Windows\system32\DRIVERS\b57xdmp.sys 08:03:30.0227 3744 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 08:03:30.0320 3744 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 08:03:30.0539 3744 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 08:03:30.0726 3744 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 08:03:30.0944 3744 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 08:03:31.0054 3744 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 08:03:31.0132 3744 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 08:03:31.0225 3744 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 08:03:31.0334 3744 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 08:03:31.0553 3744 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 08:03:31.0646 3744 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 08:03:31.0724 3744 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 08:03:31.0818 3744 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 08:03:31.0912 3744 bScsiMSa (ff7aa31bffdc6c6870f64eaf8defe930) C:\Windows\system32\DRIVERS\bScsiMSa.sys 08:03:31.0958 3744 bScsiSDa (e6cc56662f6c6b787a1fbea4cd247ae0) C:\Windows\system32\DRIVERS\bScsiSDa.sys 08:03:32.0005 3744 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 08:03:32.0099 3744 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 08:03:32.0270 3744 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 08:03:32.0442 3744 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 08:03:32.0536 3744 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 08:03:32.0676 3744 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 08:03:32.0801 3744 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 08:03:32.0941 3744 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 08:03:33.0035 3744 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 08:03:33.0160 3744 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 08:03:33.0269 3744 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 08:03:33.0331 3744 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 08:03:33.0425 3744 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 08:03:33.0518 3744 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 08:03:33.0643 3744 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 08:03:33.0737 3744 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 08:03:33.0955 3744 cphs (f08c6020e57f5e5bf2fd034db10bedfb) C:\Windows\SysWow64\IntelCpHeciSvc.exe 08:03:34.0049 3744 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 08:03:34.0142 3744 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 08:03:34.0517 3744 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 08:03:34.0657 3744 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 08:03:34.0829 3744 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 08:03:35.0000 3744 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 08:03:35.0156 3744 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 08:03:35.0328 3744 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 08:03:35.0453 3744 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 08:03:35.0531 3744 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 08:03:35.0640 3744 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 08:03:35.0890 3744 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 08:03:36.0046 3744 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 08:03:36.0233 3744 DsiWMIService (470f7f19188ab45463f8b612d6dde7c8) C:\Program Files (x86)\Launch Manager\dsiwmis.exe 08:03:36.0436 3744 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 08:03:36.0576 3744 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 08:03:37.0606 3744 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 08:03:38.0027 3744 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 08:03:38.0230 3744 EgisTec Ticket Service (03e6888da1a85acf14ac2a3c328a9e62) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe 08:03:38.0386 3744 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 08:03:38.0526 3744 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 08:03:38.0698 3744 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 08:03:38.0869 3744 ePowerSvc (5da1e8b9c5d896ac86189b62fecb23f6) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe 08:03:39.0212 3744 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 08:03:39.0337 3744 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 08:03:39.0509 3744 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 08:03:39.0634 3744 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 08:03:39.0852 3744 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 08:03:39.0977 3744 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 08:03:40.0055 3744 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 08:03:40.0180 3744 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 08:03:40.0273 3744 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 08:03:40.0304 3744 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 08:03:40.0585 3744 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 08:03:40.0679 3744 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 08:03:40.0788 3744 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 08:03:40.0991 3744 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 08:03:41.0225 3744 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 08:03:41.0412 3744 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 08:03:41.0506 3744 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 08:03:41.0615 3744 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 08:03:41.0708 3744 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 08:03:41.0896 3744 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 08:03:42.0098 3744 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe 08:03:42.0161 3744 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 08:03:42.0270 3744 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 08:03:42.0379 3744 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 08:03:42.0457 3744 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 08:03:42.0520 3744 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 08:03:42.0613 3744 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 08:03:42.0707 3744 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 08:03:42.0863 3744 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 08:03:42.0941 3744 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 08:03:43.0144 3744 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 08:03:43.0346 3744 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 08:03:43.0627 3744 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 08:03:43.0705 3744 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys 08:03:43.0830 3744 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys 08:03:43.0955 3744 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 08:03:44.0111 3744 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 08:03:44.0204 3744 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 08:03:44.0329 3744 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys 08:03:44.0532 3744 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 08:03:44.0657 3744 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 08:03:44.0922 3744 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 08:03:47.0558 3744 igfx (371d7f91c0d2314eb984a4a6cbeabc92) C:\Windows\system32\DRIVERS\igdkmd64.sys 08:03:48.0276 3744 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 08:03:48.0557 3744 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 08:03:49.0228 3744 IntcAzAudAddService (f4c031439501f6c1d336a36d7cb58f4f) C:\Windows\system32\drivers\RTKVHD64.sys 08:03:49.0774 3744 IntcDAud (6c9fffeca9fed31347d211c5d1ffbd2d) C:\Windows\system32\DRIVERS\IntcDAud.sys 08:03:49.0930 3744 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 08:03:50.0008 3744 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 08:03:50.0117 3744 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 08:03:50.0242 3744 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 08:03:50.0398 3744 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 08:03:50.0569 3744 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 08:03:50.0678 3744 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 08:03:50.0850 3744 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 08:03:50.0975 3744 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 08:03:51.0068 3744 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 08:03:51.0209 3744 k57nd60a (81458a917f8cc7a5171759218d64fa3a) C:\Windows\system32\DRIVERS\k57nd60a.sys 08:03:51.0318 3744 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 08:03:51.0380 3744 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 08:03:51.0505 3744 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 08:03:51.0568 3744 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 08:03:51.0630 3744 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 08:03:51.0708 3744 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 08:03:51.0848 3744 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 08:03:52.0067 3744 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 08:03:52.0223 3744 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 08:03:52.0379 3744 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 08:03:52.0597 3744 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 08:03:52.0972 3744 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 08:03:53.0237 3744 LMS (926eba26a8b49d1597751ced06b50862) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 08:03:53.0393 3744 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 08:03:53.0471 3744 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 08:03:53.0533 3744 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 08:03:53.0580 3744 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 08:03:53.0658 3744 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 08:03:53.0830 3744 McAfee SiteAdvisor Service (be8c524313db75fa26fb2b0c0aaff88e) c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe 08:03:53.0892 3744 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 08:03:53.0986 3744 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 08:03:54.0095 3744 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 08:03:54.0220 3744 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 08:03:54.0376 3744 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 08:03:54.0485 3744 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 08:03:54.0594 3744 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 08:03:54.0703 3744 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 08:03:54.0781 3744 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 08:03:54.0906 3744 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 08:03:55.0000 3744 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 08:03:55.0062 3744 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 08:03:55.0312 3744 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 08:03:55.0530 3744 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 08:03:55.0624 3744 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 08:03:55.0733 3744 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 08:03:55.0842 3744 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 08:03:55.0920 3744 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 08:03:56.0060 3744 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 08:03:56.0248 3744 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 08:04:34.0265 3744 MSDTC ( UnsignedFile.Multi.Generic ) - [b:7e1ad08837][color=red:7e1ad08837]warning[/color:7e1ad08837][/b:7e1ad08837] 08:04:34.0265 3744 MSDTC - detected UnsignedFile.Multi.Generic (1) 08:04:34.0358 3744 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 08:04:34.0483 3744 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 08:04:34.0608 3744 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 08:04:34.0639 3744 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 08:04:34.0764 3744 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 08:04:34.0873 3744 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 08:04:34.0998 3744 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 08:04:35.0185 3744 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 08:04:35.0248 3744 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 08:04:35.0326 3744 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 08:04:35.0450 3744 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 08:04:35.0466 3744 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 08:04:35.0497 3744 mwlPSDFilter (9b1eac6faf6f37305e822f5588dc8056) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 08:04:35.0528 3744 mwlPSDNServ (ad55c1524b296280ed9c6e0d730d35da) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 08:04:35.0560 3744 mwlPSDVDisk (2b599e6ec8843637bdd62e7f8f3ba201) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 08:04:35.0638 3744 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 08:04:35.0794 3744 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 08:04:36.0028 3744 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 08:04:36.0137 3744 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 08:04:36.0262 3744 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 08:04:36.0371 3744 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 08:04:36.0496 3744 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 08:04:36.0652 3744 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 08:04:36.0776 3744 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 08:04:36.0932 3744 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 08:04:37.0057 3744 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 08:04:37.0166 3744 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 08:04:37.0338 3744 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 08:04:37.0525 3744 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 08:04:37.0619 3744 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 08:04:37.0712 3744 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 08:04:37.0868 3744 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 08:04:38.0024 3744 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 08:04:38.0165 3744 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 08:04:38.0570 3744 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 08:04:38.0867 3744 NTI IScheduleSvc (8f59a2506af43f96f5397b3c79938ae9) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe 08:04:39.0101 3744 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys 08:04:39.0148 3744 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 08:04:39.0272 3744 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys 08:04:39.0366 3744 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys 08:04:41.0597 3744 nvlddmkm (62d394e6991837b53e105da141b4c273) C:\Windows\system32\DRIVERS\nvlddmkm.sys 08:04:42.0299 3744 nvpciflt (812ca89b7bb1ef99ab521064d51b5481) C:\Windows\system32\DRIVERS\nvpciflt.sys 08:04:42.0377 3744 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 08:04:42.0517 3744 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 08:04:42.0720 3744 NVSvc (69af9c14c0c4d7637a0bd556b156ea59) C:\Windows\system32\nvvsvc.exe 08:04:43.0328 3744 nvUpdatusService (8be807a9d14f10a411d12e6af1561180) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 08:04:43.0812 3744 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 08:04:47.0837 3744 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 08:04:48.0009 3744 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 08:04:48.0414 3744 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 08:04:48.0695 3744 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 08:04:48.0820 3744 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 08:04:48.0929 3744 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 08:04:48.0991 3744 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 08:04:49.0147 3744 PassThru Service (68139940b5ac84affb7eb1b713be66e7) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 08:04:49.0147 3744 PassThru Service ( UnsignedFile.Multi.Generic ) - [b:7e1ad08837][color=red:7e1ad08837]warning[/color:7e1ad08837][/b:7e1ad08837] 08:04:49.0163 3744 PassThru Service - detected UnsignedFile.Multi.Generic (1) 08:04:49.0194 3744 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 08:04:49.0303 3744 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 08:04:49.0366 3744 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 08:04:49.0444 3744 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 08:04:49.0491 3744 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 08:04:49.0569 3744 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 08:04:49.0771 3744 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 08:04:49.0959 3744 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 08:04:50.0161 3744 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 08:04:50.0255 3744 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 08:04:50.0333 3744 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 08:04:50.0427 3744 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 08:04:50.0551 3744 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 08:04:50.0723 3744 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 08:04:50.0848 3744 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 08:04:50.0957 3744 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 08:04:51.0066 3744 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 08:04:51.0129 3744 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 08:04:51.0300 3744 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 08:04:51.0519 3744 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 08:04:51.0597 3744 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 08:04:51.0659 3744 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 08:04:51.0737 3744 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 08:04:51.0862 3744 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 08:04:51.0955 3744 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 08:04:52.0080 3744 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 08:04:52.0221 3744 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 08:04:52.0345 3744 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 08:04:52.0455 3744 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 08:04:52.0579 3744 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 08:04:52.0735 3744 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 08:04:52.0813 3744 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 08:04:52.0923 3744 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 08:04:52.0985 3744 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 08:04:53.0063 3744 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 08:04:53.0172 3744 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 08:04:53.0235 3744 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 08:04:53.0375 3744 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 08:04:53.0500 3744 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 08:04:53.0593 3744 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 08:04:53.0703 3744 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 08:04:53.0812 3744 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 08:04:53.0874 3744 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 08:04:53.0921 3744 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 08:04:53.0983 3744 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 08:04:54.0108 3744 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 08:04:54.0295 3744 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 08:04:54.0436 3744 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 08:04:54.0545 3744 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 08:04:54.0623 3744 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 08:04:54.0685 3744 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 08:04:54.0795 3744 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 08:04:54.0919 3744 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 08:04:55.0029 3744 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 08:04:55.0091 3744 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 08:04:55.0169 3744 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 08:04:55.0263 3744 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 08:04:55.0372 3744 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 08:04:55.0497 3744 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 08:04:55.0559 3744 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 08:04:55.0653 3744 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 08:04:55.0731 3744 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 08:04:55.0871 3744 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 08:04:56.0027 3744 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 08:04:56.0105 3744 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 08:04:56.0136 3744 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 08:04:56.0183 3744 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 08:04:56.0245 3744 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 08:04:56.0339 3744 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 08:04:56.0479 3744 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 08:04:56.0589 3744 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 08:04:56.0651 3744 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 08:04:56.0698 3744 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 08:04:56.0823 3744 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 08:04:56.0901 3744 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 08:04:56.0994 3744 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 08:04:57.0244 3744 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 08:04:57.0462 3744 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 08:04:57.0634 3744 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 08:04:57.0743 3744 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 08:04:57.0899 3744 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 08:04:57.0993 3744 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 08:04:58.0133 3744 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 08:04:58.0305 3744 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 08:04:58.0429 3744 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 08:04:58.0523 3744 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 08:04:58.0632 3744 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 08:04:58.0851 3744 SynTP (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys 08:04:59.0085 3744 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 08:04:59.0287 3744 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 08:04:59.0381 3744 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 08:04:59.0490 3744 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 08:04:59.0740 3744 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 08:05:00.0114 3744 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 08:05:00.0317 3744 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 08:05:00.0442 3744 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 08:05:00.0489 3744 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 08:05:00.0551 3744 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 08:05:00.0645 3744 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 08:05:00.0723 3744 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 08:05:00.0832 3744 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 08:05:00.0910 3744 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 08:05:01.0019 3744 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 08:05:01.0144 3744 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 08:05:01.0269 3744 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 08:05:01.0347 3744 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 08:05:01.0456 3744 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 08:05:01.0612 3744 TurboB (48743b69ea47c020a792d8649f753f44) C:\Windows\system32\DRIVERS\TurboB.sys 08:05:01.0690 3744 TurboBoost (759f59e3ea3802ff23f93dcdb6fe9171) C:\Program Files\Intel\TurboBoost\TurboBoost.exe 08:05:01.0752 3744 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 08:05:01.0815 3744 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys 08:05:01.0877 3744 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 08:05:01.0986 3744 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 08:05:02.0064 3744 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 08:05:02.0127 3744 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 08:05:02.0205 3744 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 08:05:02.0532 3744 UNS (fdf92ec84fecee834fb10a2a0a19bcda) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 08:05:02.0673 3744 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Acer\Acer Updater\UpdaterService.exe 08:05:02.0813 3744 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 08:05:03.0000 3744 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 08:05:03.0078 3744 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 08:05:03.0156 3744 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 08:05:03.0265 3744 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 08:05:03.0359 3744 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 08:05:03.0609 3744 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 08:05:03.0687 3744 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 08:05:03.0765 3744 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 08:05:03.0874 3744 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 08:05:03.0952 3744 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 08:05:04.0077 3744 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 08:05:04.0155 3744 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 08:05:04.0248 3744 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 08:05:04.0389 3744 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 08:05:04.0435 3744 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 08:05:04.0545 3744 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 08:05:04.0623 3744 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 08:05:04.0685 3744 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 08:05:04.0779 3744 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 08:05:04.0888 3744 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 08:05:04.0966 3744 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 08:05:05.0169 3744 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 08:05:05.0403 3744 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 08:05:05.0481 3744 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 08:05:05.0590 3744 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 08:05:05.0699 3744 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 08:05:05.0793 3744 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 08:05:05.0902 3744 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 08:05:06.0089 3744 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 08:05:06.0261 3744 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 08:05:06.0448 3744 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 08:05:06.0573 3744 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 08:05:06.0666 3744 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 08:05:06.0775 3744 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 08:05:06.0869 3744 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 08:05:06.0931 3744 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 08:05:06.0994 3744 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 08:05:07.0087 3744 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 08:05:07.0197 3744 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 08:05:09.0505 3744 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 08:05:09.0630 3744 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 08:05:09.0755 3744 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 08:05:09.0864 3744 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 08:05:09.0989 3744 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 08:05:10.0176 3744 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 08:05:10.0457 3744 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 08:05:10.0629 3744 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 08:05:10.0816 3744 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 08:05:11.0034 3744 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 08:05:11.0159 3744 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 08:05:11.0315 3744 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 08:05:11.0393 3744 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 08:05:11.0471 3744 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 08:05:11.0596 3744 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 08:05:11.0689 3744 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys 08:05:11.0767 3744 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys 08:05:11.0939 3744 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 08:05:12.0173 3744 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 08:05:12.0298 3744 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 08:05:12.0423 3744 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 08:05:12.0547 3744 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 08:05:12.0657 3744 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 08:05:13.0109 3744 Boot (0x1200) (bdc92e9f05932336b6a097497de84725) \Device\Harddisk0\DR0\Partition0 08:05:13.0125 3744 Boot (0x1200) (864752e34d5630300ebba2dd6ccb9efb) \Device\Harddisk0\DR0\Partition1 08:05:13.0125 3744 ============================================================ 08:05:13.0125 3744 Scan finished 08:05:13.0125 3744 ============================================================ 08:05:13.0671 5416 Deinitialize success . ============================================== System Restore Point Check: . TDSSKiller Starter Restore Point Created Succesfully ============================================== Registry Export . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] ============================================== EOF
  • Mijn volgende reactie zal pas na 18:00 uur zijn, i.v.m. werk.
  • Prima hoor.
  • Het probleem is trouwens nog niet verholpen, hoewel ik het idee heb dat hij wel wat sneller is geworden, blijft hij toch nog geregeld hangen..
  • Graag alsnog het log van ComboFix posten. Want anders wordt het lastig jou verder te helpen.
  • Ik heb nog geen 'combofix' uitgevoerd toch? of is dat, dat bestandje 'attach.txt' van sUbs DSS?
  • Oei, foutje van mij. [b:01717d15c1]Welk programma[/b:01717d15c1]: [color=#008000:01717d15c1][b:01717d15c1]ComboFix[/b:01717d15c1][/color:01717d15c1] [b:01717d15c1]Waarvoor/waarom[/b:01717d15c1]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:01717d15c1]Moeilijkheidsgraad[/b:01717d15c1]: Lees alles eerst goed vanwege de voorbereidingsfase. [b:01717d15c1]Downloadlokatie[/b:01717d15c1]: Dit programma absoluut naar het bureaublad downloaden! [b:01717d15c1]Download ComboFix via één van deze locaties[/b:01717d15c1]: [list:01717d15c1][*:01717d15c1][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:01717d15c1]Bleepingcomputer[/b:01717d15c1][/url] [*:01717d15c1][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:01717d15c1]ForoSpyware[/b:01717d15c1][/url] [*:01717d15c1][url=http://subs.geekstogo.com/ComboFix.exe][b:01717d15c1]Geekstogo[/b:01717d15c1][/url][/list:u:01717d15c1] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:01717d15c1]Hier[/b:01717d15c1][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:01717d15c1]Hier[/b:01717d15c1][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:01717d15c1]hier[/b:01717d15c1][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:01717d15c1]Voor alle duidelijkheid nogmaals[/b:01717d15c1]: ComboFix dient vanaf het bureaublad gestart te worden. [b:01717d15c1]Opmerkingen[/b:01717d15c1]: [list:01717d15c1][*:01717d15c1]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:01717d15c1]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:01717d15c1] [b:01717d15c1]ComboFix is opgestart[/b:01717d15c1]: [list:01717d15c1][*:01717d15c1]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:01717d15c1]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:01717d15c1]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:01717d15c1]Wanneer ComboFix gereed is, zal het een logbestand voor je maken. [*:01717d15c1]Post de inhoud van dit logbestand in je volgende bericht. [*:01717d15c1]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:01717d15c1] [b:01717d15c1]Belangrijke opmerking[/b:01717d15c1]: [list:01717d15c1][*:01717d15c1][b:01717d15c1][color=#0000FF:01717d15c1]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:01717d15c1][/b:01717d15c1] [*:01717d15c1][b:01717d15c1][color=#FF0000:01717d15c1]Illegal operation attempted on a registery key that has been marked for deletion.[/color:01717d15c1][/b:01717d15c1] [*:01717d15c1][b:01717d15c1][color=#008000:01717d15c1]Start dan de computer opnieuw op.[/color:01717d15c1][/b:01717d15c1][/list:u:01717d15c1]
  • Hallo ik ben nieuw op dit forum, mijn naam is Jordy en ik ben 23 jaar oud. Ik ben hier terecht gekomen omdat ik last heb van een enorm vervelend probleem, namelijk dat mijn laptop constant even hapert. Dat doet die bijvoorbeeld al bij het intikken van deze tekst, bij het typen in een Word bestand of bij het intikken van een tekstje op Facebook, maar ook tijdens het spelen van spellen, ook bij spellen die voorheen goed gewerkt hebben. Nou heb ik gezien dat de gebruiker 'roobin' een soortgelijk probleem heeft gehad als ik, maar ondanks dat ik enkele van de tips die ik heb gelezen tijdens het oplossen van zijn probleem heb uitgevoerd blijft mijn probleem bestaan en verbetert het ook niet. Ik hoop dat iemand mij hier kan helpen. Heb helaas vrij weinig verstand van computers en ben dus absoluut afhankelijk van de kenners hier.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.