Vraag & Antwoord

Beveiliging & privacy

PC langzaam + virusscanner uit?

Anoniem
Abraham54
28 antwoorden
 • Sinds ongeveer een week heb ik problemen met mijn laptop met Windows 7. Hij is, niet continu maar wel zeer regelmatig, ontzettend langzaam. Op deze momenten wordt er 100% CPU gebruikt óf tegen de 100% physical memory. Tegerlijktijd krijg ik af en toe de melding van Windows dat Avast doorgeeft dat Avast uitgeschakeld staat terwijl deze op dat moment niet uitgeschakeld staat en af en toe ook dat Windows Defender uitgeschakeld is.

  Ik heb verscheidene zaken geprobeerd maar het lukt mij niet om de oorzaak te vinden:
  1) full scan gedraaid met Avast; geen malware
  2) full scan gedraaid met MBAM; geen malware, zie scanresultaten hieronder
  3) Avast opnieuw geinstalleerd (vanwege melding)
  4) Online scan gedraaid (ESET); geen malware

  Ik meen geen vreemde zaken te hebben gedaan maar ben bang, vooral vanwege de melding met mijn virusscanner dat ik wellicht toch last heb van malware. Ik heb niet kunnen ontdekken wat de verschillen zijn tussen de momenten waarop de laptop traag is en niet. In- en uitschakelen van de netwerkverbinding lijkt weinig tot geen verschil te maken.

  Kan iemand naar mijn HiJackthis-log kijken of een andere tip geven waarmee ik verder kan onderzoeken wat er aan de hand is?

  [b:85ffc31e2a]MBAM[/b:85ffc31e2a]
  Malwarebytes Anti-Malware 1.60.1.1000
  www.malwarebytes.org

  Database version: v2012.02.07.01

  Windows 7 Service Pack 1 x64 NTFS
  Internet Explorer 9.0.8112.16421
  naam:: naam-LAPTOP [administrator]

  7-2-2012 6:51:01
  mbam-log-2012-02-07 (06-51-01).txt

  Scan type: Full scan
  Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
  Scan options disabled: P2P
  Objects scanned: 462637
  Time elapsed: 1 hour(s), 34 minute(s), 42 second(s)

  Memory Processes Detected: 0
  (No malicious items detected)

  Memory Modules Detected: 0
  (No malicious items detected)

  Registry Keys Detected: 0
  (No malicious items detected)

  Registry Values Detected: 0
  (No malicious items detected)

  Registry Data Items Detected: 0
  (No malicious items detected)

  Folders Detected: 0
  (No malicious items detected)

  Files Detected: 0
  (No malicious items detected)

  (end)


  [b:85ffc31e2a]HIJackthis[/b:85ffc31e2a]
  Logfile of Trend Micro HijackThis v2.0.4
  Scan saved at 9:05:20, on 12-2-2012
  Platform: Windows 7 SP1 (WinNT 6.00.3505)
  MSIE: Internet Explorer v9.00 (9.00.8112.16421)
  Boot mode: Normal

  Running processes:
  C:\Program Files (x86)\uTorrent\uTorrent.exe
  C:\Users\vlindermeisje\AppData\Roaming\Dropbox\bin\Dropbox.exe
  C:\Program Files\AVAST Software\Avast\AvastUI.exe
  C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
  C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
  c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
  C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Windows\SysWOW64\rundll32.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  F2 - REG:system.ini: UserInit=userinit.exe
  O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
  O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
  O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
  O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
  O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
  O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
  O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
  O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
  O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
  O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
  O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
  O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
  O4 - HKUS\S-1-5-21-1447412775-543404776-4026076476-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
  O4 - HKUS\S-1-5-21-1447412775-543404776-4026076476-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
  O4 - Startup: Dropbox.lnk = vlindermeisje\AppData\Roaming\Dropbox\bin\Dropbox.exe
  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
  O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
  O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
  O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
  O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
  O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
  O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
  O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
  O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
  O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
  O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
  O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
  O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
  O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
  O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
  O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
  O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
  O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
  O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
  O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
  O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
  O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


  End of file - 12272 bytes
 • Hallo vlindermeisje, dan moeten we maar dieper gaan kijken in jouw Windows.

  [b:17a22886c5]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:17a22886c5]
 • Hoi Abraham54, bedankt voor je reactie en je hulp.

  Ik heb de stappen uitgevoerd:

  [b:621797c59f]stap 1[/b:621797c59f]

  14:31:14.0637 2560 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57
  14:31:14.0637 2560 ============================================================
  14:31:14.0637 2560 Current date / time: 2012/02/12 14:31:14.0637
  14:31:14.0637 2560 SystemInfo:
  14:31:14.0637 2560
  14:31:14.0637 2560 OS Version: 6.1.7601 ServicePack: 1.0
  14:31:14.0637 2560 Product type: Workstation
  14:31:14.0637 2560 ComputerName: vlindermeisje-LAPTOP
  14:31:14.0652 2560 UserName: vlindermeisje
  14:31:14.0652 2560 Windows directory: C:\Windows
  14:31:14.0652 2560 System windows directory: C:\Windows
  14:31:14.0652 2560 Running under WOW64
  14:31:14.0652 2560 Processor architecture: Intel x64
  14:31:14.0652 2560 Number of processors: 4
  14:31:14.0652 2560 Page size: 0x1000
  14:31:14.0652 2560 Boot type: Normal boot
  14:31:14.0652 2560 ============================================================
  14:31:17.0133 2560 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
  14:31:17.0164 2560 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
  14:31:17.0179 2560 \Device\Harddisk0\DR0:
  14:31:17.0179 2560 MBR used
  14:31:17.0179 2560 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
  14:31:17.0179 2560 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
  14:31:17.0179 2560 \Device\Harddisk1\DR1:
  14:31:17.0179 2560 MBR used
  14:31:17.0179 2560 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
  14:31:17.0601 2560 Initialize success
  14:31:17.0601 2560 ============================================================
  14:31:17.0647 4960 ============================================================
  14:31:17.0647 4960 Scan started
  14:31:17.0647 4960 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
  14:31:17.0647 4960 ============================================================
  14:31:22.0639 4960 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
  14:31:24.0106 4960 1394ohci - ok
  14:31:24.0574 4960 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
  14:31:25.0557 4960 Accelerometer - ok
  14:31:26.0134 4960 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
  14:31:26.0290 4960 ACPI - ok
  14:31:26.0680 4960 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
  14:31:26.0851 4960 AcpiPmi - ok
  14:31:27.0413 4960 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
  14:31:27.0444 4960 adfs - ok
  14:31:28.0271 4960 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
  14:31:28.0411 4960 adp94xx - ok
  14:31:29.0020 4960 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
  14:31:29.0051 4960 adpahci - ok
  14:31:29.0457 4960 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
  14:31:29.0503 4960 adpu320 - ok
  14:31:30.0143 4960 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
  14:31:30.0424 4960 AFD - ok
  14:31:30.0814 4960 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
  14:31:30.0845 4960 agp440 - ok
  14:31:31.0531 4960 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
  14:31:31.0563 4960 aliide - ok
  14:31:31.0875 4960 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
  14:31:31.0906 4960 amdide - ok
  14:31:32.0218 4960 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
  14:31:32.0374 4960 AmdK8 - ok
  14:31:32.0889 4960 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
  14:31:33.0201 4960 AmdPPM - ok
  14:31:33.0622 4960 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
  14:31:33.0653 4960 amdsata - ok
  14:31:34.0199 4960 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
  14:31:34.0324 4960 amdsbs - ok
  14:31:35.0057 4960 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
  14:31:35.0088 4960 amdxata - ok
  14:31:35.0587 4960 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
  14:31:35.0728 4960 AppID - ok
  14:31:36.0523 4960 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
  14:31:36.0539 4960 arc - ok
  14:31:37.0085 4960 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
  14:31:37.0101 4960 arcsas - ok
  14:31:37.0912 4960 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
  14:31:37.0927 4960 aswFsBlk - ok
  14:31:38.0629 4960 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
  14:31:38.0645 4960 aswMonFlt - ok
  14:31:39.0347 4960 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
  14:31:39.0363 4960 aswRdr - ok
  14:31:39.0955 4960 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
  14:31:40.0065 4960 aswSnx - ok
  14:31:40.0470 4960 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
  14:31:40.0595 4960 aswSP - ok
  14:31:41.0125 4960 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
  14:31:41.0141 4960 aswTdi - ok
  14:31:41.0687 4960 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
  14:31:41.0968 4960 AsyncMac - ok
  14:31:42.0483 4960 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
  14:31:42.0514 4960 atapi - ok
  14:31:43.0403 4960 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
  14:31:43.0637 4960 b06bdrv - ok
  14:31:43.0996 4960 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
  14:31:44.0214 4960 b57nd60a - ok
  14:31:45.0275 4960 BCM43XX (6c95dd14cfd30b0617b91dc6a0b1a1fb) C:\Windows\system32\DRIVERS\bcmwl664.sys
  14:31:45.0462 4960 BCM43XX - ok
  14:31:45.0993 4960 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
  14:31:46.0164 4960 Beep - ok
  14:31:46.0476 4960 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
  14:31:46.0554 4960 blbdrive - ok
  14:31:47.0053 4960 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
  14:31:47.0147 4960 bowser - ok
  14:31:47.0553 4960 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
  14:31:47.0662 4960 BrFiltLo - ok
  14:31:47.0974 4960 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
  14:31:48.0067 4960 BrFiltUp - ok
  14:31:48.0723 4960 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
  14:31:48.0832 4960 Brserid - ok
  14:31:49.0378 4960 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
  14:31:49.0503 4960 BrSerWdm - ok
  14:31:49.0971 4960 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
  14:31:50.0049 4960 BrUsbMdm - ok
  14:31:50.0220 4960 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
  14:31:50.0314 4960 BrUsbSer - ok
  14:31:50.0548 4960 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
  14:31:50.0626 4960 BthEnum - ok
  14:31:50.0719 4960 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
  14:31:50.0797 4960 BTHMODEM - ok
  14:31:50.0985 4960 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
  14:31:51.0125 4960 BthPan - ok
  14:31:51.0733 4960 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
  14:31:51.0889 4960 BTHPORT - ok
  14:31:52.0295 4960 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
  14:31:52.0482 4960 BTHUSB - ok
  14:31:52.0810 4960 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
  14:31:52.0997 4960 cdfs - ok
  14:31:53.0496 4960 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
  14:31:53.0621 4960 cdrom - ok
  14:31:54.0058 4960 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
  14:31:54.0245 4960 circlass - ok
  14:31:54.0682 4960 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
  14:31:54.0744 4960 CLFS - ok
  14:31:55.0321 4960 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
  14:31:55.0555 4960 CmBatt - ok
  14:31:56.0039 4960 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
  14:31:56.0086 4960 cmdide - ok
  14:31:56.0460 4960 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
  14:31:56.0585 4960 CNG - ok
  14:31:57.0100 4960 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
  14:31:57.0131 4960 Compbatt - ok
  14:31:57.0615 4960 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
  14:31:57.0771 4960 CompositeBus - ok
  14:31:58.0348 4960 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
  14:31:58.0363 4960 crcdisk - ok
  14:31:59.0081 4960 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
  14:31:59.0237 4960 CSC - ok
  14:31:59.0783 4960 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
  14:31:59.0939 4960 DfsC - ok
  14:32:00.0423 4960 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
  14:32:00.0610 4960 discache - ok
  14:32:01.0218 4960 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
  14:32:01.0249 4960 Disk - ok
  14:32:01.0749 4960 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
  14:32:01.0889 4960 drmkaud - ok
  14:32:02.0419 4960 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
  14:32:02.0544 4960 DXGKrnl - ok
  14:32:03.0667 4960 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
  14:32:04.0042 4960 ebdrv - ok
  14:32:04.0728 4960 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
  14:32:04.0775 4960 elxstor - ok
  14:32:05.0446 4960 enecir (524c79054636d2e5751169005006460b) C:\Windows\system32\DRIVERS\enecir.sys
  14:32:05.0477 4960 enecir - ok
  14:32:05.0945 4960 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
  14:32:06.0195 4960 ErrDev - ok
  14:32:07.0162 4960 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
  14:32:07.0411 4960 exfat - ok
  14:32:08.0176 4960 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
  14:32:08.0379 4960 fastfat - ok
  14:32:09.0143 4960 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
  14:32:09.0252 4960 fdc - ok
  14:32:09.0907 4960 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
  14:32:09.0939 4960 FileInfo - ok
  14:32:10.0500 4960 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
  14:32:10.0703 4960 Filetrace - ok
  14:32:11.0374 4960 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
  14:32:11.0499 4960 flpydisk - ok
  14:32:12.0232 4960 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
  14:32:12.0372 4960 FltMgr - ok
  14:32:12.0934 4960 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
  14:32:12.0965 4960 FsDepends - ok
  14:32:13.0230 4960 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
  14:32:13.0246 4960 Fs_Rec - ok
  14:32:13.0651 4960 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
  14:32:13.0683 4960 fvevol - ok
  14:32:14.0057 4960 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
  14:32:14.0073 4960 gagp30kx - ok
  14:32:14.0665 4960 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
  14:32:14.0743 4960 hcw85cir - ok
  14:32:15.0009 4960 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
  14:32:15.0149 4960 HdAudAddService - ok
  14:32:15.0524 4960 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
  14:32:15.0617 4960 HDAudBus - ok
  14:32:16.0007 4960 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
  14:32:16.0116 4960 HidBatt - ok
  14:32:16.0350 4960 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
  14:32:16.0491 4960 HidBth - ok
  14:32:16.0912 4960 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
  14:32:17.0006 4960 HidIr - ok
  14:32:17.0286 4960 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
  14:32:17.0396 4960 HidUsb - ok
  14:32:17.0988 4960 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
  14:32:18.0020 4960 hpdskflt - ok
  14:32:18.0628 4960 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
  14:32:18.0659 4960 HpSAMD - ok
  14:32:19.0080 4960 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
  14:32:19.0205 4960 HTCAND64 - ok
  14:32:19.0533 4960 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
  14:32:19.0564 4960 htcnprot - ok
  14:32:19.0907 4960 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
  14:32:20.0110 4960 HTTP - ok
  14:32:20.0484 4960 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
  14:32:20.0516 4960 hwpolicy - ok
  14:32:20.0952 4960 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
  14:32:21.0077 4960 i8042prt - ok
  14:32:21.0389 4960 iaStor (be7d72fcf442c26975942007e0831241) C:\Windows\system32\DRIVERS\iaStor.sys
  14:32:21.0420 4960 iaStor - ok
  14:32:21.0842 4960 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
  14:32:21.0904 4960 iaStorV - ok
  14:32:22.0372 4960 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
  14:32:22.0388 4960 iirsp - ok
  14:32:22.0622 4960 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
  14:32:22.0637 4960 intelide - ok
  14:32:22.0949 4960 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
  14:32:23.0090 4960 intelppm - ok
  14:32:23.0464 4960 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
  14:32:23.0542 4960 IpFilterDriver - ok
  14:32:23.0854 4960 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
  14:32:23.0994 4960 IPMIDRV - ok
  14:32:24.0322 4960 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
  14:32:24.0587 4960 IPNAT - ok
  14:32:25.0008 4960 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
  14:32:25.0149 4960 IRENUM - ok
  14:32:25.0773 4960 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
  14:32:25.0788 4960 isapnp - ok
  14:32:26.0225 4960 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
  14:32:26.0288 4960 iScsiPrt - ok
  14:32:26.0631 4960 JMCR (f8844b00c10e386c704c610e95a9847d) C:\Windows\system32\DRIVERS\jmcr.sys
  14:32:26.0662 4960 JMCR - ok
  14:32:27.0255 4960 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
  14:32:27.0286 4960 kbdclass - ok
  14:32:27.0770 4960 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
  14:32:27.0832 4960 kbdhid - ok
  14:32:28.0253 4960 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
  14:32:28.0284 4960 KSecDD - ok
  14:32:28.0643 4960 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
  14:32:28.0706 4960 KSecPkg - ok
  14:32:29.0283 4960 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
  14:32:29.0439 4960 ksthunk - ok
  14:32:29.0766 4960 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
  14:32:29.0907 4960 lltdio - ok
  14:32:30.0546 4960 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
  14:32:30.0578 4960 LSI_FC - ok
  14:32:31.0092 4960 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
  14:32:31.0124 4960 LSI_SAS - ok
  14:32:31.0451 4960 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
  14:32:31.0467 4960 LSI_SAS2 - ok
  14:32:31.0950 4960 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
  14:32:31.0966 4960 LSI_SCSI - ok
  14:32:32.0387 4960 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
  14:32:32.0543 4960 luafv - ok
  14:32:33.0120 4960 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
  14:32:33.0152 4960 megasas - ok
  14:32:33.0651 4960 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
  14:32:33.0666 4960 MegaSR - ok
  14:32:34.0197 4960 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
  14:32:34.0353 4960 Modem - ok
  14:32:34.0727 4960 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
  14:32:34.0868 4960 monitor - ok
  14:32:35.0304 4960 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
  14:32:35.0320 4960 mouclass - ok
  14:32:36.0100 4960 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
  14:32:36.0240 4960 mouhid - ok
  14:32:36.0771 4960 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
  14:32:36.0786 4960 mountmgr - ok
  14:32:37.0114 4960 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
  14:32:37.0145 4960 mpio - ok
  14:32:37.0691 4960 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
  14:32:37.0785 4960 mpsdrv - ok
  14:32:38.0300 4960 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
  14:32:38.0409 4960 MRxDAV - ok
  14:32:38.0892 4960 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
  14:32:38.0986 4960 mrxsmb - ok
  14:32:39.0423 4960 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
  14:32:39.0797 4960 mrxsmb10 - ok
  14:32:40.0593 4960 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
  14:32:40.0733 4960 mrxsmb20 - ok
  14:32:41.0279 4960 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
  14:32:41.0295 4960 msahci - ok
  14:32:41.0778 4960 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
  14:32:41.0810 4960 msdsm - ok
  14:32:42.0324 4960 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
  14:32:42.0465 4960 Msfs - ok
  14:32:43.0151 4960 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
  14:32:43.0448 4960 mshidkmdf - ok
  14:32:43.0713 4960 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
  14:32:43.0728 4960 msisadrv - ok
  14:32:44.0118 4960 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
  14:32:44.0196 4960 MSKSSRV - ok
  14:32:44.0742 4960 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
  14:32:44.0805 4960 MSPCLOCK - ok
  14:32:45.0320 4960 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
  14:32:45.0507 4960 MSPQM - ok
  14:32:46.0037 4960 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
  14:32:46.0053 4960 MsRPC - ok
  14:32:46.0396 4960 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
  14:32:46.0412 4960 mssmbios - ok
  14:32:46.0677 4960 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
  14:32:46.0724 4960 MSTEE - ok
  14:32:47.0067 4960 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
  14:32:47.0223 4960 MTConfig - ok
  14:32:47.0738 4960 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
  14:32:47.0753 4960 Mup - ok
  14:32:48.0393 4960 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
  14:32:48.0502 4960 NativeWifiP - ok
  14:32:49.0095 4960 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
  14:32:49.0266 4960 NDIS - ok
  14:32:49.0532 4960 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
  14:32:49.0703 4960 NdisCap - ok
  14:32:49.0953 4960 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
  14:32:50.0078 4960 NdisTapi - ok
  14:32:50.0343 4960 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
  14:32:50.0530 4960 Ndisuio - ok
  14:32:50.0780 4960 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
  14:32:50.0842 4960 NdisWan - ok
  14:32:51.0248 4960 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
  14:32:51.0482 4960 NDProxy - ok
  14:32:51.0653 4960 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
  14:32:51.0794 4960 NetBIOS - ok
  14:32:52.0215 4960 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
  14:32:52.0371 4960 NetBT - ok
  14:32:52.0932 4960 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
  14:32:52.0964 4960 nfrd960 - ok
  14:32:53.0213 4960 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
  14:32:53.0338 4960 Npfs - ok
  14:32:53.0619 4960 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
  14:32:53.0759 4960 nsiproxy - ok
  14:32:54.0102 4960 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
  14:32:54.0321 4960 Ntfs - ok
  14:32:54.0695 4960 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
  14:32:54.0789 4960 Null - ok
  14:32:55.0085 4960 NVHDA (ad37248bd442d41c9a896e53eb8a85ee) C:\Windows\system32\drivers\nvhda64v.sys
  14:32:55.0101 4960 NVHDA - ok
  14:32:59.0157 4960 nvlddmkm (9fc53830053787fad2078f39d3ab68dc) C:\Windows\system32\DRIVERS\nvlddmkm.sys
  14:32:59.0750 4960 nvlddmkm - ok
  14:33:00.0093 4960 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
  14:33:00.0140 4960 nvraid - ok
  14:33:00.0701 4960 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
  14:33:00.0717 4960 nvstor - ok
  14:33:01.0310 4960 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
  14:33:01.0356 4960 nv_agp - ok
  14:33:01.0590 4960 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
  14:33:03.0790 4960 ohci1394 - ok
  14:33:04.0227 4960 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
  14:33:04.0258 4960 Parport - ok
  14:33:04.0648 4960 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
  14:33:04.0679 4960 partmgr - ok
  14:33:05.0288 4960 pavboot (8a0f8a9580d9f2fc512a35d5709088a9) C:\Windows\system32\drivers\pavboot64.sys
  14:33:05.0303 4960 pavboot - ok
  14:33:05.0896 4960 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
  14:33:05.0927 4960 pci - ok
  14:33:06.0458 4960 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
  14:33:06.0473 4960 pciide - ok
  14:33:06.0848 4960 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
  14:33:06.0863 4960 pcmcia - ok
  14:33:07.0409 4960 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
  14:33:07.0440 4960 pcw - ok
  14:33:08.0002 4960 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
  14:33:08.0158 4960 PEAUTH - ok
  14:33:08.0486 4960 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
  14:33:08.0626 4960 PptpMiniport - ok
  14:33:08.0938 4960 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
  14:33:09.0016 4960 Processor - ok
  14:33:09.0328 4960 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
  14:33:09.0468 4960 Psched - ok
  14:33:09.0983 4960 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
  14:33:10.0264 4960 ql2300 - ok
  14:33:10.0779 4960 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
  14:33:10.0810 4960 ql40xx - ok
  14:33:10.0841 4960 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
  14:33:10.0982 4960 QWAVEdrv - ok
  14:33:11.0356 4960 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
  14:33:11.0434 4960 RasAcd - ok
  14:33:12.0120 4960 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
  14:33:12.0198 4960 RasAgileVpn - ok
  14:33:12.0573 4960 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
  14:33:12.0744 4960 Rasl2tp - ok
  14:33:13.0041 4960 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
  14:33:13.0166 4960 RasPppoe - ok
  14:33:14.0070 4960 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
  14:33:14.0148 4960 RasSstp - ok
  14:33:14.0570 4960 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
  14:33:14.0757 4960 rdbss - ok
  14:33:15.0084 4960 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
  14:33:15.0240 4960 rdpbus - ok
  14:33:15.0490 4960 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
  14:33:15.0630 4960 RDPCDD - ok
  14:33:15.0818 4960 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
  14:33:15.0974 4960 RDPDR - ok
  14:33:16.0566 4960 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
  14:33:16.0613 4960 RDPENCDD - ok
  14:33:16.0988 4960 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
  14:33:17.0050 4960 RDPREFMP - ok
  14:33:17.0378 4960 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
  14:33:25.0068 4960 RdpVideoMiniport - ok
  14:33:25.0318 4960 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
  14:33:25.0396 4960 RDPWD - ok
  14:33:26.0238 4960 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
  14:33:26.0270 4960 rdyboost - ok
  14:33:27.0221 4960 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
  14:33:27.0408 4960 RFCOMM - ok
  14:33:28.0079 4960 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
  14:33:28.0251 4960 RimUsb - ok
  14:33:29.0140 4960 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
  14:33:29.0296 4960 rspndr - ok
  14:33:29.0733 4960 RSUSBSTOR - ok
  14:33:30.0950 4960 RTL8167 (fe61b0b4aa58c3bd3dfa6279131f7f53) C:\Windows\system32\DRIVERS\Rt64win7.sys
  14:33:31.0246 4960 RTL8167 - ok
  14:33:32.0073 4960 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
  14:33:32.0322 4960 s3cap - ok
  14:33:32.0790 4960 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
  14:33:32.0822 4960 sbp2port - ok
  14:33:33.0711 4960 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
  14:33:33.0914 4960 scfilter - ok
  14:33:34.0460 4960 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
  14:33:34.0616 4960 sdbus - ok
  14:33:35.0006 4960 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
  14:33:35.0130 4960 secdrv - ok
  14:33:35.0583 4960 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
  14:33:35.0630 4960 Serenum - ok
  14:33:36.0051 4960 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
  14:33:36.0082 4960 Serial - ok
  14:33:36.0566 4960 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
  14:33:36.0597 4960 sermouse - ok
  14:33:36.0753 4960 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
  14:33:36.0940 4960 sffdisk - ok
  14:33:37.0424 4960 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
  14:33:37.0611 4960 sffp_mmc - ok
  14:33:38.0874 4960 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
  14:33:39.0842 4960 sffp_sd - ok
  14:33:40.0341 4960 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
  14:33:40.0372 4960 sfloppy - ok
  14:33:40.0809 4960 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
  14:33:40.0824 4960 SiSRaid2 - ok
  14:33:41.0152 4960 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
  14:33:41.0183 4960 SiSRaid4 - ok
  14:33:41.0776 4960 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
  14:33:41.0870 4960 Smb - ok
  14:33:42.0353 4960 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
  14:33:42.0384 4960 spldr - ok
  14:33:42.0540 4960 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
  14:33:42.0650 4960 srv - ok
  14:33:42.0790 4960 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
  14:33:42.0868 4960 srv2 - ok
  14:33:42.0977 4960 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
  14:33:43.0336 4960 srvnet - ok
  14:33:43.0866 4960 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
  14:33:43.0882 4960 stexstor - ok
  14:33:44.0397 4960 STHDA (dffbc024dfc7bb05b2129e05cbc7a201) C:\Windows\system32\DRIVERS\stwrt64.sys
  14:33:44.0615 4960 STHDA - ok
  14:33:45.0005 4960 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
  14:33:45.0036 4960 storflt - ok
  14:33:45.0177 4960 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
  14:33:46.0737 4960 storvsc - ok
  14:33:47.0111 4960 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
  14:33:47.0127 4960 swenum - ok
  14:33:47.0454 4960 Synth3dVsc - ok
  14:33:48.0156 4960 SynTP (3a706a967295e16511e40842b1a2761d) C:\Windows\system32\DRIVERS\SynTP.sys
  14:33:48.0250 4960 SynTP - ok
  14:33:49.0311 4960 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
  14:33:49.0467 4960 Tcpip - ok
  14:33:49.0716 4960 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
  14:33:49.0779 4960 TCPIP6 - ok
  14:33:50.0216 4960 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
  14:33:50.0387 4960 tcpipreg - ok
  14:33:50.0668 4960 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
  14:33:50.0840 4960 TDPIPE - ok
  14:33:51.0370 4960 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
  14:33:51.0432 4960 TDTCP - ok
  14:33:52.0025 4960 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
  14:33:52.0134 4960 tdx - ok
  14:33:52.0353 4960 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
  14:33:52.0384 4960 TermDD - ok
  14:33:52.0540 4960 truecrypt (8de922cd4fea6f83b10805df965b9a08) C:\Windows\system32\drivers\truecrypt.sys
  14:33:52.0665 4960 truecrypt - ok
  14:33:53.0070 4960 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
  14:33:53.0195 4960 tssecsrv - ok
  14:33:53.0304 4960 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
  14:33:53.0429 4960 TsUsbFlt - ok
  14:33:53.0445 4960 tsusbhub - ok
  14:33:53.0648 4960 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
  14:33:53.0772 4960 tunnel - ok
  14:33:53.0882 4960 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
  14:33:53.0913 4960 uagp35 - ok
  14:33:54.0116 4960 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
  14:33:54.0209 4960 udfs - ok
  14:33:54.0350 4960 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
  14:33:54.0365 4960 uliagpkx - ok
  14:33:54.0662 4960 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
  14:33:54.0802 4960 umbus - ok
  14:33:55.0052 4960 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
  14:33:55.0083 4960 UmPass - ok
  14:33:55.0676 4960 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
  14:33:55.0832 4960 usbaudio - ok
  14:33:56.0768 4960 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
  14:33:56.0970 4960 usbccgp - ok
  14:33:58.0312 4960 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
  14:33:58.0452 4960 usbcir - ok
  14:33:58.0764 4960 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
  14:33:58.0936 4960 usbehci - ok
  14:33:59.0295 4960 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
  14:33:59.0466 4960 usbhub - ok
  14:33:59.0716 4960 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
  14:33:59.0747 4960 usbohci - ok
  14:34:00.0090 4960 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
  14:34:00.0215 4960 usbprint - ok
  14:34:00.0761 4960 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
  14:34:00.0917 4960 USBSTOR - ok
  14:34:01.0510 4960 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
  14:34:01.0572 4960 usbuhci - ok
  14:34:01.0806 4960 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
  14:34:01.0900 4960 usbvideo - ok
  14:34:01.0947 4960 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
  14:34:02.0056 4960 usb_rndisx - ok
  14:34:02.0430 4960 VBoxNetAdp (8acf22b86ce4e85c23e3e9513bf45c37) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
  14:34:02.0462 4960 VBoxNetAdp - ok
  14:34:02.0633 4960 VBoxNetFlt - ok
  14:34:02.0883 4960 VBoxUSB (bcfe50247fbe5c8cb2e22fa5938ea6f7) C:\Windows\system32\Drivers\VBoxUSB.sys
  14:34:02.0898 4960 VBoxUSB - ok
  14:34:03.0476 4960 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
  14:34:03.0491 4960 vdrvroot - ok
  14:34:03.0772 4960 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
  14:34:03.0912 4960 vga - ok
  14:34:04.0053 4960 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
  14:34:04.0224 4960 VgaSave - ok
  14:34:04.0864 4960 VGPU - ok
  14:34:05.0145 4960 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
  14:34:05.0176 4960 vhdmp - ok
  14:34:05.0441 4960 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
  14:34:05.0457 4960 viaide - ok
  14:34:05.0691 4960 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
  14:34:05.0722 4960 vmbus - ok
  14:34:06.0143 4960 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
  14:34:06.0393 4960 VMBusHID - ok
  14:34:06.0845 4960 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
  14:34:06.0876 4960 volmgr - ok
  14:34:07.0173 4960 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
  14:34:07.0360 4960 volmgrx - ok
  14:34:07.0719 4960 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
  14:34:07.0766 4960 volsnap - ok
  14:34:08.0280 4960 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
  14:34:08.0327 4960 vsmraid - ok
  14:34:08.0920 4960 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
  14:34:09.0092 4960 vwifibus - ok
  14:34:09.0622 4960 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
  14:34:09.0965 4960 vwififlt - ok
  14:34:10.0293 4960 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
  14:34:10.0418 4960 WacomPen - ok
  14:34:10.0621 4960 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
  14:34:11.0510 4960 WANARP - ok
  14:34:11.0666 4960 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
  14:34:11.0728 4960 Wanarpv6 - ok
  14:34:12.0196 4960 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
  14:34:12.0227 4960 Wd - ok
  14:34:12.0508 4960 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
  14:34:12.0571 4960 Wdf01000 - ok
  14:34:12.0976 4960 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
  14:34:16.0783 4960 WfpLwf - ok
  14:34:17.0095 4960 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
  14:34:17.0126 4960 WIMMount - ok
  14:34:17.0672 4960 WINUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.SYS
  14:34:17.0859 4960 WINUSB - ok
  14:34:18.0467 4960 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
  14:34:18.0608 4960 WmiAcpi - ok
  14:34:19.0013 4960 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
  14:34:19.0216 4960 ws2ifsl - ok
  14:34:19.0731 4960 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
  14:34:20.0183 4960 WudfPf - ok
  14:34:20.0480 4960 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
  14:34:20.0558 4960 WUDFRd - ok
  14:34:20.0636 4960 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
  14:34:20.0932 4960 \Device\Harddisk0\DR0 - ok
  14:34:20.0932 4960 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
  14:34:21.0556 4960 \Device\Harddisk1\DR1 - ok
  14:34:21.0572 4960 Boot (0x1200) (191c58afcbcc48a0877afcf304945e65) \Device\Harddisk0\DR0\Partition0
  14:34:21.0572 4960 \Device\Harddisk0\DR0\Partition0 - ok
  14:34:21.0587 4960 Boot (0x1200) (d49058e2d2b9cc411d9d7edcee4aada4) \Device\Harddisk0\DR0\Partition1
  14:34:21.0587 4960 \Device\Harddisk0\DR0\Partition1 - ok
  14:34:21.0587 4960 Boot (0x1200) (0d62821303dfbe6b60a7014e59e09559) \Device\Harddisk1\DR1\Partition0
  14:34:21.0587 4960 \Device\Harddisk1\DR1\Partition0 - ok
  14:34:21.0587 4960 ============================================================
  14:34:21.0587 4960 Scan finished
  14:34:21.0587 4960 ============================================================
  14:34:23.0943 3576 Deinitialize success

  ==============================================
  Last Created System Restore Point
  ==============================================
  No restore point in system.
  ==============================================
  EOF

  [b:621797c59f]Stap 2[/b:621797c59f]

  ComboFix 12-02-11.03 - vlindermeisje 12-02-2012 15:04:21.1.4 - x64
  Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1033.18.4023.247 [GMT 1:00]
  Gestart vanuit: c:\users\vlindermeisje\Desktop\ComboFix.exe
  AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
  SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
  SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  .
  .
  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  c:\users\vlindermeisje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3RVX.lnk
  .
  .
  (((((((((((((((((((( Bestanden Gemaakt van 2012-01-12 to 2012-02-12 ))))))))))))))))))))))))))))))
  .
  .
  2012-02-12 13:30 . 2012-02-12 13:34 ——– d—–w- C:\TDSSStarter
  2012-02-12 09:12 . 2012-02-12 09:12 ——– d—–w- c:\users\vlindermeisje\AppData\Local\ElevatedDiagnostics
  2012-02-12 09:11 . 2012-02-12 09:11 ——– d—–w- c:\users\vlindermeisje\AppData\Local\Diagnostics
  2012-02-11 05:36 . 2012-01-06 05:15 8602168 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3446D4C8-1BCA-4F85-B645-B8EDCD456BD4}\mpengine.dll
  2012-02-06 20:05 . 2012-02-06 20:05 ——– d—–w- c:\windows\system32\appmgmt
  2012-02-06 19:51 . 2012-02-06 19:51 ——– d—–w- c:\program files (x86)\ESET
  2012-02-06 19:26 . 2012-02-06 19:26 388096 —-a-r- c:\users\vlindermeisje\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
  2012-02-06 19:26 . 2012-02-06 19:26 ——– d—–w- c:\program files (x86)\Trend Micro
  2012-02-05 17:48 . 2011-11-28 17:53 304472 —-a-w- c:\windows\system32\drivers\aswSP.sys
  2012-02-05 17:48 . 2011-11-28 17:51 24408 —-a-w- c:\windows\system32\drivers\aswFsBlk.sys
  2012-02-05 17:47 . 2011-11-28 17:52 42328 —-a-w- c:\windows\system32\drivers\aswRdr.sys
  2012-02-05 17:47 . 2011-11-28 17:52 58712 —-a-w- c:\windows\system32\drivers\aswTdi.sys
  2012-02-05 17:47 . 2011-11-28 17:54 591192 —-a-w- c:\windows\system32\drivers\aswSnx.sys
  2012-02-05 17:47 . 2011-11-28 17:52 66904 —-a-w- c:\windows\system32\drivers\aswMonFlt.sys
  2012-02-05 17:44 . 2011-11-28 18:01 41184 —-a-w- c:\windows\avastSS.scr
  2012-02-05 17:44 . 2011-11-28 18:01 199816 —-a-w- c:\windows\SysWow64\aswBoot.exe
  2012-02-05 16:20 . 2012-02-06 20:15 ——– d—–w- c:\program files (x86)\Spybot - Search & Destroy
  2012-02-05 16:20 . 2012-02-06 20:15 ——– d—–w- c:\programdata\Spybot - Search & Destroy
  2012-02-05 08:34 . 2012-02-05 08:34 ——– d—–w- c:\users\vlindermeisje\AppData\Roaming\Malwarebytes
  2012-02-05 08:33 . 2012-02-05 08:33 ——– d—–w- c:\programdata\Malwarebytes
  2012-02-05 08:33 . 2012-02-05 08:33 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
  2012-02-05 08:33 . 2011-12-10 14:24 23152 —-a-w- c:\windows\system32\drivers\mbam.sys
  2012-02-03 14:17 . 2012-02-03 14:17 ——– d—–w- c:\users\vlindermeisje\Logitech
  2012-02-03 14:16 . 2012-02-03 14:17 ——– d—–w- c:\program files (x86)\Common Files\Remote Control Software Common
  2012-02-03 14:16 . 2012-02-03 14:16 ——– d—–w- c:\program files (x86)\Logitech
  2012-02-03 14:16 . 2012-02-03 14:16 ——– d—–w- c:\program files (x86)\Common Files\Remote Control USB Driver
  2012-02-03 14:15 . 2006-02-07 14:44 65024 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
  2012-02-03 14:15 . 2012-02-03 14:15 200836 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
  2012-02-03 14:15 . 2006-02-07 14:45 757760 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
  2012-02-03 14:15 . 2006-02-07 14:40 204800 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
  2012-02-03 14:15 . 2006-02-07 14:40 69715 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
  2012-02-03 14:15 . 2006-02-07 14:40 274432 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
  2012-02-03 14:15 . 2006-02-07 14:39 32768 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
  2012-02-03 14:15 . 2005-11-13 22:19 5632 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
  2012-02-03 14:15 . 2012-02-03 14:15 331908 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
  2012-01-28 10:20 . 2012-01-28 10:20 ——– d—–w- c:\users\vlindermeisje\VirtualBox VMs
  2012-01-28 10:19 . 2012-02-04 16:53 ——– d—–w- c:\users\vlindermeisje\.VirtualBox
  2012-01-28 10:18 . 2011-12-19 12:45 224048 —-a-w- c:\windows\system32\drivers\VBoxDrv.sys
  2012-01-28 10:18 . 2012-02-05 16:05 ——– dc—-w- c:\windows\system32\DRVSTORE
  2012-01-28 10:18 . 2011-12-19 12:45 130864 —-a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
  2012-01-27 19:25 . 2012-01-27 20:23 ——– d—–w- C:\android_root
  2012-01-27 18:18 . 2012-01-27 18:23 ——– d—–w- c:\users\vlindermeisje\.android
  2012-01-27 18:17 . 2012-01-27 18:17 ——– d—–w- c:\program files (x86)\Android
  2012-01-27 18:16 . 2012-02-05 16:05 ——– d—–w- c:\program files\Oracle
  2012-01-27 18:15 . 2011-11-08 18:40 750488 —-a-w- c:\windows\system32\npdeployJava1.dll
  2012-01-27 18:15 . 2011-11-08 18:40 660368 —-a-w- c:\windows\system32\deployJava1.dll
  2012-01-27 18:13 . 2012-01-27 18:15 ——– d—–w- c:\program files\Java
  2012-01-27 18:13 . 2012-02-06 18:41 ——– d—–w- c:\users\vlindermeisje\AppData\Local\Htc
  2012-01-27 18:13 . 2012-01-27 18:14 ——– d—–w- c:\users\vlindermeisje\AppData\Roaming\HTC
  2012-01-27 18:10 . 2012-01-27 18:10 ——– d—–w- c:\users\vlindermeisje\AppData\Local\Downloaded Installations
  2012-01-27 18:09 . 2012-01-27 18:09 ——– d—–w- c:\program files (x86)\Spirent Communications
  2012-01-27 18:09 . 2012-01-27 18:12 ——– d—–w- c:\program files (x86)\HTC
  2012-01-21 19:04 . 2012-01-25 17:54 ——– d—–w- c:\users\vlindermeisje\.freemind
  2012-01-21 19:04 . 2012-01-21 19:04 ——– d—–w- c:\program files (x86)\FreeMind
  2012-01-19 12:46 . 2012-01-19 12:46 ——– d—–w- c:\program files (x86)\KeyTweak
  2012-01-15 12:07 . 2012-02-12 07:47 ——– d—–r- c:\users\vlindermeisje\Dropbox
  2012-01-15 12:05 . 2012-02-12 07:47 ——– d—–w- c:\users\vlindermeisje\AppData\Roaming\Dropbox
  .
  .
  .
  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  2012-01-26 23:52 . 2011-11-05 13:18 279656 ——w- c:\windows\system32\MpSigStub.exe
  2012-01-04 16:02 . 2012-01-04 16:02 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
  2011-12-19 12:45 . 2011-12-19 12:45 146736 —-a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
  2011-12-19 12:45 . 2011-12-19 12:45 117040 —-a-w- c:\windows\system32\drivers\VBoxUSB.sys
  2011-12-16 21:31 . 2011-03-28 17:36 18328 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
  2011-12-14 22:26 . 2011-12-14 22:26 91648 —-a-w- c:\windows\system32\SetIEInstalledDate.exe
  2011-12-14 22:26 . 2011-12-14 22:26 89088 —-a-w- c:\windows\system32\RegisterIEPKEYs.exe
  2011-12-14 22:26 . 2011-12-14 22:26 86528 —-a-w- c:\windows\SysWow64\iesysprep.dll
  2011-12-14 22:26 . 2011-12-14 22:26 85504 —-a-w- c:\windows\system32\iesetup.dll
  2011-12-14 22:26 . 2011-12-14 22:26 76800 —-a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
  2011-12-14 22:26 . 2011-12-14 22:26 76800 —-a-w- c:\windows\system32\tdc.ocx
  2011-12-14 22:26 . 2011-12-14 22:26 74752 —-a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
  2011-12-14 22:26 . 2011-12-14 22:26 74752 —-a-w- c:\windows\SysWow64\iesetup.dll
  2011-12-14 22:26 . 2011-12-14 22:26 63488 —-a-w- c:\windows\SysWow64\tdc.ocx
  2011-12-14 22:26 . 2011-12-14 22:26 603648 —-a-w- c:\windows\system32\vbscript.dll
  2011-12-14 22:26 . 2011-12-14 22:26 49664 —-a-w- c:\windows\system32\imgutil.dll
  2011-12-14 22:26 . 2011-12-14 22:26 48640 —-a-w- c:\windows\SysWow64\mshtmler.dll
  2011-12-14 22:26 . 2011-12-14 22:26 48640 —-a-w- c:\windows\system32\mshtmler.dll
  2011-12-14 22:26 . 2011-12-14 22:26 448512 —-a-w- c:\windows\system32\html.iec
  2011-12-14 22:26 . 2011-12-14 22:26 420864 —-a-w- c:\windows\SysWow64\vbscript.dll
  2011-12-14 22:26 . 2011-12-14 22:26 367104 —-a-w- c:\windows\SysWow64\html.iec
  2011-12-14 22:26 . 2011-12-14 22:26 35840 —-a-w- c:\windows\SysWow64\imgutil.dll
  2011-12-14 22:26 . 2011-12-14 22:26 30720 —-a-w- c:\windows\system32\licmgr10.dll
  2011-12-14 22:26 . 2011-12-14 22:26 2382848 —-a-w- c:\windows\SysWow64\mshtml.tlb
  2011-12-14 22:26 . 2011-12-14 22:26 2382848 —-a-w- c:\windows\system32\mshtml.tlb
  2011-12-14 22:26 . 2011-12-14 22:26 23552 —-a-w- c:\windows\SysWow64\licmgr10.dll
  2011-12-14 22:26 . 2011-12-14 22:26 2309120 —-a-w- c:\windows\system32\jscript9.dll
  2011-12-14 22:26 . 2011-12-14 22:26 222208 —-a-w- c:\windows\system32\msls31.dll
  2011-12-14 22:26 . 2011-12-14 22:26 1798144 —-a-w- c:\windows\SysWow64\jscript9.dll
  2011-12-14 22:26 . 2011-12-14 22:26 173056 —-a-w- c:\windows\system32\ieUnatt.exe
  2011-12-14 22:26 . 2011-12-14 22:26 165888 —-a-w- c:\windows\system32\iexpress.exe
  2011-12-14 22:26 . 2011-12-14 22:26 161792 —-a-w- c:\windows\SysWow64\msls31.dll
  2011-12-14 22:26 . 2011-12-14 22:26 160256 —-a-w- c:\windows\system32\wextract.exe
  2011-12-14 22:26 . 2011-12-14 22:26 152064 —-a-w- c:\windows\SysWow64\wextract.exe
  2011-12-14 22:26 . 2011-12-14 22:26 150528 —-a-w- c:\windows\SysWow64\iexpress.exe
  2011-12-14 22:26 . 2011-12-14 22:26 1493504 —-a-w- c:\windows\system32\inetcpl.cpl
  2011-12-14 22:26 . 2011-12-14 22:26 142848 —-a-w- c:\windows\SysWow64\ieUnatt.exe
  2011-12-14 22:26 . 2011-12-14 22:26 1427456 —-a-w- c:\windows\SysWow64\inetcpl.cpl
  2011-12-14 22:26 . 2011-12-14 22:26 1390080 —-a-w- c:\windows\system32\wininet.dll
  2011-12-14 22:26 . 2011-12-14 22:26 135168 —-a-w- c:\windows\system32\IEAdvpack.dll
  2011-12-14 22:26 . 2011-12-14 22:26 12288 —-a-w- c:\windows\system32\mshta.exe
  2011-12-14 22:26 . 2011-12-14 22:26 11776 —-a-w- c:\windows\SysWow64\mshta.exe
  2011-12-14 22:26 . 2011-12-14 22:26 114176 —-a-w- c:\windows\system32\admparse.dll
  2011-12-14 22:26 . 2011-12-14 22:26 1127424 —-a-w- c:\windows\SysWow64\wininet.dll
  2011-12-14 22:26 . 2011-12-14 22:26 111616 —-a-w- c:\windows\system32\iesysprep.dll
  2011-12-14 22:26 . 2011-12-14 22:26 110592 —-a-w- c:\windows\SysWow64\IEAdvpack.dll
  2011-12-14 22:26 . 2011-12-14 22:26 101888 —-a-w- c:\windows\SysWow64\admparse.dll
  2011-12-07 21:49 . 2011-12-07 21:49 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
  2011-11-28 18:01 . 2011-11-05 13:23 256960 —-a-w- c:\windows\system32\aswBoot.exe
  2011-11-24 04:52 . 2011-12-14 18:05 3145216 —-a-w- c:\windows\system32\win32k.sys
  2011-11-20 10:09 . 2011-12-10 18:32 74752 —-a-w- c:\windows\SysWow64\ff_vfw.dll
  2011-11-19 14:58 . 2012-01-11 14:17 77312 —-a-w- c:\windows\system32\packager.dll
  2011-11-19 14:01 . 2012-01-11 14:17 67072 —-a-w- c:\windows\SysWow64\packager.dll
  2011-11-17 06:49 . 2012-01-12 19:50 152432 —-a-w- c:\windows\system32\drivers\ksecpkg.sys
  2011-11-17 06:49 . 2012-01-12 19:50 95600 —-a-w- c:\windows\system32\drivers\ksecdd.sys
  2011-11-17 06:44 . 2012-01-12 19:50 459232 —-a-w- c:\windows\system32\drivers\cng.sys
  2011-11-17 06:41 . 2012-01-11 14:17 1731920 —-a-w- c:\windows\system32\ntdll.dll
  2011-11-17 06:35 . 2012-01-12 19:50 395776 —-a-w- c:\windows\system32\webio.dll
  2011-11-17 06:35 . 2012-01-12 19:50 136192 —-a-w- c:\windows\system32\sspicli.dll
  2011-11-17 06:35 . 2012-01-12 19:50 29184 —-a-w- c:\windows\system32\sspisrv.dll
  2011-11-17 06:35 . 2012-01-12 19:50 340992 —-a-w- c:\windows\system32\schannel.dll
  2011-11-17 06:35 . 2012-01-12 19:50 28160 —-a-w- c:\windows\system32\secur32.dll
  2011-11-17 06:35 . 2012-01-12 19:50 1447936 —-a-w- c:\windows\system32\lsasrv.dll
  2011-11-17 06:33 . 2012-01-12 19:50 31232 —-a-w- c:\windows\system32\lsass.exe
  2011-11-17 05:38 . 2012-01-11 14:17 1292080 —-a-w- c:\windows\SysWow64\ntdll.dll
  2011-11-17 05:35 . 2012-01-12 19:50 314880 —-a-w- c:\windows\SysWow64\webio.dll
  2011-11-17 05:34 . 2012-01-12 19:50 224768 —-a-w- c:\windows\SysWow64\schannel.dll
  2011-11-17 05:34 . 2012-01-12 19:50 22016 —-a-w- c:\windows\SysWow64\secur32.dll
  2011-11-17 05:28 . 2012-01-12 19:50 96768 —-a-w- c:\windows\SysWow64\sspicli.dll
  .
  .
  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
  REGEDIT4
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 94208 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 94208 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 94208 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  .
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-02-10 738168]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-09-01 499768]
  "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
  .
  c:\users\vlindermeisje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
  Dropbox.lnk - c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-1-18 24246216]
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  "ConsentPromptBehaviorAdmin"= 5 (0x5)
  "ConsentPromptBehaviorUser"= 3 (0x3)
  "EnableUIADesktopToggle"= 0 (0x0)
  .
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  .
  R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 136176]
  R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
  R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-11 1038088]
  R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 136176]
  R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
  R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
  R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
  R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
  R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
  R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
  R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
  R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
  R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
  R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
  R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [x]
  R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
  R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
  R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
  S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [x]
  S1 aswSnx;aswSnx; [x]
  S1 aswSP;aswSP; [x]
  S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
  S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [2009-03-03 89600]
  S2 aswFsBlk;aswFsBlk; [x]
  S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
  S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
  S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-25 2214504]
  S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
  S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
  S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
  S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
  S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
  .
  .
  — Andere Services/Drivers In Geheugen —
  .
  *NewlyCreated* - 53620504
  *Deregistered* - 53620504
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
  2010-11-20 12:17 302592 —-a-w- c:\windows\System32\cmd.exe
  .
  Inhoud van de 'Gedeelde Taken' map
  .
  2012-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 13:24]
  .
  2012-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 13:24]
  .
  2012-02-01 c:\windows\Tasks\SyncBack Monthly.job
  - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-11-05 14:42]
  .
  2012-02-11 c:\windows\Tasks\SyncBack Nightly.job
  - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-11-05 14:42]
  .
  2012-02-11 c:\windows\Tasks\SyncBack School_dropbox.job
  - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-11-05 14:42]
  .
  2012-02-05 c:\windows\Tasks\SyncBack Weekly.job
  - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-11-05 14:42]
  .
  .
  ——— x86-64 ———–
  .
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
  @="{472083B0-C522-11CF-8763-00608CC02F24}"
  [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
  2011-11-28 18:01 134384 —-a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 97792 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 97792 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 97792 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
  @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 97792 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-12-09 611896]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  "LoadAppInit_DLLs"=0x0
  .
  ——- Bijkomende Scan ——-
  .
  uLocal Page = c:\windows\system32\blank.htm
  uDefault_Search_URL = hxxp://www.google.com/ie
  mLocal Page = c:\windows\SysWOW64\blank.htm
  uSearchAssistant = hxxp://www.google.com/ie
  uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
  IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
  IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
  IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
  IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
  IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
  IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
  IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
  TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
  FF - ProfilePath - c:\users\vlindermeisje\AppData\Roaming\Mozilla\Firefox\Profiles\aenfudpd.default\
  FF - prefs.js: network.proxy.type - 0
  .
  .
  ——————— VERGRENDELDE REGISTER SLEUTELS ———————
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  @Denied: (A 2) (Everyone)
  @="FlashBroker"
  "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil
 • Het log van ComboFix is niet compleet!

  Maar doe nu eerst het volgende:

  [b:87c5b3fca9]Welk programma[/b:87c5b3fca9]: "aswMBR.exe'
  [b:87c5b3fca9]Waarvoor/waarom[/b:87c5b3fca9]: MBR-Rootkitscanner
  [b:87c5b3fca9]Moeilijkheidsgraad[/b:87c5b3fca9]: geen
  [b:87c5b3fca9]Downloadlokatie[/b:87c5b3fca9]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen!
  [b:87c5b3fca9]Download[/b:87c5b3fca9] [b:87c5b3fca9]aswMBR.exe[/b:87c5b3fca9] [b:87c5b3fca9]hier[/b:87c5b3fca9].


  [b:87c5b3fca9]aswMBR.exe gebruiken[/b:87c5b3fca9]:
  [list:87c5b3fca9][*:87c5b3fca9]Windows 2000 en Windows XP: start "aswMBR.exe" middels dubbelklik op "aswMBR.exe".
  [*:87c5b3fca9]Windows Vista en Windows 7: start "aswMBR.exe" middels rechtsklik op "aswMBR.exe" en kies jij voor [b:87c5b3fca9]Als Administrator uitvoeren[/b:87c5b3fca9].[/list:u:87c5b3fca9]

  [list:87c5b3fca9][*:87c5b3fca9] Klik in het volgende venster op "[b:87c5b3fca9]Nee[/b:87c5b3fca9]"[/list:u:87c5b3fca9]
  [img:87c5b3fca9]http://www.imgdumper.nl/uploads4/4e4115af00b45/4e4115af00378-aswmbrno.png[/img:87c5b3fca9]

  [img:87c5b3fca9]http://www.imgdumper.nl/uploads4/4db3f87694fe9/4db3f87693886-aswmbrscan.gif[/img:87c5b3fca9]
  [list:87c5b3fca9][*:87c5b3fca9] Klik nu in het zwarte scherm op de knop [b:87c5b3fca9]Scan[/b:87c5b3fca9]
  [*:87c5b3fca9] Als de melding "Scan finished successfully" komt, klik dan vervolgens op de knop [b:87c5b3fca9]Save log[/b:87c5b3fca9][/list:u:87c5b3fca9]
  [img:87c5b3fca9]http://www.imgdumper.nl/uploads4/4db3f8e71343a/4db3f8e71288d-aswmbrsavelog.gif[/img:87c5b3fca9]
  [list:87c5b3fca9][*:87c5b3fca9] Het makkelijkst is het, als opslaglokatie voor het log gewoon het bureaublad te kiezen.
  [*:87c5b3fca9] Tevens vindt je nu op het bureaublad ook het bestand [b:87c5b3fca9]MBR.dat[/b:87c5b3fca9]!
  [*:87c5b3fca9] [b:87c5b3fca9]MBR.dat[/b:87c5b3fca9] is een backupbestand, bewaar dat dus voorlopig.
  [*:87c5b3fca9] Ook op het bureaublad staat een kladbloktekst-document genaamd [b:87c5b3fca9]aswMBR.txt[/b:87c5b3fca9][*:87c5b3fca9] Post de inhoud van [b:87c5b3fca9]aswMBR.txt[/b:87c5b3fca9] in jouw volgende bericht.[/list:u:87c5b3fca9]

  N.B.: zorg er voor dat externe HD's/USB-sticks eerst worden verwijderd.
 • Ik zie het. Ik zal 'm nogmaals plaatsen. Heb eerst aswMBR.exe gedraaid:

  [b:8b2effef67]aswMBR:[/b:8b2effef67]
  aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
  Run date: 2012-02-12 15:45:47
  —————————–
  15:45:47.905 OS Version: Windows x64 6.1.7601 Service Pack 1
  15:45:47.905 Number of processors: 4 586 0x2502
  15:45:47.905 ComputerName: vlindermeisje-LAPTOP UserName: vlindermeisje
  15:45:54.098 Initialize success
  15:45:55.643 AVAST engine defs: 12021200
  15:46:06.001 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
  15:46:06.001 Disk 0 Vendor: WDC_WD32 02.0 Size: 305245MB BusType: 3
  15:46:06.017 Disk 0 MBR read successfully
  15:46:06.017 Disk 0 MBR scan
  15:46:06.048 Disk 0 Windows 7 default MBR code
  15:46:06.063 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
  15:46:06.063 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 206848
  15:46:06.079 Service scanning
  15:46:10.353 Modules scanning
  15:46:10.353 Disk 0 trace - called modules:
  15:46:10.385 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
  15:46:10.385 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800583f060]
  15:46:10.400 3 CLASSPNP.SYS[fffff88001b6b43f] -> nt!IofCallDriver -> [0xfffffa80056d9b10]
  15:46:10.416 5 hpdskflt.sys[fffff88001b12189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a14050]
  15:46:11.711 AVAST engine scan C:\Windows
  15:46:15.158 AVAST engine scan C:\Windows\system32
  15:49:45.072 AVAST engine scan C:\Windows\system32\drivers
  15:50:00.360 AVAST engine scan C:\Users\vlindermeisje
  15:59:09.668 AVAST engine scan C:\ProgramData
  15:59:49.979 Scan finished successfully
  16:00:51.693 Disk 0 MBR has been saved successfully to "C:\Users\vlindermeisje\Desktop\MBR.dat"
  16:00:51.708 The log file has been saved successfully to "C:\Users\vlindermeisje\Desktop\aswMBR.txt"  [b:8b2effef67]combofix poging 2:[/b:8b2effef67]
  ComboFix 12-02-11.03 - vlindermeisje 12-02-2012 15:04:21.1.4 - x64
  Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1033.18.4023.247 [GMT 1:00]
  Gestart vanuit: c:\users\vlindermeisje\Desktop\ComboFix.exe
  AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
  SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
  SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  .
  .
  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  c:\users\vlindermeisje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3RVX.lnk
  .
  .
  (((((((((((((((((((( Bestanden Gemaakt van 2012-01-12 to 2012-02-12 ))))))))))))))))))))))))))))))
  .
  .
  2012-02-12 13:30 . 2012-02-12 13:34 ——– d—–w- C:\TDSSStarter
  2012-02-12 09:12 . 2012-02-12 09:12 ——– d—–w- c:\users\vlindermeisje\AppData\Local\ElevatedDiagnostics
  2012-02-12 09:11 . 2012-02-12 09:11 ——– d—–w- c:\users\vlindermeisje\AppData\Local\Diagnostics
  2012-02-11 05:36 . 2012-01-06 05:15 8602168 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3446D4C8-1BCA-4F85-B645-B8EDCD456BD4}\mpengine.dll
  2012-02-06 20:05 . 2012-02-06 20:05 ——– d—–w- c:\windows\system32\appmgmt
  2012-02-06 19:51 . 2012-02-06 19:51 ——– d—–w- c:\program files (x86)\ESET
  2012-02-06 19:26 . 2012-02-06 19:26 388096 —-a-r- c:\users\vlindermeisje\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
  2012-02-06 19:26 . 2012-02-06 19:26 ——– d—–w- c:\program files (x86)\Trend Micro
  2012-02-05 17:48 . 2011-11-28 17:53 304472 —-a-w- c:\windows\system32\drivers\aswSP.sys
  2012-02-05 17:48 . 2011-11-28 17:51 24408 —-a-w- c:\windows\system32\drivers\aswFsBlk.sys
  2012-02-05 17:47 . 2011-11-28 17:52 42328 —-a-w- c:\windows\system32\drivers\aswRdr.sys
  2012-02-05 17:47 . 2011-11-28 17:52 58712 —-a-w- c:\windows\system32\drivers\aswTdi.sys
  2012-02-05 17:47 . 2011-11-28 17:54 591192 —-a-w- c:\windows\system32\drivers\aswSnx.sys
  2012-02-05 17:47 . 2011-11-28 17:52 66904 —-a-w- c:\windows\system32\drivers\aswMonFlt.sys
  2012-02-05 17:44 . 2011-11-28 18:01 41184 —-a-w- c:\windows\avastSS.scr
  2012-02-05 17:44 . 2011-11-28 18:01 199816 —-a-w- c:\windows\SysWow64\aswBoot.exe
  2012-02-05 16:20 . 2012-02-06 20:15 ——– d—–w- c:\program files (x86)\Spybot - Search & Destroy
  2012-02-05 16:20 . 2012-02-06 20:15 ——– d—–w- c:\programdata\Spybot - Search & Destroy
  2012-02-05 08:34 . 2012-02-05 08:34 ——– d—–w- c:\users\vlindermeisje\AppData\Roaming\Malwarebytes
  2012-02-05 08:33 . 2012-02-05 08:33 ——– d—–w- c:\programdata\Malwarebytes
  2012-02-05 08:33 . 2012-02-05 08:33 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
  2012-02-05 08:33 . 2011-12-10 14:24 23152 —-a-w- c:\windows\system32\drivers\mbam.sys
  2012-02-03 14:17 . 2012-02-03 14:17 ——– d—–w- c:\users\vlindermeisje\Logitech
  2012-02-03 14:16 . 2012-02-03 14:17 ——– d—–w- c:\program files (x86)\Common Files\Remote Control Software Common
  2012-02-03 14:16 . 2012-02-03 14:16 ——– d—–w- c:\program files (x86)\Logitech
  2012-02-03 14:16 . 2012-02-03 14:16 ——– d—–w- c:\program files (x86)\Common Files\Remote Control USB Driver
  2012-02-03 14:15 . 2006-02-07 14:44 65024 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
  2012-02-03 14:15 . 2012-02-03 14:15 200836 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
  2012-02-03 14:15 . 2006-02-07 14:45 757760 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
  2012-02-03 14:15 . 2006-02-07 14:40 204800 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
  2012-02-03 14:15 . 2006-02-07 14:40 69715 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
  2012-02-03 14:15 . 2006-02-07 14:40 274432 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
  2012-02-03 14:15 . 2006-02-07 14:39 32768 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
  2012-02-03 14:15 . 2005-11-13 22:19 5632 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
  2012-02-03 14:15 . 2012-02-03 14:15 331908 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
  2012-01-28 10:20 . 2012-01-28 10:20 ——– d—–w- c:\users\vlindermeisje\VirtualBox VMs
  2012-01-28 10:19 . 2012-02-04 16:53 ——– d—–w- c:\users\vlindermeisje\.VirtualBox
  2012-01-28 10:18 . 2011-12-19 12:45 224048 —-a-w- c:\windows\system32\drivers\VBoxDrv.sys
  2012-01-28 10:18 . 2012-02-05 16:05 ——– dc—-w- c:\windows\system32\DRVSTORE
  2012-01-28 10:18 . 2011-12-19 12:45 130864 —-a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
  2012-01-27 19:25 . 2012-01-27 20:23 ——– d—–w- C:\android_root
  2012-01-27 18:18 . 2012-01-27 18:23 ——– d—–w- c:\users\vlindermeisje\.android
  2012-01-27 18:17 . 2012-01-27 18:17 ——– d—–w- c:\program files (x86)\Android
  2012-01-27 18:16 . 2012-02-05 16:05 ——– d—–w- c:\program files\Oracle
  2012-01-27 18:15 . 2011-11-08 18:40 750488 —-a-w- c:\windows\system32\npdeployJava1.dll
  2012-01-27 18:15 . 2011-11-08 18:40 660368 —-a-w- c:\windows\system32\deployJava1.dll
  2012-01-27 18:13 . 2012-01-27 18:15 ——– d—–w- c:\program files\Java
  2012-01-27 18:13 . 2012-02-06 18:41 ——– d—–w- c:\users\vlindermeisje\AppData\Local\Htc
  2012-01-27 18:13 . 2012-01-27 18:14 ——– d—–w- c:\users\vlindermeisje\AppData\Roaming\HTC
  2012-01-27 18:10 . 2012-01-27 18:10 ——– d—–w- c:\users\vlindermeisje\AppData\Local\Downloaded Installations
  2012-01-27 18:09 . 2012-01-27 18:09 ——– d—–w- c:\program files (x86)\Spirent Communications
  2012-01-27 18:09 . 2012-01-27 18:12 ——– d—–w- c:\program files (x86)\HTC
  2012-01-21 19:04 . 2012-01-25 17:54 ——– d—–w- c:\users\vlindermeisje\.freemind
  2012-01-21 19:04 . 2012-01-21 19:04 ——– d—–w- c:\program files (x86)\FreeMind
  2012-01-19 12:46 . 2012-01-19 12:46 ——– d—–w- c:\program files (x86)\KeyTweak
  2012-01-15 12:07 . 2012-02-12 07:47 ——– d—–r- c:\users\vlindermeisje\Dropbox
  2012-01-15 12:05 . 2012-02-12 07:47 ——– d—–w- c:\users\vlindermeisje\AppData\Roaming\Dropbox
  .
  .
  .
  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  2012-01-26 23:52 . 2011-11-05 13:18 279656 ——w- c:\windows\system32\MpSigStub.exe
  2012-01-04 16:02 . 2012-01-04 16:02 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
  2011-12-19 12:45 . 2011-12-19 12:45 146736 —-a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
  2011-12-19 12:45 . 2011-12-19 12:45 117040 —-a-w- c:\windows\system32\drivers\VBoxUSB.sys
  2011-12-16 21:31 . 2011-03-28 17:36 18328 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
  2011-12-14 22:26 . 2011-12-14 22:26 91648 —-a-w- c:\windows\system32\SetIEInstalledDate.exe
  2011-12-14 22:26 . 2011-12-14 22:26 89088 —-a-w- c:\windows\system32\RegisterIEPKEYs.exe
  2011-12-14 22:26 . 2011-12-14 22:26 86528 —-a-w- c:\windows\SysWow64\iesysprep.dll
  2011-12-14 22:26 . 2011-12-14 22:26 85504 —-a-w- c:\windows\system32\iesetup.dll
  2011-12-14 22:26 . 2011-12-14 22:26 76800 —-a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
  2011-12-14 22:26 . 2011-12-14 22:26 76800 —-a-w- c:\windows\system32\tdc.ocx
  2011-12-14 22:26 . 2011-12-14 22:26 74752 —-a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
  2011-12-14 22:26 . 2011-12-14 22:26 74752 —-a-w- c:\windows\SysWow64\iesetup.dll
  2011-12-14 22:26 . 2011-12-14 22:26 63488 —-a-w- c:\windows\SysWow64\tdc.ocx
  2011-12-14 22:26 . 2011-12-14 22:26 603648 —-a-w- c:\windows\system32\vbscript.dll
  2011-12-14 22:26 . 2011-12-14 22:26 49664 —-a-w- c:\windows\system32\imgutil.dll
  2011-12-14 22:26 . 2011-12-14 22:26 48640 —-a-w- c:\windows\SysWow64\mshtmler.dll
  2011-12-14 22:26 . 2011-12-14 22:26 48640 —-a-w- c:\windows\system32\mshtmler.dll
  2011-12-14 22:26 . 2011-12-14 22:26 448512 —-a-w- c:\windows\system32\html.iec
  2011-12-14 22:26 . 2011-12-14 22:26 420864 —-a-w- c:\windows\SysWow64\vbscript.dll
  2011-12-14 22:26 . 2011-12-14 22:26 367104 —-a-w- c:\windows\SysWow64\html.iec
  2011-12-14 22:26 . 2011-12-14 22:26 35840 —-a-w- c:\windows\SysWow64\imgutil.dll
  2011-12-14 22:26 . 2011-12-14 22:26 30720 —-a-w- c:\windows\system32\licmgr10.dll
  2011-12-14 22:26 . 2011-12-14 22:26 2382848 —-a-w- c:\windows\SysWow64\mshtml.tlb
  2011-12-14 22:26 . 2011-12-14 22:26 2382848 —-a-w- c:\windows\system32\mshtml.tlb
  2011-12-14 22:26 . 2011-12-14 22:26 23552 —-a-w- c:\windows\SysWow64\licmgr10.dll
  2011-12-14 22:26 . 2011-12-14 22:26 2309120 —-a-w- c:\windows\system32\jscript9.dll
  2011-12-14 22:26 . 2011-12-14 22:26 222208 —-a-w- c:\windows\system32\msls31.dll
  2011-12-14 22:26 . 2011-12-14 22:26 1798144 —-a-w- c:\windows\SysWow64\jscript9.dll
  2011-12-14 22:26 . 2011-12-14 22:26 173056 —-a-w- c:\windows\system32\ieUnatt.exe
  2011-12-14 22:26 . 2011-12-14 22:26 165888 —-a-w- c:\windows\system32\iexpress.exe
  2011-12-14 22:26 . 2011-12-14 22:26 161792 —-a-w- c:\windows\SysWow64\msls31.dll
  2011-12-14 22:26 . 2011-12-14 22:26 160256 —-a-w- c:\windows\system32\wextract.exe
  2011-12-14 22:26 . 2011-12-14 22:26 152064 —-a-w- c:\windows\SysWow64\wextract.exe
  2011-12-14 22:26 . 2011-12-14 22:26 150528 —-a-w- c:\windows\SysWow64\iexpress.exe
  2011-12-14 22:26 . 2011-12-14 22:26 1493504 —-a-w- c:\windows\system32\inetcpl.cpl
  2011-12-14 22:26 . 2011-12-14 22:26 142848 —-a-w- c:\windows\SysWow64\ieUnatt.exe
  2011-12-14 22:26 . 2011-12-14 22:26 1427456 —-a-w- c:\windows\SysWow64\inetcpl.cpl
  2011-12-14 22:26 . 2011-12-14 22:26 1390080 —-a-w- c:\windows\system32\wininet.dll
  2011-12-14 22:26 . 2011-12-14 22:26 135168 —-a-w- c:\windows\system32\IEAdvpack.dll
  2011-12-14 22:26 . 2011-12-14 22:26 12288 —-a-w- c:\windows\system32\mshta.exe
  2011-12-14 22:26 . 2011-12-14 22:26 11776 —-a-w- c:\windows\SysWow64\mshta.exe
  2011-12-14 22:26 . 2011-12-14 22:26 114176 —-a-w- c:\windows\system32\admparse.dll
  2011-12-14 22:26 . 2011-12-14 22:26 1127424 —-a-w- c:\windows\SysWow64\wininet.dll
  2011-12-14 22:26 . 2011-12-14 22:26 111616 —-a-w- c:\windows\system32\iesysprep.dll
  2011-12-14 22:26 . 2011-12-14 22:26 110592 —-a-w- c:\windows\SysWow64\IEAdvpack.dll
  2011-12-14 22:26 . 2011-12-14 22:26 101888 —-a-w- c:\windows\SysWow64\admparse.dll
  2011-12-07 21:49 . 2011-12-07 21:49 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
  2011-11-28 18:01 . 2011-11-05 13:23 256960 —-a-w- c:\windows\system32\aswBoot.exe
  2011-11-24 04:52 . 2011-12-14 18:05 3145216 —-a-w- c:\windows\system32\win32k.sys
  2011-11-20 10:09 . 2011-12-10 18:32 74752 —-a-w- c:\windows\SysWow64\ff_vfw.dll
  2011-11-19 14:58 . 2012-01-11 14:17 77312 —-a-w- c:\windows\system32\packager.dll
  2011-11-19 14:01 . 2012-01-11 14:17 67072 —-a-w- c:\windows\SysWow64\packager.dll
  2011-11-17 06:49 . 2012-01-12 19:50 152432 —-a-w- c:\windows\system32\drivers\ksecpkg.sys
  2011-11-17 06:49 . 2012-01-12 19:50 95600 —-a-w- c:\windows\system32\drivers\ksecdd.sys
  2011-11-17 06:44 . 2012-01-12 19:50 459232 —-a-w- c:\windows\system32\drivers\cng.sys
  2011-11-17 06:41 . 2012-01-11 14:17 1731920 —-a-w- c:\windows\system32\ntdll.dll
  2011-11-17 06:35 . 2012-01-12 19:50 395776 —-a-w- c:\windows\system32\webio.dll
  2011-11-17 06:35 . 2012-01-12 19:50 136192 —-a-w- c:\windows\system32\sspicli.dll
  2011-11-17 06:35 . 2012-01-12 19:50 29184 —-a-w- c:\windows\system32\sspisrv.dll
  2011-11-17 06:35 . 2012-01-12 19:50 340992 —-a-w- c:\windows\system32\schannel.dll
  2011-11-17 06:35 . 2012-01-12 19:50 28160 —-a-w- c:\windows\system32\secur32.dll
  2011-11-17 06:35 . 2012-01-12 19:50 1447936 —-a-w- c:\windows\system32\lsasrv.dll
  2011-11-17 06:33 . 2012-01-12 19:50 31232 —-a-w- c:\windows\system32\lsass.exe
  2011-11-17 05:38 . 2012-01-11 14:17 1292080 —-a-w- c:\windows\SysWow64\ntdll.dll
  2011-11-17 05:35 . 2012-01-12 19:50 314880 —-a-w- c:\windows\SysWow64\webio.dll
  2011-11-17 05:34 . 2012-01-12 19:50 224768 —-a-w- c:\windows\SysWow64\schannel.dll
  2011-11-17 05:34 . 2012-01-12 19:50 22016 —-a-w- c:\windows\SysWow64\secur32.dll
  2011-11-17 05:28 . 2012-01-12 19:50 96768 —-a-w- c:\windows\SysWow64\sspicli.dll
  .
  .
  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
  REGEDIT4
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 94208 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 94208 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 94208 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  .
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-02-10 738168]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-09-01 499768]
  "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
  .
  c:\users\vlindermeisje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
  Dropbox.lnk - c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-1-18 24246216]
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  "ConsentPromptBehaviorAdmin"= 5 (0x5)
  "ConsentPromptBehaviorUser"= 3 (0x3)
  "EnableUIADesktopToggle"= 0 (0x0)
  .
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  .
  R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 136176]
  R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
  R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-11 1038088]
  R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 136176]
  R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
  R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
  R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
  R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
  R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
  R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
  R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
  R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
  R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
  R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
  R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [x]
  R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
  R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
  R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
  S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [x]
  S1 aswSnx;aswSnx; [x]
  S1 aswSP;aswSP; [x]
  S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
  S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [2009-03-03 89600]
  S2 aswFsBlk;aswFsBlk; [x]
  S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
  S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
  S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-25 2214504]
  S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
  S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
  S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
  S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
  S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
  .
  .
  — Andere Services/Drivers In Geheugen —
  .
  *NewlyCreated* - 53620504
  *Deregistered* - 53620504
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
  2010-11-20 12:17 302592 —-a-w- c:\windows\System32\cmd.exe
  .
  Inhoud van de 'Gedeelde Taken' map
  .
  2012-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 13:24]
  .
  2012-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 13:24]
  .
  2012-02-01 c:\windows\Tasks\SyncBack Monthly.job
  - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-11-05 14:42]
  .
  2012-02-11 c:\windows\Tasks\SyncBack Nightly.job
  - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-11-05 14:42]
  .
  2012-02-11 c:\windows\Tasks\SyncBack School_dropbox.job
  - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-11-05 14:42]
  .
  2012-02-05 c:\windows\Tasks\SyncBack Weekly.job
  - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-11-05 14:42]
  .
  .
  ——— x86-64 ———–
  .
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
  @="{472083B0-C522-11CF-8763-00608CC02F24}"
  [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
  2011-11-28 18:01 134384 —-a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 97792 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 97792 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 97792 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
  @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 97792 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-12-09 611896]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  "LoadAppInit_DLLs"=0x0
  .
  ——- Bijkomende Scan ——-
  .
  uLocal Page = c:\windows\system32\blank.htm
  uDefault_Search_URL = hxxp://www.google.com/ie
  mLocal Page = c:\windows\SysWOW64\blank.htm
  uSearchAssistant = hxxp://www.google.com/ie
  uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
  IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
  IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
  IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
  IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
  IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
  IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
  IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
  TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
  FF - ProfilePath - c:\users\vlindermeisje\AppData\Roaming\Mozilla\Firefox\Profiles\aenfudpd.default\
  FF - prefs.js: network.proxy.type - 0
  .
  .
  ——————— VERGRENDELDE REGISTER SLEUTELS ———————
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  @Denied: (A 2) (Everyone)
  @="FlashBroker"
  "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  "Enabled"=dword:00000001
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  @Denied: (A 2) (Everyone)
  @="Shockwave Flash Object"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
  "ThreadingModel"="Apartment"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  @="0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  @="ShockwaveFlash.ShockwaveFlash.10"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  @="1.0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  @="ShockwaveFlash.ShockwaveFlash"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  @Denied: (A 2) (Everyone)
  @="Macromedia Flash Factory Object"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
  "ThreadingModel"="Apartment"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  @="FlashFactory.FlashFactory.1"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  @="1.0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  @="FlashFactory.FlashFactory"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  @Denied: (A 2) (Everyone)
  @="IFlashBroker4"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  @="{00020424-0000-0000-C000-000000000046}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  "Version"="1.0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
  @Denied: (A) (Everyone)
  "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
  @Denied: (A) (Everyone)
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
  "Key"="ActionsPane3"
  "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
  "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  @Denied: (Full) (Everyone)
  .
  Voltooingstijd: 2012-02-12 15:21:18
  ComboFix-quarantined-files.txt 2012-02-12 14:21
  .
  Pre-Run: 11.856.023.552 bytes free
  Post-Run: 11.786.752.000 bytes free
  .
  - - End Of File - - 066145A7AA612E3BB173F290FA2C75B8
 • Er is nog een onderdeel van een vorige Panda installatie in jouw Windows.

  Zorg ervoor dat alle openstaande webbrowservensters gesloten zijn.
  Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:65aff76428]Kladblok (of Notepad)[/b:65aff76428]".

  Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


  [b:65aff76428]
 • Ik heb dat gedaan. Ik snap alleen niet wat je bedoelt met het posten via de kleurcodeerder. Hier de log:


  ComboFix 12-02-11.03 - vlindermeisje 12-02-2012 16:22:52.2.4 - x64
  Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1033.18.4023.2365 [GMT 1:00]
  Gestart vanuit: c:\users\vlindermeisje\Desktop\ComboFix.exe
  gebruikte Opdracht switches :: c:\users\vlindermeisje\Desktop\CFScript.txt
  AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
  SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
  SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  .
  FILE ::
  "c:\windows\system32\drivers\pavboot64.sys"
  .
  .
  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  c:\windows\system32\drivers\pavboot64.sys
  .
  .
  ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  ——-\Legacy_pavboot
  ——-\Service_pavboot
  .
  .
  (((((((((((((((((((( Bestanden Gemaakt van 2012-01-12 to 2012-02-12 ))))))))))))))))))))))))))))))
  .
  .
  2012-02-12 13:30 . 2012-02-12 13:34 ——– d—–w- C:\TDSSStarter
  2012-02-12 09:12 . 2012-02-12 09:12 ——– d—–w- c:\users\vlindermeisje\AppData\Local\ElevatedDiagnostics
  2012-02-12 09:11 . 2012-02-12 09:11 ——– d—–w- c:\users\vlindermeisje\AppData\Local\Diagnostics
  2012-02-11 05:36 . 2012-01-06 05:15 8602168 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3446D4C8-1BCA-4F85-B645-B8EDCD456BD4}\mpengine.dll
  2012-02-06 20:05 . 2012-02-06 20:05 ——– d—–w- c:\windows\system32\appmgmt
  2012-02-06 19:51 . 2012-02-06 19:51 ——– d—–w- c:\program files (x86)\ESET
  2012-02-06 19:26 . 2012-02-06 19:26 388096 —-a-r- c:\users\vlindermeisje\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
  2012-02-06 19:26 . 2012-02-06 19:26 ——– d—–w- c:\program files (x86)\Trend Micro
  2012-02-05 17:48 . 2011-11-28 17:53 304472 —-a-w- c:\windows\system32\drivers\aswSP.sys
  2012-02-05 17:48 . 2011-11-28 17:51 24408 —-a-w- c:\windows\system32\drivers\aswFsBlk.sys
  2012-02-05 17:47 . 2011-11-28 17:52 42328 —-a-w- c:\windows\system32\drivers\aswRdr.sys
  2012-02-05 17:47 . 2011-11-28 17:52 58712 —-a-w- c:\windows\system32\drivers\aswTdi.sys
  2012-02-05 17:47 . 2011-11-28 17:54 591192 —-a-w- c:\windows\system32\drivers\aswSnx.sys
  2012-02-05 17:47 . 2011-11-28 17:52 66904 —-a-w- c:\windows\system32\drivers\aswMonFlt.sys
  2012-02-05 17:44 . 2011-11-28 18:01 41184 —-a-w- c:\windows\avastSS.scr
  2012-02-05 17:44 . 2011-11-28 18:01 199816 —-a-w- c:\windows\SysWow64\aswBoot.exe
  2012-02-05 16:20 . 2012-02-06 20:15 ——– d—–w- c:\program files (x86)\Spybot - Search & Destroy
  2012-02-05 16:20 . 2012-02-06 20:15 ——– d—–w- c:\programdata\Spybot - Search & Destroy
  2012-02-05 08:34 . 2012-02-05 08:34 ——– d—–w- c:\users\vlindermeisje\AppData\Roaming\Malwarebytes
  2012-02-05 08:33 . 2012-02-05 08:33 ——– d—–w- c:\programdata\Malwarebytes
  2012-02-05 08:33 . 2012-02-05 08:33 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
  2012-02-05 08:33 . 2011-12-10 14:24 23152 —-a-w- c:\windows\system32\drivers\mbam.sys
  2012-02-03 14:17 . 2012-02-03 14:17 ——– d—–w- c:\users\vlindermeisje\Logitech
  2012-02-03 14:16 . 2012-02-03 14:17 ——– d—–w- c:\program files (x86)\Common Files\Remote Control Software Common
  2012-02-03 14:16 . 2012-02-03 14:16 ——– d—–w- c:\program files (x86)\Logitech
  2012-02-03 14:16 . 2012-02-03 14:16 ——– d—–w- c:\program files (x86)\Common Files\Remote Control USB Driver
  2012-02-03 14:15 . 2006-02-07 14:44 65024 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
  2012-02-03 14:15 . 2012-02-03 14:15 200836 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
  2012-02-03 14:15 . 2006-02-07 14:45 757760 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
  2012-02-03 14:15 . 2006-02-07 14:40 204800 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
  2012-02-03 14:15 . 2006-02-07 14:40 69715 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
  2012-02-03 14:15 . 2006-02-07 14:40 274432 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
  2012-02-03 14:15 . 2006-02-07 14:39 32768 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
  2012-02-03 14:15 . 2005-11-13 22:19 5632 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
  2012-02-03 14:15 . 2012-02-03 14:15 331908 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
  2012-01-28 10:20 . 2012-01-28 10:20 ——– d—–w- c:\users\vlindermeisje\VirtualBox VMs
  2012-01-28 10:19 . 2012-02-04 16:53 ——– d—–w- c:\users\vlindermeisje\.VirtualBox
  2012-01-28 10:18 . 2011-12-19 12:45 224048 —-a-w- c:\windows\system32\drivers\VBoxDrv.sys
  2012-01-28 10:18 . 2012-02-05 16:05 ——– dc—-w- c:\windows\system32\DRVSTORE
  2012-01-28 10:18 . 2011-12-19 12:45 130864 —-a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
  2012-01-27 19:25 . 2012-01-27 20:23 ——– d—–w- C:\android_root
  2012-01-27 18:18 . 2012-01-27 18:23 ——– d—–w- c:\users\vlindermeisje\.android
  2012-01-27 18:17 . 2012-01-27 18:17 ——– d—–w- c:\program files (x86)\Android
  2012-01-27 18:16 . 2012-02-05 16:05 ——– d—–w- c:\program files\Oracle
  2012-01-27 18:15 . 2011-11-08 18:40 750488 —-a-w- c:\windows\system32\npdeployJava1.dll
  2012-01-27 18:15 . 2011-11-08 18:40 660368 —-a-w- c:\windows\system32\deployJava1.dll
  2012-01-27 18:13 . 2012-01-27 18:15 ——– d—–w- c:\program files\Java
  2012-01-27 18:13 . 2012-02-06 18:41 ——– d—–w- c:\users\vlindermeisje\AppData\Local\Htc
  2012-01-27 18:13 . 2012-01-27 18:14 ——– d—–w- c:\users\vlindermeisje\AppData\Roaming\HTC
  2012-01-27 18:10 . 2012-01-27 18:10 ——– d—–w- c:\users\vlindermeisje\AppData\Local\Downloaded Installations
  2012-01-27 18:09 . 2012-01-27 18:09 ——– d—–w- c:\program files (x86)\Spirent Communications
  2012-01-27 18:09 . 2012-01-27 18:12 ——– d—–w- c:\program files (x86)\HTC
  2012-01-21 19:04 . 2012-01-25 17:54 ——– d—–w- c:\users\vlindermeisje\.freemind
  2012-01-21 19:04 . 2012-01-21 19:04 ——– d—–w- c:\program files (x86)\FreeMind
  2012-01-19 12:46 . 2012-01-19 12:46 ——– d—–w- c:\program files (x86)\KeyTweak
  2012-01-15 12:07 . 2012-02-12 07:47 ——– d—–r- c:\users\vlindermeisje\Dropbox
  2012-01-15 12:05 . 2012-02-12 07:47 ——– d—–w- c:\users\vlindermeisje\AppData\Roaming\Dropbox
  .
  .
  .
  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  2012-01-26 23:52 . 2011-11-05 13:18 279656 ——w- c:\windows\system32\MpSigStub.exe
  2012-01-04 16:02 . 2012-01-04 16:02 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
  2011-12-19 12:45 . 2011-12-19 12:45 146736 —-a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
  2011-12-19 12:45 . 2011-12-19 12:45 117040 —-a-w- c:\windows\system32\drivers\VBoxUSB.sys
  2011-12-16 21:31 . 2011-03-28 17:36 18328 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
  2011-12-14 22:26 . 2011-12-14 22:26 91648 —-a-w- c:\windows\system32\SetIEInstalledDate.exe
  2011-12-14 22:26 . 2011-12-14 22:26 89088 —-a-w- c:\windows\system32\RegisterIEPKEYs.exe
  2011-12-14 22:26 . 2011-12-14 22:26 86528 —-a-w- c:\windows\SysWow64\iesysprep.dll
  2011-12-14 22:26 . 2011-12-14 22:26 85504 —-a-w- c:\windows\system32\iesetup.dll
  2011-12-14 22:26 . 2011-12-14 22:26 76800 —-a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
  2011-12-14 22:26 . 2011-12-14 22:26 76800 —-a-w- c:\windows\system32\tdc.ocx
  2011-12-14 22:26 . 2011-12-14 22:26 74752 —-a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
  2011-12-14 22:26 . 2011-12-14 22:26 74752 —-a-w- c:\windows\SysWow64\iesetup.dll
  2011-12-14 22:26 . 2011-12-14 22:26 63488 —-a-w- c:\windows\SysWow64\tdc.ocx
  2011-12-14 22:26 . 2011-12-14 22:26 603648 —-a-w- c:\windows\system32\vbscript.dll
  2011-12-14 22:26 . 2011-12-14 22:26 49664 —-a-w- c:\windows\system32\imgutil.dll
  2011-12-14 22:26 . 2011-12-14 22:26 48640 —-a-w- c:\windows\SysWow64\mshtmler.dll
  2011-12-14 22:26 . 2011-12-14 22:26 48640 —-a-w- c:\windows\system32\mshtmler.dll
  2011-12-14 22:26 . 2011-12-14 22:26 448512 —-a-w- c:\windows\system32\html.iec
  2011-12-14 22:26 . 2011-12-14 22:26 420864 —-a-w- c:\windows\SysWow64\vbscript.dll
  2011-12-14 22:26 . 2011-12-14 22:26 367104 —-a-w- c:\windows\SysWow64\html.iec
  2011-12-14 22:26 . 2011-12-14 22:26 35840 —-a-w- c:\windows\SysWow64\imgutil.dll
  2011-12-14 22:26 . 2011-12-14 22:26 30720 —-a-w- c:\windows\system32\licmgr10.dll
  2011-12-14 22:26 . 2011-12-14 22:26 2382848 —-a-w- c:\windows\SysWow64\mshtml.tlb
  2011-12-14 22:26 . 2011-12-14 22:26 2382848 —-a-w- c:\windows\system32\mshtml.tlb
  2011-12-14 22:26 . 2011-12-14 22:26 23552 —-a-w- c:\windows\SysWow64\licmgr10.dll
  2011-12-14 22:26 . 2011-12-14 22:26 2309120 —-a-w- c:\windows\system32\jscript9.dll
  2011-12-14 22:26 . 2011-12-14 22:26 222208 —-a-w- c:\windows\system32\msls31.dll
  2011-12-14 22:26 . 2011-12-14 22:26 1798144 —-a-w- c:\windows\SysWow64\jscript9.dll
  2011-12-14 22:26 . 2011-12-14 22:26 173056 —-a-w- c:\windows\system32\ieUnatt.exe
  2011-12-14 22:26 . 2011-12-14 22:26 165888 —-a-w- c:\windows\system32\iexpress.exe
  2011-12-14 22:26 . 2011-12-14 22:26 161792 —-a-w- c:\windows\SysWow64\msls31.dll
  2011-12-14 22:26 . 2011-12-14 22:26 160256 —-a-w- c:\windows\system32\wextract.exe
  2011-12-14 22:26 . 2011-12-14 22:26 152064 —-a-w- c:\windows\SysWow64\wextract.exe
  2011-12-14 22:26 . 2011-12-14 22:26 150528 —-a-w- c:\windows\SysWow64\iexpress.exe
  2011-12-14 22:26 . 2011-12-14 22:26 1493504 —-a-w- c:\windows\system32\inetcpl.cpl
  2011-12-14 22:26 . 2011-12-14 22:26 142848 —-a-w- c:\windows\SysWow64\ieUnatt.exe
  2011-12-14 22:26 . 2011-12-14 22:26 1427456 —-a-w- c:\windows\SysWow64\inetcpl.cpl
  2011-12-14 22:26 . 2011-12-14 22:26 1390080 —-a-w- c:\windows\system32\wininet.dll
  2011-12-14 22:26 . 2011-12-14 22:26 135168 —-a-w- c:\windows\system32\IEAdvpack.dll
  2011-12-14 22:26 . 2011-12-14 22:26 12288 —-a-w- c:\windows\system32\mshta.exe
  2011-12-14 22:26 . 2011-12-14 22:26 11776 —-a-w- c:\windows\SysWow64\mshta.exe
  2011-12-14 22:26 . 2011-12-14 22:26 114176 —-a-w- c:\windows\system32\admparse.dll
  2011-12-14 22:26 . 2011-12-14 22:26 1127424 —-a-w- c:\windows\SysWow64\wininet.dll
  2011-12-14 22:26 . 2011-12-14 22:26 111616 —-a-w- c:\windows\system32\iesysprep.dll
  2011-12-14 22:26 . 2011-12-14 22:26 110592 —-a-w- c:\windows\SysWow64\IEAdvpack.dll
  2011-12-14 22:26 . 2011-12-14 22:26 101888 —-a-w- c:\windows\SysWow64\admparse.dll
  2011-12-07 21:49 . 2011-12-07 21:49 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
  2011-11-28 18:01 . 2011-11-05 13:23 256960 —-a-w- c:\windows\system32\aswBoot.exe
  2011-11-24 04:52 . 2011-12-14 18:05 3145216 —-a-w- c:\windows\system32\win32k.sys
  2011-11-20 10:09 . 2011-12-10 18:32 74752 —-a-w- c:\windows\SysWow64\ff_vfw.dll
  2011-11-19 14:58 . 2012-01-11 14:17 77312 —-a-w- c:\windows\system32\packager.dll
  2011-11-19 14:01 . 2012-01-11 14:17 67072 —-a-w- c:\windows\SysWow64\packager.dll
  2011-11-17 06:49 . 2012-01-12 19:50 152432 —-a-w- c:\windows\system32\drivers\ksecpkg.sys
  2011-11-17 06:49 . 2012-01-12 19:50 95600 —-a-w- c:\windows\system32\drivers\ksecdd.sys
  2011-11-17 06:44 . 2012-01-12 19:50 459232 —-a-w- c:\windows\system32\drivers\cng.sys
  2011-11-17 06:41 . 2012-01-11 14:17 1731920 —-a-w- c:\windows\system32\ntdll.dll
  2011-11-17 06:35 . 2012-01-12 19:50 395776 —-a-w- c:\windows\system32\webio.dll
  2011-11-17 06:35 . 2012-01-12 19:50 136192 —-a-w- c:\windows\system32\sspicli.dll
  2011-11-17 06:35 . 2012-01-12 19:50 29184 —-a-w- c:\windows\system32\sspisrv.dll
  2011-11-17 06:35 . 2012-01-12 19:50 340992 —-a-w- c:\windows\system32\schannel.dll
  2011-11-17 06:35 . 2012-01-12 19:50 28160 —-a-w- c:\windows\system32\secur32.dll
  2011-11-17 06:35 . 2012-01-12 19:50 1447936 —-a-w- c:\windows\system32\lsasrv.dll
  2011-11-17 06:33 . 2012-01-12 19:50 31232 —-a-w- c:\windows\system32\lsass.exe
  2011-11-17 05:38 . 2012-01-11 14:17 1292080 —-a-w- c:\windows\SysWow64\ntdll.dll
  2011-11-17 05:35 . 2012-01-12 19:50 314880 —-a-w- c:\windows\SysWow64\webio.dll
  2011-11-17 05:34 . 2012-01-12 19:50 224768 —-a-w- c:\windows\SysWow64\schannel.dll
  2011-11-17 05:34 . 2012-01-12 19:50 22016 —-a-w- c:\windows\SysWow64\secur32.dll
  2011-11-17 05:28 . 2012-01-12 19:50 96768 —-a-w- c:\windows\SysWow64\sspicli.dll
  .
  .
  ((((((((((((((((((((((((((((( SnapShot@2012-02-12_14.17.45 )))))))))))))))))))))))))))))))))))))))))
  .
  + 2009-07-14 05:10 . 2012-02-12 15:34 33706 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
  + 2011-11-05 13:30 . 2012-02-12 15:34 8662 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1447412775-543404776-4026076476-1000_UserData.bin
  - 2012-02-12 07:46 . 2012-02-12 07:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
  + 2012-02-12 15:32 . 2012-02-12 15:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
  - 2012-02-12 07:46 . 2012-02-12 07:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
  + 2012-02-12 15:32 . 2012-02-12 15:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
  - 2009-07-14 05:01 . 2012-02-11 21:07 480184 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
  + 2009-07-14 05:01 . 2012-02-12 15:31 480184 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
  + 2011-11-05 14:59 . 2012-02-12 15:31 33839820 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1447412775-543404776-4026076476-1000-8192.dat
  .
  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
  REGEDIT4
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 94208 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 94208 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 94208 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  .
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-02-10 738168]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-09-01 499768]
  "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
  .
  c:\users\vlindermeisje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
  Dropbox.lnk - c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-1-18 24246216]
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  "ConsentPromptBehaviorAdmin"= 5 (0x5)
  "ConsentPromptBehaviorUser"= 3 (0x3)
  "EnableUIADesktopToggle"= 0 (0x0)
  .
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  .
  R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 136176]
  R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
  R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-11 1038088]
  R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 136176]
  R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
  R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
  R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
  R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
  R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
  R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
  R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
  R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
  R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
  R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
  R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
  R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [x]
  R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
  R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
  R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
  S1 aswSnx;aswSnx; [x]
  S1 aswSP;aswSP; [x]
  S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
  S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [2009-03-03 89600]
  S2 aswFsBlk;aswFsBlk; [x]
  S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
  S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
  S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-25 2214504]
  S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
  S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
  S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
  S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
  .
  .
  — Andere Services/Drivers In Geheugen —
  .
  *NewlyCreated* - WS2IFSL
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
  2010-11-20 12:17 302592 —-a-w- c:\windows\System32\cmd.exe
  .
  Inhoud van de 'Gedeelde Taken' map
  .
  2012-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 13:24]
  .
  2012-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 13:24]
  .
  2012-02-01 c:\windows\Tasks\SyncBack Monthly.job
  - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-11-05 14:42]
  .
  2012-02-11 c:\windows\Tasks\SyncBack Nightly.job
  - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-11-05 14:42]
  .
  2012-02-11 c:\windows\Tasks\SyncBack School_dropbox.job
  - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-11-05 14:42]
  .
  2012-02-05 c:\windows\Tasks\SyncBack Weekly.job
  - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-11-05 14:42]
  .
  .
  ——— x86-64 ———–
  .
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
  @="{472083B0-C522-11CF-8763-00608CC02F24}"
  [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
  2011-11-28 18:01 134384 —-a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 97792 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 97792 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 97792 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
  @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
  [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
  2011-12-05 19:17 97792 —-a-w- c:\users\vlindermeisje\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-12-09 611896]
  "combofix"="c:\combofix\CF29422.3XE" [2010-11-20 345088]
  .
  ——- Bijkomende Scan ——-
  .
  uLocal Page = c:\windows\system32\blank.htm
  uDefault_Search_URL = hxxp://www.google.com/ie
  mLocal Page = c:\windows\SysWOW64\blank.htm
  uSearchAssistant = hxxp://www.google.com/ie
  uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
  IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
  IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
  IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
  IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
  IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
  IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
  IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
  TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
  FF - ProfilePath - c:\users\vlindermeisje\AppData\Roaming\Mozilla\Firefox\Profiles\aenfudpd.default\
  FF - prefs.js: network.proxy.type - 0
  .
  .
  ——————— VERGRENDELDE REGISTER SLEUTELS ———————
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  @Denied: (A 2) (Everyone)
  @="FlashBroker"
  "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  "Enabled"=dword:00000001
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  @Denied: (A 2) (Everyone)
  @="Shockwave Flash Object"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
  "ThreadingModel"="Apartment"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  @="0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  @="ShockwaveFlash.ShockwaveFlash.10"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  @="1.0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  @="ShockwaveFlash.ShockwaveFlash"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  @Denied: (A 2) (Everyone)
  @="Macromedia Flash Factory Object"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
  "ThreadingModel"="Apartment"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  @="FlashFactory.FlashFactory.1"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  @="1.0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  @="FlashFactory.FlashFactory"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  @Denied: (A 2) (Everyone)
  @="IFlashBroker4"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  @="{00020424-0000-0000-C000-000000000046}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  "Version"="1.0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
  @Denied: (A) (Everyone)
  "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
  @Denied: (A) (Everyone)
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
  "Key"="ActionsPane3"
  "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
  "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  @Denied: (Full) (Everyone)
  .
  ———————— Andere Aktieve Processen ————————
  .
  c:\program files\AVAST Software\Avast\AvastSvc.exe
  c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
  c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
  .
  **************************************************************************
  .
  Voltooingstijd: 2012-02-12 16:48:35 - machine werd herstart
  ComboFix-quarantined-files.txt 2012-02-12 15:48
  ComboFix2.txt 2012-02-12 14:21
  .
  Pre-Run: 11.831.844.864 bytes free
  Post-Run: 11.630.362.624 bytes free
  .
  - - End Of File - - 0EBA08F9DC28C32FA252D84CF9B531A3
 • Hoe heeft jouw Windows op de laatste ComboFixscan gereageerd?
 • Geen echte verandering. Virusscanner wordt op dit moment wel herkend door Windows (maar hiervoor ook af en toe dus weet nog niet of dat is opgelost). Hij blijft echter (ongeveer 75% van de tijd) ontzettend traag. Op dit moment is hij ook erg traag en zit op de 94 tot 99% physical memory use.
 • Dan gaan we naar de volgende stap:

  Download de [b:979c725642][/b:979c725642] naar het bureaublad en pak het [b:979c725642]ZIP[/b:979c725642] bestand uit.
  [list:979c725642]
  [*:979c725642] Open de map "[b:979c725642]EmsisoftEmergencyKit[/b:979c725642]" en dubbelklik op "[b:979c725642]Start.exe[/b:979c725642]"
  [*:979c725642] Klik nu op "[b:979c725642]Emergency Kit Scanner[/b:979c725642]" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "[b:979c725642]Ja[/b:979c725642]"
  [img:979c725642]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK11.jpg[/img:979c725642]
  [*:979c725642] Als de update gereed is en de melding "[b:979c725642]Update process is succesvol afgerond[/b:979c725642]" verschijnt klikt u op "[b:979c725642]menu[/b:979c725642]" en dan op "[b:979c725642]Scan PC[/b:979c725642]"
  [*:979c725642] Selecteer de optie "[b:979c725642]Diep[/b:979c725642]" als deze niet standaard al zo is ingesteld.
  [*:979c725642] Klik Nu op de knop "[b:979c725642]Scan[/b:979c725642]" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
  [*:979c725642] Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.

  Opmerking:

  Als u deze melding ziet.

  [b:979c725642]C:\Documents and Settings\username\Bureaublad\ComboFix.exe/$0\List.bat Verwijderd Virus.Win32.HTML!IK [/b:979c725642]

  Wanneer het bestand in het venster met scanresultaten staat kun je rechtsklikken op die detectie en kiezen voor [b:979c725642] "Versturen als vals alarm (False Positive)".[/b:979c725642]


  [*:979c725642] Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "[b:979c725642]verwijder geselecteerde[/b:979c725642]" u zal nu de volgende melding krijgen maar klik hier op "[b:979c725642]Ja[/b:979c725642]"
  [img:979c725642]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK2.jpg[/img:979c725642]
  [*:979c725642] Als het verwijderen gereed is klikt u op de knop "[b:979c725642]View report[/b:979c725642]" en selecteert u het tekstbestand van deze scan met de naam zoals: [b:979c725642]a2scan_110730-111615.txt[/b:979c725642]
  [*:979c725642] Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
  [*:979c725642] Herstart nu de computer.[/list:u:979c725642]
 • Hier is de log:


  Emsisoft Emergency Kit - Versie 1.0
  Laatste Update: 12-2-2012 20:44:50

  Scaninstellingen:

  Scantype: Diepe Scan
  Objecten: Geheugen, Sporen, Cookies, C:\
  Scan archieven: Aan
  Heuristieken: Uit
  ADS Scan: Aan

  Scan gestart: 12-2-2012 20:45:23

  C:\Users\vlindermeisje\Documents\Backups\Desktop\B&w\Black And White - Keygen.exe Ontdekt: Riskware.Keygen.BlackAnd.White!IK

  Gescand

  Bestanden: 1150982
  Sporen: 404391
  Cookies: 147
  Processen: 59

  Gevonden

  Bestanden: 1
  Sporen: 0
  Cookies: 0
  Processen: 0
  Registersleutels: 0

  Scan Geëindigd: 13-2-2012 0:23:10
  Scantijd: 3:37:47
 • Heb zojuist weer melding gekregen dat virusscanner en Windows Defender zijn uitgeschakeld. Ook dat is dus nog steeds aanwezig.
 • Dat je in ieder geval een keygen hebt gebruikt, zegt al veel over de problemen!

  [b:c29fae96bf]de ESET online scan (Klik).[/b:c29fae96bf]
  [list:c29fae96bf]
  [*:c29fae96bf]Klik op de knop [b:c29fae96bf]ESET Online Scanner[/b:c29fae96bf]
  [*:c29fae96bf]Zet een vinkje bij [b:c29fae96bf]YES, I accept the Terms of Use[/b:c29fae96bf]
  [*:c29fae96bf]Klik op [b:c29fae96bf]Start[/b:c29fae96bf]
  [*:c29fae96bf]Sta het ActiveX control toe om te installeren.
  [*:c29fae96bf]Zet een vinkje bij de volgende opties:
  [list:c29fae96bf][*:c29fae96bf][b:c29fae96bf]Remove found threats[/b:c29fae96bf]
  [*:c29fae96bf][b:c29fae96bf]Scan archives[/b:c29fae96bf][/list:u:c29fae96bf]
  [*:c29fae96bf]Klik vervolgens op [b:c29fae96bf]
 • Ik denk dat dat wel meevalt. Die keygen is van minstens 2 jaar geleden (wist niet eens dat hij er nog op stond, zal met een back-up mee zijn gegaan) en heb ik op deze installatie (2 maanden oud) niet gebruikt. Ik kan me dus niet voorstellen dat deze spontaan na meer dan 2 jaar opeens problemen oplevert. Maar kan me natuurlijk vergissen. ;-)

  ESETSmartInstaller@High as downloader log:
  all ok
  # version=7
  # OnlineScannerApp.exe=1.0.0.1
  # OnlineScanner.ocx=1.0.0.6583
  # api_version=3.0.2
  # EOSSerial=13a10c0234825842bf34666a9b471ed6
  # end=finished
  # remove_checked=true
  # archives_checked=true
  # unwanted_checked=true
  # unsafe_checked=true
  # antistealth_checked=true
  # utc_time=2012-02-14 12:06:30
  # local_time=2012-02-14 01:06:30 (+0100, W. Europe Standard Time)
  # country="Netherlands"
  # lang=1033
  # osver=6.1.7601 NT Service Pack 1
  # compatibility_mode=512 16777215 100 0 613509 613509 0 0
  # compatibility_mode=5893 16776573 100 94 7529 80796165 0 0
  # compatibility_mode=8192 67108863 100 0 612039 612039 0 0
  # scanned=273242
  # found=0
  # cleaned=0
  # scan_time=11675
 • Hoi vlindermeisje, wat betreft je opmerking over die keygen: ik ben blij dat je deze niet gebruikt gebruikt hebt.
  Verwijder dan ook die bestanden met die keygen volledig.

  En gebruik verder ook geen keygens, cracks enz., om op die wijze niet bloot te staan aan besmettingen in Windows!

  Een opmerking: Windows Defender is niet noodzakelijk bij gebruik van Avast!
 • Deze heb ik inderdaad ondertussen verwijderd, ook van al mijn back-ups. Keygens ben ik inderdaad al een flinke tijd van afgestapt.

  Ik heb Windows Defender gedeactiveerd. Avast had ik al opnieuw geinstalleerd voor het plaatsen van dit topic maar ik zal dit voor de zekerheid nogmaals proberen.
 • Post maar een nieuw Hijack This-log.
 • Logfile of Trend Micro HijackThis v2.0.4
  Scan saved at 20:04:05, on 16-2-2012
  Platform: Windows 7 SP1 (WinNT 6.00.3505)
  MSIE: Internet Explorer v9.00 (9.00.8112.16421)
  Boot mode: Normal

  Running processes:
  C:\Users\vlindermeisje\AppData\Roaming\Dropbox\bin\Dropbox.exe
  C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
  c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
  C:\Program Files (x86)\uTorrent\uTorrent.exe
  C:\Program Files\AVAST Software\Avast\AvastUI.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Windows\SysWOW64\rundll32.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files\TrueCrypt\TrueCrypt.exe
  C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe
  C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
  C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
  O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
  O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
  O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
  O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
  O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
  O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
  O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
  O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
  O4 - HKUS\S-1-5-21-1447412775-543404776-4026076476-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
  O4 - HKUS\S-1-5-21-1447412775-543404776-4026076476-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
  O4 - Startup: Dropbox.lnk = vlindermeisje\AppData\Roaming\Dropbox\bin\Dropbox.exe
  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
  O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
  O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
  O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
  O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
  O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
  O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
  O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
  O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
  O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
  O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
  O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
  O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
  O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
  O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
  O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
  O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
  O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
  O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
  O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
  O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
  O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
  O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
  O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


  End of file - 12113 bytes
 • Ziet er goed uit, alleen Avast webrep mis ik.

  Ondervindt jij nog problemen?
  Zoja, welke precies?
 • Nog steeds dezelfde problemen (traag, bijna 100 procent memory-use) en een nieuw probleem. Ik krijg bij het intypen van CTRL-ALT-DEL sinds gisteren de melding: "the logon process was unable to display security and logon options when CTRL + ALT + DELETE was pressed. If the operating system does not respond, press ESC or restart the computer by using the power switch."

  Begin me af te vragen of m'n laptop niet gewoon defect is. Melding nog niet kunnen googlen want ik ben een chkdsk aan het doen en typ dit op een kleine telefoon.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.