Vraag & Antwoord
Isass.exe? en poorten closed?
15 antwoorden
- 1) Heb als firewall comodo. En deze geeft aan dat er een actief proces is:
(gebruik windows 7)
c:\windows\system32\Isass.exe [956]
tcp luisteren op 49168
tcp luisteren op 49168
bytes in: 0
bytes out: 0
Wat is dit voor proces? Een virus oid?
Het gekke is dat op deze computer Isass.exe wel als actief vermeld staat en op een andere computer bij mij niet. Hierop zit ook windows 7. Is dat gebruikelijk?
2) Als ik poorten scan via pc Flank zegt PCflank dat poorten 135, 137, 138, 139 closed zijn. Test ik deze poorten via GRC/ shield up dan zijn al mijn poorten stealth. Vreemd. Hoe kan dit? Kan dit te maken hebben dat ik een wireless printer gebruik: canon mp640? Zet ik op mijn router het wireless uit, dan zijn deze poorten stealth!
Overigens heb ik het gevoel dat mijn computer het gewoon goed doet! Maar toch even deze vragen. - Het kan zijn dat het bestand door malware is aangepast!
Want in mijn OnlineArmor komt het bestand niet voor als luisterend.
[b:4ab14ae47e]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:4ab14ae47e] - .
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_31
Run by Desktop1 at 16:28:06 on 2012-04-03
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.12031.10375 [GMT 2:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Spamihilator\spamihilator.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
uRun: [<NO NAME>]
uRun: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk"&"inst=NzctNzMxNzQ3NjkxLVNUMTJGT0krMS1ERFQrMC1FVUxBKzEtU1QxMkZBUFArMQ"&"prod=90"&"ver=2012.0.1809"&"mid=976a9517da6947d1bcbe6de7838a48a8-9f94b7e529eeb543e61c8400f77cb52237492586
StartupFolder: C:\Users\Desktop1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SPAMIH~1.LNK - C:\Program Files (x86)\Spamihilator\spamihilator.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{9459511D-A535-4795-A9E8-4BAB8490A8F6} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}
EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce-x64: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk"&"inst=NzctNzMxNzQ3NjkxLVNUMTJGT0krMS1ERFQrMC1FVUxBKzEtU1QxMkZBUFArMQ"&"prod=90"&"ver=2012.0.1809"&"mid=976a9517da6947d1bcbe6de7838a48a8-9f94b7e529eeb543e61c8400f77cb52237492586
AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Desktop1\AppData\Roaming\Mozilla\Firefox\Profiles\wx8rcqhc.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Users\Desktop1\AppData\Roaming\Mozilla\Firefox\Profiles\wx8rcqhc.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys –> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys –> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys –> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys –> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys –> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys –> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys –> C:\Windows\system32\DRIVERS\cmdguard.sys [?]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys –> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe –> C:\Windows\system32\atiesrxx.exe [?]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 ReflectService.exe;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2012-3-29 301720]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-10-9 386344]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys –> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys –> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys –> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys –> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys –> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys –> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys –> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2011-8-27 156288]
S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\system32\drivers\nmwcdnsucx64.sys –> C:\Windows\system32\drivers\nmwcdnsucx64.sys [?]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers\nmwcdnsux64.sys –> C:\Windows\system32\drivers\nmwcdnsux64.sys [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys –> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys –> C:\Windows\system32\drivers\tsusbflt.sys [?]
.
=============== Created Last 30 ================
.
2012-03-31 15:58:43 ——– d—–w- C:\Users\Desktop1\AppData\Roaming\Malwarebytes
2012-03-31 15:58:37 23152 —-a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-31 15:58:37 ——– d—–w- C:\ProgramData\Malwarebytes
2012-03-31 15:58:37 ——– d—–w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-31 13:28:53 ——– d–h–w- C:\ProgramData\CanonIJEGV
2012-03-29 14:48:54 43672 —-a-w- C:\Windows\System32\drivers\psmounter.sys
2012-03-29 14:48:54 13464 —-a-w- C:\Windows\System32\drivers\PSVolAcc.sys
2012-03-26 17:12:48 ——– d—–w- C:\Users\Desktop1\AppData\Roaming\QuickScan
2012-03-18 18:56:05 592824 —-a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-18 18:56:05 44472 —-a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-03-16 20:06:12 9216 —-a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-16 20:06:12 77312 —-a-w- C:\Windows\System32\rdpwsx.dll
2012-03-16 20:06:12 3145728 —-a-w- C:\Windows\System32\win32k.sys
2012-03-16 20:06:12 149504 —-a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-16 20:06:09 1544192 —-a-w- C:\Windows\System32\DWrite.dll
2012-03-16 20:06:09 1077248 —-a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-16 20:06:08 826880 —-a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-16 20:06:08 23552 —-a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-16 20:06:08 210944 —-a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-16 20:06:08 1112064 —-a-w- C:\Windows\System32\rdpcorets.dll
2012-03-16 20:06:08 1031680 —-a-w- C:\Windows\System32\rdpcore.dll
2012-03-13 18:31:58 ——– d—–w- C:\Users\Desktop1\AppData\Roaming\Belastingdienst
2012-03-12 18:40:34 ——– d—–w- C:\Users\Desktop1\AppData\Roaming\f-secure
2012-03-12 18:40:26 ——– d—–w- C:\ProgramData\F-Secure
.
==================== Find3M ====================
.
2012-03-11 21:13:41 43248 —-a-w- C:\Windows\System32\drivers\cmdhlp.sys
2012-03-11 21:13:40 577824 —-a-w- C:\Windows\System32\drivers\cmdGuard.sys
2012-03-11 21:13:38 22696 —-a-w- C:\Windows\System32\drivers\cmderd.sys
2012-03-11 21:13:20 41200 —-a-w- C:\Windows\System32\cmdcsr.dll
2012-03-11 21:13:18 301224 —-a-w- C:\Windows\SysWow64\guard32.dll
2012-03-11 21:13:17 389840 —-a-w- C:\Windows\System32\guard64.dll
2012-03-02 08:38:15 472808 —-a-w- C:\Windows\SysWow64\deployJava1.dll
2012-02-22 14:33:50 414368 —-a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
.
============= FINISH: 16:28:28,49 ===============
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Databaseversie: v2012.04.03.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Desktop1 :: DESKTOP1-PC [administrator]
3-4-2012 16:31:35
mbam-log-2012-04-03 (16-31-35).txt
Scantype: Volledige scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 344588
Verstreken tijd: 16 minuut/minuten, 49 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde) - Je mag het volgende gaan doen:
- Nou daar komen ze: ( bedankt alvast voor je hulp)
13:41:01.0981 4708 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
13:41:01.0982 4708 ============================================================
13:41:01.0982 4708 Current date / time: 2012/04/06 13:41:01.0982
13:41:01.0982 4708 SystemInfo:
13:41:01.0982 4708
13:41:01.0982 4708 OS Version: 6.1.7601 ServicePack: 1.0
13:41:01.0982 4708 Product type: Workstation
13:41:01.0982 4708 ComputerName: DESKTOP1-PC
13:41:01.0983 4708 UserName: Desktop1
13:41:01.0983 4708 Windows directory: C:\Windows
13:41:01.0983 4708 System windows directory: C:\Windows
13:41:01.0983 4708 Running under WOW64
13:41:01.0983 4708 Processor architecture: Intel x64
13:41:01.0983 4708 Number of processors: 4
13:41:01.0983 4708 Page size: 0x1000
13:41:01.0983 4708 Boot type: Normal boot
13:41:01.0983 4708 ============================================================
13:41:02.0245 4708 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:41:02.0246 4708 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:41:02.0250 4708 Drive \Device\Harddisk2\DR2 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:41:02.0285 4708 \Device\Harddisk0\DR0:
13:41:02.0285 4708 MBR used
13:41:02.0285 4708 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:41:02.0285 4708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
13:41:02.0285 4708 \Device\Harddisk1\DR1:
13:41:02.0285 4708 MBR used
13:41:02.0285 4708 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31E000
13:41:02.0285 4708 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x30D40000
13:41:02.0285 4708 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3D091000, BlocksNum 0x37675000
13:41:02.0285 4708 \Device\Harddisk2\DR2:
13:41:02.0291 4708 MBR used
13:41:02.0291 4708 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
13:41:02.0332 4708 Initialize success
13:41:02.0332 4708 ============================================================
13:41:02.0362 3556 ============================================================
13:41:02.0362 3556 Scan started
13:41:02.0362 3556 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
13:41:02.0362 3556 ============================================================
13:41:02.0680 3556 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:41:02.0746 3556 1394ohci - ok
13:41:02.0762 3556 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:41:02.0777 3556 ACPI - ok
13:41:02.0790 3556 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:41:02.0813 3556 AcpiPmi - ok
13:41:02.0820 3556 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
13:41:02.0832 3556 AdobeActiveFileMonitor7.0 - ok
13:41:02.0838 3556 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:41:02.0847 3556 AdobeARMservice - ok
13:41:02.0860 3556 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:41:02.0873 3556 AdobeFlashPlayerUpdateSvc - ok
13:41:02.0890 3556 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:41:02.0908 3556 adp94xx - ok
13:41:02.0924 3556 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:41:02.0939 3556 adpahci - ok
13:41:02.0954 3556 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:41:02.0967 3556 adpu320 - ok
13:41:02.0978 3556 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:41:03.0027 3556 AeLookupSvc - ok
13:41:03.0044 3556 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:41:03.0076 3556 AFD - ok
13:41:03.0090 3556 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:41:03.0101 3556 agp440 - ok
13:41:03.0113 3556 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:41:03.0129 3556 ALG - ok
13:41:03.0142 3556 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:41:03.0153 3556 aliide - ok
13:41:03.0167 3556 AMD External Events Utility (e0fd88ead5d8b1fae64a500d1d825c6d) C:\Windows\system32\atiesrxx.exe
13:41:03.0190 3556 AMD External Events Utility - ok
13:41:03.0203 3556 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:41:03.0213 3556 amdide - ok
13:41:03.0228 3556 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:41:03.0241 3556 AmdK8 - ok
13:41:03.0301 3556 amdkmdag (9337b5fabc03ca44cd355f700da9b25b) C:\Windows\system32\DRIVERS\atipmdag.sys
13:41:03.0383 3556 amdkmdag - ok
13:41:03.0399 3556 amdkmdap (560688a447e7a87f43774a2ff23a3e52) C:\Windows\system32\DRIVERS\atikmpag.sys
13:41:03.0416 3556 amdkmdap - ok
13:41:03.0430 3556 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:41:03.0444 3556 AmdPPM - ok
13:41:03.0458 3556 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
13:41:03.0470 3556 amdsata - ok
13:41:03.0485 3556 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:41:03.0498 3556 amdsbs - ok
13:41:03.0512 3556 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
13:41:03.0523 3556 amdxata - ok
13:41:03.0537 3556 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:41:03.0593 3556 AppID - ok
13:41:03.0604 3556 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:41:03.0635 3556 AppIDSvc - ok
13:41:03.0646 3556 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:41:03.0676 3556 Appinfo - ok
13:41:03.0689 3556 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
13:41:03.0705 3556 AppMgmt - ok
13:41:03.0719 3556 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:41:03.0730 3556 arc - ok
13:41:03.0744 3556 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:41:03.0756 3556 arcsas - ok
13:41:03.0770 3556 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:41:03.0801 3556 AsyncMac - ok
13:41:03.0815 3556 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:41:03.0825 3556 atapi - ok
13:41:03.0841 3556 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
13:41:03.0854 3556 AtiHdmiService - ok
13:41:03.0868 3556 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
13:41:03.0897 3556 AtiPcie - ok
13:41:03.0913 3556 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:41:03.0949 3556 AudioEndpointBuilder - ok
13:41:03.0956 3556 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:41:03.0989 3556 AudioSrv - ok
13:41:04.0029 3556 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
13:41:04.0101 3556 AVGIDSAgent - ok
13:41:04.0115 3556 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
13:41:04.0126 3556 AVGIDSDriver - ok
13:41:04.0140 3556 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
13:41:04.0149 3556 AVGIDSEH - ok
13:41:04.0161 3556 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
13:41:04.0171 3556 AVGIDSFilter - ok
13:41:04.0187 3556 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
13:41:04.0200 3556 Avgldx64 - ok
13:41:04.0214 3556 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
13:41:04.0223 3556 Avgmfx64 - ok
13:41:04.0248 3556 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
13:41:04.0258 3556 Avgrkx64 - ok
13:41:04.0274 3556 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
13:41:04.0288 3556 Avgtdia - ok
13:41:04.0295 3556 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
13:41:04.0307 3556 avgwd - ok
13:41:04.0319 3556 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:41:04.0342 3556 AxInstSV - ok
13:41:04.0359 3556 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:41:04.0377 3556 b06bdrv - ok
13:41:04.0393 3556 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:41:04.0409 3556 b57nd60a - ok
13:41:04.0422 3556 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:41:04.0437 3556 BDESVC - ok
13:41:04.0451 3556 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:41:04.0481 3556 Beep - ok
13:41:04.0499 3556 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:41:04.0535 3556 BFE - ok
13:41:04.0553 3556 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
13:41:04.0592 3556 BITS - ok
13:41:04.0606 3556 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:41:04.0620 3556 blbdrive - ok
13:41:04.0634 3556 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:41:04.0650 3556 bowser - ok
13:41:04.0663 3556 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:41:04.0686 3556 BrFiltLo - ok
13:41:04.0699 3556 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:41:04.0713 3556 BrFiltUp - ok
13:41:04.0725 3556 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:41:04.0756 3556 Browser - ok
13:41:04.0772 3556 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:41:04.0789 3556 Brserid - ok
13:41:04.0803 3556 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:41:04.0818 3556 BrSerWdm - ok
13:41:04.0831 3556 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:41:04.0846 3556 BrUsbMdm - ok
13:41:04.0859 3556 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:41:04.0872 3556 BrUsbSer - ok
13:41:04.0887 3556 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:41:04.0903 3556 BTHMODEM - ok
13:41:04.0914 3556 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:41:04.0946 3556 bthserv - ok
13:41:04.0960 3556 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:41:04.0991 3556 cdfs - ok
13:41:05.0006 3556 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:41:05.0020 3556 cdrom - ok
13:41:05.0033 3556 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:41:05.0063 3556 CertPropSvc - ok
13:41:05.0077 3556 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:41:05.0092 3556 circlass - ok
13:41:05.0106 3556 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:41:05.0122 3556 CLFS - ok
13:41:05.0129 3556 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:41:05.0139 3556 clr_optimization_v2.0.50727_32 - ok
13:41:05.0147 3556 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:41:05.0157 3556 clr_optimization_v2.0.50727_64 - ok
13:41:05.0171 3556 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:41:05.0184 3556 CmBatt - ok
13:41:05.0208 3556 cmdAgent (cee48ccc4d561ddb19c72f9fb55d28d5) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
13:41:05.0254 3556 cmdAgent - ok
13:41:05.0273 3556 cmdGuard (0599d5a458d4e0e37ab84e9d1c5c73e5) C:\Windows\system32\DRIVERS\cmdguard.sys
13:41:05.0290 3556 cmdGuard - ok
13:41:05.0304 3556 cmdHlp (2d3e08c7106f748f9eff3dec14142d3e) C:\Windows\system32\DRIVERS\cmdhlp.sys
13:41:05.0313 3556 cmdHlp - ok
13:41:05.0327 3556 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:41:05.0338 3556 cmdide - ok
13:41:05.0354 3556 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
13:41:05.0377 3556 CNG - ok
13:41:05.0391 3556 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:41:05.0402 3556 Compbatt - ok
13:41:05.0416 3556 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:41:05.0431 3556 CompositeBus - ok
13:41:05.0441 3556 COMSysApp - ok
13:41:05.0451 3556 cpuz134 - ok
13:41:05.0464 3556 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:41:05.0475 3556 crcdisk - ok
13:41:05.0488 3556 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
13:41:05.0519 3556 CryptSvc - ok
13:41:05.0536 3556 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
13:41:05.0555 3556 CSC - ok
13:41:05.0570 3556 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
13:41:05.0590 3556 CscService - ok
13:41:05.0605 3556 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:41:05.0640 3556 DcomLaunch - ok
13:41:05.0654 3556 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:41:05.0688 3556 defragsvc - ok
13:41:05.0705 3556 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:41:05.0736 3556 DfsC - ok
13:41:05.0749 3556 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:41:05.0782 3556 Dhcp - ok
13:41:05.0797 3556 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:41:05.0828 3556 discache - ok
13:41:05.0842 3556 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:41:05.0854 3556 Disk - ok
13:41:05.0866 3556 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:41:05.0881 3556 Dnscache - ok
13:41:05.0895 3556 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:41:05.0927 3556 dot3svc - ok
13:41:05.0939 3556 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:41:05.0970 3556 DPS - ok
13:41:05.0984 3556 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:41:05.0998 3556 drmkaud - ok
13:41:06.0019 3556 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:41:06.0043 3556 DXGKrnl - ok
13:41:06.0055 3556 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:41:06.0087 3556 EapHost - ok
13:41:06.0127 3556 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:41:06.0175 3556 ebdrv - ok
13:41:06.0187 3556 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:41:06.0201 3556 EFS - ok
13:41:06.0211 3556 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:41:06.0234 3556 ehRecvr - ok
13:41:06.0240 3556 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:41:06.0255 3556 ehSched - ok
13:41:06.0273 3556 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:41:06.0291 3556 elxstor - ok
13:41:06.0305 3556 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:41:06.0318 3556 ErrDev - ok
13:41:06.0333 3556 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:41:06.0368 3556 EventSystem - ok
13:41:06.0383 3556 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:41:06.0415 3556 exfat - ok
13:41:06.0430 3556 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:41:06.0463 3556 fastfat - ok
13:41:06.0480 3556 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:41:06.0500 3556 Fax - ok
13:41:06.0514 3556 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:41:06.0527 3556 fdc - ok
13:41:06.0538 3556 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:41:06.0569 3556 fdPHost - ok
13:41:06.0580 3556 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:41:06.0611 3556 FDResPub - ok
13:41:06.0625 3556 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:41:06.0637 3556 FileInfo - ok
13:41:06.0650 3556 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:41:06.0681 3556 Filetrace - ok
13:41:06.0690 3556 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:41:06.0732 3556 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
13:41:06.0732 3556 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
13:41:06.0746 3556 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:41:06.0759 3556 flpydisk - ok
13:41:06.0775 3556 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:41:06.0790 3556 FltMgr - ok
13:41:06.0809 3556 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
13:41:06.0851 3556 FontCache - ok
13:41:06.0857 3556 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:41:06.0867 3556 FontCache3.0.0.0 - ok
13:41:06.0881 3556 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:41:06.0892 3556 FsDepends - ok
13:41:06.0906 3556 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:41:06.0917 3556 Fs_Rec - ok
13:41:06.0932 3556 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:41:06.0948 3556 fvevol - ok
13:41:06.0962 3556 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:41:06.0974 3556 gagp30kx - ok
13:41:06.0991 3556 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:41:07.0028 3556 gpsvc - ok
13:41:07.0043 3556 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:41:07.0057 3556 hcw85cir - ok
13:41:07.0074 3556 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:41:07.0093 3556 HdAudAddService - ok
13:41:07.0108 3556 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:41:07.0123 3556 HDAudBus - ok
13:41:07.0137 3556 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:41:07.0150 3556 HidBatt - ok
13:41:07.0164 3556 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:41:07.0180 3556 HidBth - ok
13:41:07.0194 3556 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:41:07.0210 3556 HidIr - ok
13:41:07.0220 3556 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
13:41:07.0251 3556 hidserv - ok
13:41:07.0266 3556 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
13:41:07.0279 3556 HidUsb - ok
13:41:07.0290 3556 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:41:07.0320 3556 hkmsvc - ok
13:41:07.0333 3556 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:41:07.0349 3556 HomeGroupListener - ok
13:41:07.0361 3556 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:41:07.0376 3556 HomeGroupProvider - ok
13:41:07.0391 3556 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:41:07.0402 3556 HpSAMD - ok
13:41:07.0419 3556 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:41:07.0457 3556 HTTP - ok
13:41:07.0471 3556 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:41:07.0481 3556 hwpolicy - ok
13:41:07.0496 3556 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:41:07.0510 3556 i8042prt - ok
13:41:07.0527 3556 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
13:41:07.0543 3556 iaStorV - ok
13:41:07.0555 3556 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:41:07.0576 3556 idsvc - ok
13:41:07.0591 3556 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:41:07.0602 3556 iirsp - ok
13:41:07.0619 3556 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:41:07.0658 3556 IKEEXT - ok
13:41:07.0673 3556 inspect (efff0afd27cc97bf0e5e0bab78419de7) C:\Windows\system32\DRIVERS\inspect.sys
13:41:07.0684 3556 inspect - ok
13:41:07.0717 3556 IntcAzAudAddService (f5872a11eb4f6db170d636cd4e53ca9f) C:\Windows\system32\drivers\RTKVHD64.sys
13:41:07.0772 3556 IntcAzAudAddService - ok
13:41:07.0786 3556 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:41:07.0796 3556 intelide - ok
13:41:07.0810 3556 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:41:07.0824 3556 intelppm - ok
13:41:07.0836 3556 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:41:07.0867 3556 IPBusEnum - ok
13:41:07.0881 3556 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:41:07.0912 3556 IpFilterDriver - ok
13:41:07.0927 3556 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:41:07.0962 3556 iphlpsvc - ok
13:41:07.0976 3556 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:41:07.0990 3556 IPMIDRV - ok
13:41:08.0004 3556 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:41:08.0036 3556 IPNAT - ok
13:41:08.0050 3556 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:41:08.0072 3556 IRENUM - ok
13:41:08.0085 3556 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:41:08.0096 3556 isapnp - ok
13:41:08.0111 3556 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:41:08.0125 3556 iScsiPrt - ok
13:41:08.0140 3556 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
13:41:08.0151 3556 kbdclass - ok
13:41:08.0165 3556 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:41:08.0178 3556 kbdhid - ok
13:41:08.0189 3556 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:41:08.0201 3556 KeyIso - ok
13:41:08.0215 3556 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
13:41:08.0227 3556 KSecDD - ok
13:41:08.0242 3556 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
13:41:08.0254 3556 KSecPkg - ok
13:41:08.0268 3556 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:41:08.0299 3556 ksthunk - ok
13:41:08.0312 3556 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:41:08.0348 3556 KtmRm - ok
13:41:08.0361 3556 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
13:41:08.0393 3556 LanmanServer - ok
13:41:08.0405 3556 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:41:08.0436 3556 LanmanWorkstation - ok
13:41:08.0451 3556 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:41:08.0483 3556 lltdio - ok
13:41:08.0496 3556 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:41:08.0531 3556 lltdsvc - ok
13:41:08.0543 3556 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:41:08.0573 3556 lmhosts - ok
13:41:08.0588 3556 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:41:08.0600 3556 LSI_FC - ok
13:41:08.0614 3556 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:41:08.0626 3556 LSI_SAS - ok
13:41:08.0641 3556 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:41:08.0652 3556 LSI_SAS2 - ok
13:41:08.0667 3556 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:41:08.0679 3556 LSI_SCSI - ok
13:41:08.0694 3556 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:41:08.0726 3556 luafv - ok
13:41:08.0738 3556 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:41:08.0752 3556 Mcx2Svc - ok
13:41:08.0766 3556 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:41:08.0777 3556 megasas - ok
13:41:08.0792 3556 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:41:08.0807 3556 MegaSR - ok
13:41:08.0814 3556 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:41:08.0825 3556 Microsoft Office Groove Audit Service - ok
13:41:08.0836 3556 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:41:08.0867 3556 MMCSS - ok
13:41:08.0881 3556 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:41:08.0912 3556 Modem - ok
13:41:08.0926 3556 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:41:08.0940 3556 monitor - ok
13:41:08.0954 3556 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
13:41:08.0966 3556 mouclass - ok
13:41:08.0980 3556 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:41:08.0993 3556 mouhid - ok
13:41:09.0007 3556 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:41:09.0020 3556 mountmgr - ok
13:41:09.0033 3556 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:41:09.0046 3556 mpio - ok
13:41:09.0060 3556 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:41:09.0091 3556 mpsdrv - ok
13:41:09.0109 3556 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:41:09.0147 3556 MpsSvc - ok
13:41:09.0162 3556 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:41:09.0180 3556 MRxDAV - ok
13:41:09.0195 3556 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:41:09.0210 3556 mrxsmb - ok
13:41:09.0226 3556 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:41:09.0242 3556 mrxsmb10 - ok
13:41:09.0308 3556 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:41:09.0328 3556 mrxsmb20 - ok
13:41:09.0341 3556 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:41:09.0352 3556 msahci - ok
13:41:09.0367 3556 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:41:09.0379 3556 msdsm - ok
13:41:09.0391 3556 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:41:09.0406 3556 MSDTC - ok
13:41:09.0420 3556 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:41:09.0451 3556 Msfs - ok
13:41:09.0464 3556 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:41:09.0495 3556 mshidkmdf - ok
13:41:09.0508 3556 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:41:09.0519 3556 msisadrv - ok
13:41:09.0531 3556 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:41:09.0564 3556 MSiSCSI - ok
13:41:09.0574 3556 msiserver - ok
13:41:09.0588 3556 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:41:09.0619 3556 MSKSSRV - ok
13:41:09.0632 3556 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:41:09.0663 3556 MSPCLOCK - ok
13:41:09.0676 3556 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:41:09.0707 3556 MSPQM - ok
13:41:09.0724 3556 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:41:09.0740 3556 MsRPC - ok
13:41:09.0754 3556 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:41:09.0764 3556 mssmbios - ok
13:41:09.0778 3556 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:41:09.0809 3556 MSTEE - ok
13:41:09.0822 3556 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:41:09.0835 3556 MTConfig - ok
13:41:09.0849 3556 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:41:09.0860 3556 Mup - ok
13:41:09.0875 3556 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:41:09.0910 3556 napagent - ok
13:41:09.0927 3556 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:41:09.0946 3556 NativeWifiP - ok
13:41:09.0968 3556 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:41:09.0991 3556 NDIS - ok
13:41:10.0005 3556 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:41:10.0037 3556 NdisCap - ok
13:41:10.0051 3556 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:41:10.0081 3556 NdisTapi - ok
13:41:10.0095 3556 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:41:10.0125 3556 Ndisuio - ok
13:41:10.0140 3556 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:41:10.0171 3556 NdisWan - ok
13:41:10.0185 3556 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:41:10.0215 3556 NDProxy - ok
13:41:10.0229 3556 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:41:10.0260 3556 NetBIOS - ok
13:41:10.0275 3556 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:41:10.0307 3556 NetBT - ok
13:41:10.0318 3556 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:41:10.0331 3556 Netlogon - ok
13:41:10.0345 3556 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:41:10.0379 3556 Netman - ok
13:41:10.0395 3556 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:41:10.0430 3556 netprofm - ok
13:41:10.0437 3556 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:41:10.0463 3556 NetTcpPortSharing - ok
13:41:10.0477 3556 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:41:10.0488 3556 nfrd960 - ok
13:41:10.0502 3556 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:41:10.0534 3556 NlaSvc - ok
13:41:10.0549 3556 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys
13:41:10.0574 3556 nmwcd - ok
13:41:10.0588 3556 nmwcdc (41c1ac1f3613435eb32d67bcb80a5fa5) C:\Windows\system32\drivers\ccdcmbox64.sys
13:41:10.0610 3556 nmwcdc - ok
13:41:10.0624 3556 nmwcdnsucx64 (a962be6433ef016e0dfb52eca15a5378) C:\Windows\system32\drivers\nmwcdnsucx64.sys
13:41:10.0646 3556 nmwcdnsucx64 - ok
13:41:10.0662 3556 nmwcdnsux64 (9573223e205907247ae6d948e3453770) C:\Windows\system32\drivers\nmwcdnsux64.sys
13:41:10.0686 3556 nmwcdnsux64 - ok
13:41:10.0700 3556 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:41:10.0730 3556 Npfs - ok
13:41:10.0742 3556 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:41:10.0772 3556 nsi - ok
13:41:10.0786 3556 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:41:10.0817 3556 nsiproxy - ok
13:41:10.0848 3556 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
13:41:10.0882 3556 Ntfs - ok
13:41:10.0898 3556 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:41:10.0928 3556 Null - ok
13:41:10.0943 3556 nusb3hub (088cd71003f21f96f01c63955150a1fb) C:\Windows\system32\DRIVERS\nusb3hub.sys
13:41:10.0955 3556 nusb3hub - ok
13:41:10.0970 3556 nusb3xhc (d90a2d44e93daea47aea946d9e87000f) C:\Windows\system32\DRIVERS\nusb3xhc.sys
13:41:10.0983 3556 nusb3xhc - ok
13:41:10.0999 3556 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
13:41:11.0011 3556 nvraid - ok
13:41:11.0026 3556 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
13:41:11.0039 3556 nvstor - ok
13:41:11.0054 3556 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:41:11.0066 3556 nv_agp - ok
13:41:11.0074 3556 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:41:11.0090 3556 odserv - ok
13:41:11.0105 3556 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:41:11.0118 3556 ohci1394 - ok
13:41:11.0125 3556 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:41:11.0136 3556 ose - ok
13:41:11.0151 3556 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:41:11.0169 3556 p2pimsvc - ok
13:41:11.0184 3556 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:41:11.0201 3556 p2psvc - ok
13:41:11.0216 3556 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:41:11.0229 3556 Parport - ok
13:41:11.0244 3556 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:41:11.0255 3556 partmgr - ok
13:41:11.0268 3556 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:41:11.0286 3556 PcaSvc - ok
13:41:11.0299 3556 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
13:41:11.0320 3556 pccsmcfd - ok
13:41:11.0335 3556 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:41:11.0348 3556 pci - ok
13:41:11.0362 3556 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:41:11.0372 3556 pciide - ok
13:41:11.0387 3556 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:41:11.0401 3556 pcmcia - ok
13:41:11.0415 3556 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:41:11.0426 3556 pcw - ok
13:41:11.0444 3556 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:41:11.0482 3556 PEAUTH - ok
13:41:11.0506 3556 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
13:41:11.0534 3556 PeerDistSvc - ok
13:41:11.0546 3556 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:41:11.0560 3556 PerfHost - ok
13:41:11.0584 3556 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:41:11.0629 3556 pla - ok
13:41:11.0644 3556 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:41:11.0662 3556 PlugPlay - ok
13:41:11.0673 3556 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:41:11.0687 3556 PNRPAutoReg - ok
13:41:11.0700 3556 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:41:11.0715 3556 PNRPsvc - ok
13:41:11.0730 3556 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:41:11.0764 3556 PolicyAgent - ok
13:41:11.0777 3556 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:41:11.0810 3556 Power - ok
13:41:11.0825 3556 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:41:11.0855 3556 PptpMiniport - ok
13:41:11.0869 3556 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:41:11.0883 3556 Processor - ok
13:41:11.0896 3556 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
13:41:11.0928 3556 ProfSvc - ok
13:41:11.0940 3556 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:41:11.0952 3556 ProtectedStorage - ok
13:41:11.0967 3556 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:41:11.0998 3556 Psched - ok
13:41:12.0012 3556 PxHlpa64 (a6bf0a9b5a30d743623ca0d3be35df05) C:\Windows\system32\Drivers\PxHlpa64.sys
13:41:12.0022 3556 PxHlpa64 - ok
13:41:12.0047 3556 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:41:12.0079 3556 ql2300 - ok
13:41:12.0094 3556 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:41:12.0106 3556 ql40xx - ok
13:41:12.0119 3556 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:41:12.0138 3556 QWAVE - ok
13:41:12.0152 3556 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:41:12.0168 3556 QWAVEdrv - ok
13:41:12.0182 3556 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:41:12.0213 3556 RasAcd - ok
13:41:12.0227 3556 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:41:12.0258 3556 RasAgileVpn - ok
13:41:12.0272 3556 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:41:12.0304 3556 RasAuto - ok
13:41:12.0319 3556 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:41:12.0349 3556 Rasl2tp - ok
13:41:12.0363 3556 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:41:12.0396 3556 RasMan - ok
13:41:12.0411 3556 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:41:12.0444 3556 RasPppoe - ok
13:41:12.0458 3556 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:41:12.0490 3556 RasSstp - ok
13:41:12.0506 3556 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:41:12.0538 3556 rdbss - ok
13:41:12.0553 3556 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:41:12.0568 3556 rdpbus - ok
13:41:12.0581 3556 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:41:12.0612 3556 RDPCDD - ok
13:41:12.0628 3556 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
13:41:12.0642 3556 RDPDR - ok
13:41:12.0657 3556 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:41:12.0687 3556 RDPENCDD - ok
13:41:12.0703 3556 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:41:12.0733 3556 RDPREFMP - ok
13:41:12.0750 3556 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
13:41:12.0763 3556 RdpVideoMiniport - ok
13:41:12.0779 3556 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
13:41:12.0806 3556 RDPWD - ok
13:41:12.0822 3556 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:41:12.0835 3556 rdyboost - ok
13:41:12.0843 3556 ReflectService.exe (943ade1dd6789432419a87bb85884322) C:\Program Files\Macrium\Reflect\ReflectService.exe
13:41:12.0857 3556 ReflectService.exe - ok
13:41:12.0869 3556 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:41:12.0901 3556 RemoteAccess - ok
13:41:12.0914 3556 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:41:12.0947 3556 RemoteRegistry - ok
13:41:12.0956 3556 RichVideo64 (0b169fe016039571ecc6db70073f8979) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
13:41:12.0970 3556 RichVideo64 - ok
13:41:12.0982 3556 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:41:13.0013 3556 RpcEptMapper - ok
13:41:13.0025 3556 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:41:13.0038 3556 RpcLocator - ok
13:41:13.0053 3556 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:41:13.0087 3556 RpcSs - ok
13:41:13.0101 3556 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:41:13.0133 3556 rspndr - ok
13:41:13.0150 3556 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:41:13.0175 3556 RTL8167 - ok
13:41:13.0189 3556 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
13:41:13.0202 3556 s3cap - ok
13:41:13.0214 3556 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:41:13.0226 3556 SamSs - ok
13:41:13.0232 3556 SbieDrv (742112ce7abb11dc17a561b4291be9c6) C:\Program Files\Sandboxie\SbieDrv.sys
13:41:13.0256 3556 SbieDrv - ok
13:41:13.0261 3556 SbieSvc (2419ed7e333b2bc2f81e50a6f5923fc6) C:\Program Files\Sandboxie\SbieSvc.exe
13:41:13.0271 3556 SbieSvc - ok
13:41:13.0286 3556 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:41:13.0298 3556 sbp2port - ok
13:41:13.0311 3556 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:41:13.0347 3556 SCardSvr - ok
13:41:13.0361 3556 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:41:13.0391 3556 scfilter - ok
13:41:13.0410 3556 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:41:13.0452 3556 Schedule - ok
13:41:13.0464 3556 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:41:13.0493 3556 SCPolicySvc - ok
13:41:13.0506 3556 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:41:13.0522 3556 SDRSVC - ok
13:41:13.0536 3556 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:41:13.0566 3556 secdrv - ok
13:41:13.0578 3556 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:41:13.0608 3556 seclogon - ok
13:41:13.0620 3556 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:41:13.0652 3556 SENS - ok
13:41:13.0664 3556 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:41:13.0678 3556 SensrSvc - ok
13:41:13.0693 3556 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:41:13.0706 3556 Serenum - ok
13:41:13.0721 3556 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:41:13.0735 3556 Serial - ok
13:41:13.0750 3556 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:41:13.0763 3556 sermouse - ok
13:41:13.0773 3556 ServiceLayer (668043f192ab9659761a349a4703600d) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
13:41:13.0792 3556 ServiceLayer - ok
13:41:13.0807 3556 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:41:13.0839 3556 SessionEnv - ok
13:41:13.0853 3556 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:41:13.0869 3556 sffdisk - ok
13:41:13.0883 3556 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:41:13.0898 3556 sffp_mmc - ok
13:41:13.0912 3556 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:41:13.0928 3556 sffp_sd - ok
13:41:13.0942 3556 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:41:13.0956 3556 sfloppy - ok
13:41:13.0970 3556 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:41:14.0005 3556 SharedAccess - ok
13:41:14.0020 3556 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:41:14.0054 3556 ShellHWDetection - ok
13:41:14.0068 3556 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:41:14.0079 3556 SiSRaid2 - ok
13:41:14.0093 3556 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:41:14.0105 3556 SiSRaid4 - ok
13:41:14.0119 3556 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:41:14.0151 3556 Smb - ok
13:41:14.0164 3556 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:41:14.0178 3556 SNMPTRAP - ok
13:41:14.0192 3556 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:41:14.0203 3556 spldr - ok
13:41:14.0218 3556 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:41:14.0254 3556 Spooler - ok
13:41:14.0293 3556 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:41:14.0361 3556 sppsvc - ok
13:41:14.0377 3556 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:41:14.0409 3556 sppuinotify - ok
13:41:14.0428 3556 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:41:14.0446 3556 srv - ok
13:41:14.0464 3556 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:41:14.0481 3556 srv2 - ok
13:41:14.0496 3556 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:41:14.0510 3556 srvnet - ok
13:41:14.0523 3556 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:41:14.0556 3556 SSDPSRV - ok
13:41:14.0572 3556 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
13:41:14.0581 3556 SSPORT - ok
13:41:14.0593 3556 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:41:14.0625 3556 SstpSvc - ok
13:41:14.0639 3556 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:41:14.0649 3556 stexstor - ok
13:41:14.0665 3556 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:41:14.0689 3556 stisvc - ok
13:41:14.0703 3556 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
13:41:14.0714 3556 storflt - ok
13:41:14.0728 3556 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
13:41:14.0739 3556 storvsc - ok
13:41:14.0753 3556 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:41:14.0764 3556 swenum - ok
13:41:14.0779 3556 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:41:14.0815 3556 swprv - ok
13:41:14.0829 3556 Synth3dVsc - ok
13:41:14.0854 3556 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:41:14.0890 3556 SysMain - ok
13:41:14.0902 3556 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:41:14.0920 3556 TabletInputService - ok
13:41:14.0934 3556 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:41:14.0968 3556 TapiSrv - ok
13:41:14.0978 3556 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:41:15.0010 3556 TBS - ok
13:41:15.0038 3556 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:41:15.0076 3556 Tcpip - ok
13:41:15.0105 3556 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:41:15.0137 3556 TCPIP6 - ok
13:41:15.0153 3556 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:41:15.0183 3556 tcpipreg - ok
13:41:15.0198 3556 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:41:15.0211 3556 TDPIPE - ok
13:41:15.0225 3556 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:41:15.0246 3556 TDTCP - ok
13:41:15.0261 3556 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:41:15.0292 3556 tdx - ok
13:41:15.0306 3556 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:41:15.0318 3556 TermDD - ok
13:41:15.0334 3556 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:41:15.0371 3556 TermService - ok
13:41:15.0383 3556 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:41:15.0400 3556 Themes - ok
13:41:15.0413 3556 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:41:15.0443 3556 THREADORDER - ok
13:41:15.0456 3556 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:41:15.0488 3556 TrkWks - ok
13:41:15.0494 3556 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:41:15.0526 3556 TrustedInstaller - ok
13:41:15.0550 3556 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:41:15.0579 3556 tssecsrv - ok
13:41:15.0594 3556 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:41:15.0650 3556 TsUsbFlt - ok
13:41:15.0664 3556 tsusbhub - ok
13:41:15.0680 3556 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:41:15.0711 3556 tunnel - ok
13:41:15.0725 3556 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:41:15.0737 3556 uagp35 - ok
13:41:15.0754 3556 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:41:15.0786 3556 udfs - ok
13:41:15.0800 3556 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:41:15.0816 3556 UI0Detect - ok
13:41:15.0830 3556 UimBus (34859d3801f4bd3dacfa131dd928455a) C:\Windows\system32\DRIVERS\uimx64.sys
13:41:15.0841 3556 UimBus - ok
13:41:15.0860 3556 Uim_IM (d3ce4776e7ffb25e6935b1c797f4650c) C:\Windows\system32\Drivers\Uim_IMx64.sys
13:41:15.0877 3556 Uim_IM - ok
13:41:15.0895 3556 Uim_VIM (532e4bed5c7803b2ee5681818b2528b7) C:\Windows\system32\Drivers\uim_vimx64.sys
13:41:15.0909 3556 Uim_VIM - ok
13:41:15.0924 3556 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:41:15.0936 3556 uliagpkx - ok
13:41:15.0951 3556 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
13:41:15.0965 3556 umbus - ok
13:41:15.0979 3556 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:41:15.0992 3556 UmPass - ok
13:41:16.0006 3556 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
13:41:16.0022 3556 UmRdpService - ok
13:41:16.0037 3556 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:41:16.0072 3556 upnphost - ok
13:41:16.0086 3556 upperdev (4e93c8496359e97830c75ac36393654d) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
13:41:16.0110 3556 upperdev - ok
13:41:16.0124 3556 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys
13:41:16.0139 3556 usbccgp - ok
13:41:16.0154 3556 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:41:16.0169 3556 usbcir - ok
13:41:16.0184 3556 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
13:41:16.0198 3556 usbehci - ok
13:41:16.0215 3556 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
13:41:16.0232 3556 usbhub - ok
13:41:16.0247 3556 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
13:41:16.0260 3556 usbohci - ok
13:41:16.0275 3556 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:41:16.0289 3556 usbprint - ok
13:41:16.0303 3556 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
13:41:16.0318 3556 usbser - ok
13:41:16.0333 3556 UsbserFilt (8844cb19a37b65e27049d4a7786726a9) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
13:41:16.0356 3556 UsbserFilt - ok
13:41:16.0371 3556 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:41:16.0385 3556 USBSTOR - ok
13:41:16.0400 3556 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
13:41:16.0413 3556 usbuhci - ok
13:41:16.0425 3556 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:41:16.0459 3556 UxSms - ok
13:41:16.0470 3556 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:41:16.0483 3556 VaultSvc - ok
13:41:16.0497 3556 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:41:16.0508 3556 vdrvroot - ok
13:41:16.0524 3556 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:41:16.0559 3556 vds - ok
13:41:16.0574 3556 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:41:16.0589 3556 vga - ok
13:41:16.0603 3556 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:41:16.0634 3556 VgaSave - ok
13:41:16.0648 3556 VGPU - ok
13:41:16.0665 3556 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:41:16.0679 3556 vhdmp - ok
13:41:16.0693 3556 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:41:16.0704 3556 viaide - ok
13:41:16.0720 3556 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
13:41:16.0733 3556 vmbus - ok
13:41:16.0748 3556 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
13:41:16.0760 3556 VMBusHID - ok
13:41:16.0776 3556 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:41:16.0787 3556 volmgr - ok
13:41:16.0804 3556 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:41:16.0820 3556 volmgrx - ok
13:41:16.0837 3556 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:41:16.0853 3556 volsnap - ok
13:41:16.0869 3556 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:41:16.0882 3556 vsmraid - ok
13:41:16.0906 3556 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:41:16.0950 3556 VSS - ok
13:41:16.0966 3556 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
13:41:16.0981 3556 vwifibus - ok
13:41:16.0995 3556 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:41:17.0031 3556 W32Time - ok
13:41:17.0047 3556 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:41:17.0060 3556 WacomPen - ok
13:41:17.0076 3556 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:41:17.0106 3556 WANARP - ok
13:41:17.0109 3556 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:41:17.0138 3556 Wanarpv6 - ok
13:41:17.0162 3556 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:41:17.0192 3556 wbengine - ok
13:41:17.0206 3556 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:41:17.0225 3556 WbioSrvc - ok
13:41:17.0239 3556 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:41:17.0260 3556 wcncsvc - ok
13:41:17.0272 3556 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:41:17.0287 3556 WcsPlugInService - ok
13:41:17.0302 3556 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:41:17.0312 3556 Wd - ok
13:41:17.0332 3556 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:41:17.0351 3556 Wdf01000 - ok
13:41:17.0364 3556 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:41:17.0391 3556 WdiServiceHost - ok
13:41:17.0394 3556 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:41:17.0411 3556 WdiSystemHost - ok
13:41:17.0425 3556 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:41:17.0446 3556 WebClient - ok
13:41:17.0460 3556 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:41:17.0494 3556 Wecsvc - ok
13:41:17.0506 3556 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:41:17.0538 3556 wercplsupport - ok
13:41:17.0551 3556 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:41:17.0583 3556 WerSvc - ok
13:41:17.0598 3556 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:41:17.0629 3556 WfpLwf - ok
13:41:17.0644 3556 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:41:17.0654 3556 WIMMount - ok
13:41:17.0658 3556 WinDefend - ok
13:41:17.0660 3556 WinHttpAutoProxySvc - ok
13:41:17.0676 3556 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:41:17.0709 3556 Winmgmt - ok
13:41:17.0736 3556 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:41:17.0788 3556 WinRM - ok
13:41:17.0806 3556 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:41:17.0822 3556 WinUsb - ok
13:41:17.0841 3556 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:41:17.0867 3556 Wlansvc - ok
13:41:17.0882 3556 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:41:17.0895 3556 WmiAcpi - ok
13:41:17.0912 3556 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:41:17.0928 3556 wmiApSrv - ok
13:41:17.0931 3556 WMPNetworkSvc - ok
13:41:17.0943 3556 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:41:17.0957 3556 WPCSvc - ok
13:41:17.0970 3556 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:41:17.0987 3556 WPDBusEnum - ok
13:41:18.0001 3556 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:41:18.0032 3556 ws2ifsl - ok
13:41:18.0044 3556 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
13:41:18.0062 3556 wscsvc - ok
13:41:18.0073 3556 WSearch - ok
13:41:18.0101 3556 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
13:41:18.0157 3556 wuauserv - ok
13:41:18.0172 3556 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:41:18.0203 3556 WudfPf - ok
13:41:18.0218 3556 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:41:18.0250 3556 WUDFRd - ok
13:41:18.0262 3556 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:41:18.0292 3556 wudfsvc - ok
13:41:18.0306 3556 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:41:18.0325 3556 WwanSvc - ok
13:41:18.0330 3556 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:41:18.0359 3556 \Device\Harddisk0\DR0 - ok
13:41:18.0360 3556 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
13:41:18.0427 3556 \Device\Harddisk1\DR1 - ok
13:41:18.0434 3556 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
13:41:18.0566 3556 \Device\Harddisk2\DR2 - ok
13:41:18.0567 3556 Boot (0x1200) (c1e7289526f1488585aa93657b17f3e8) \Device\Harddisk0\DR0\Partition0
13:41:18.0568 3556 \Device\Harddisk0\DR0\Partition0 - ok
13:41:18.0568 3556 Boot (0x1200) (bbf02225c6b79d0df5becfba49094375) \Device\Harddisk0\DR0\Partition1
13:41:18.0569 3556 \Device\Harddisk0\DR0\Partition1 - ok
13:41:18.0570 3556 Boot (0x1200) (02bde9c5a37c692cca6aef4a80575d73) \Device\Harddisk1\DR1\Partition0
13:41:18.0571 3556 \Device\Harddisk1\DR1\Partition0 - ok
13:41:18.0571 3556 Boot (0x1200) (926888faff2e88ef8e1c0e3888528d9d) \Device\Harddisk1\DR1\Partition1
13:41:18.0572 3556 \Device\Harddisk1\DR1\Partition1 - ok
13:41:18.0573 3556 Boot (0x1200) (bffac1465be97d9e04c18b9ab8b04a4f) \Device\Harddisk1\DR1\Partition2
13:41:18.0574 3556 \Device\Harddisk1\DR1\Partition2 - ok
13:41:18.0576 3556 Boot (0x1200) (3a0384995f02ae85daf1e85c96e259f5) \Device\Harddisk2\DR2\Partition0
13:41:18.0578 3556 \Device\Harddisk2\DR2\Partition0 - ok
13:41:18.0578 3556 ============================================================
13:41:18.0578 3556 Scan finished
13:41:18.0578 3556 ============================================================
13:41:19.0120 4804 Deinitialize success
==============================================
System Restore Point Check:
TDSSKiller Starter Restore Point Created Succesfully
==============================================
EOF
…………………………………………..
ComboFix 12-04-04.02 - Desktop1 06-04-2012 13:49:28.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.12031.10858 [GMT 2:00]
Gestart vanuit: c:\users\Desktop1\Desktop\ComboFix.exe
AV - ComboFix 12-04-04.02 - Desktop1 06-04-2012 13:49:28.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.12031.10858 [GMT 2:00]
Gestart vanuit: c:\users\Desktop1\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
F:\install.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-03-06 to 2012-04-06 ))))))))))))))))))))))))))))))
.
.
2012-04-06 11:40 . 2012-04-06 11:41 ——– d—–w- C:\TDSSStarter
2012-04-06 11:02 . 2012-04-06 11:02 ——– d—–w- C:\archive_db
2012-04-06 10:58 . 2012-04-06 10:58 ——– d—–w- c:\programdata\backup
2012-04-06 10:58 . 2012-04-06 10:58 ——– d—–w- c:\programdata\explauncher
2012-04-06 10:58 . 2012-04-06 10:58 ——– d—–w- c:\programdata\launcher
2012-04-06 10:57 . 2012-04-06 10:57 ——– d—–w- c:\program files (x86)\Paragon Software
2012-04-06 09:27 . 2012-04-06 09:28 ——– d—–w- c:\program files (x86)\Scan Assistant
2012-04-06 09:27 . 2012-04-06 09:27 ——– d—–w- c:\program files\Common Files\Common Desktop Agent
2012-04-06 09:27 . 2012-04-06 09:27 ——– d—–w- c:\program files (x86)\Common Files\Common Desktop Agent
2012-04-06 09:26 . 2012-04-06 09:27 ——– d—–w- c:\program files (x86)\Samsung
2012-04-05 19:30 . 2012-04-06 09:27 ——– d—–w- c:\users\Desktop1\AppData\Roaming\Samsung
2012-04-05 19:29 . 2011-12-20 10:53 149880 —-a-w- c:\windows\Wiainst64.exe
2012-04-05 19:29 . 2011-03-21 08:37 49152 —-a-r- c:\windows\SysWow64\Ssusbpn.dll
2012-04-05 19:29 . 2011-03-21 08:37 43520 —-a-r- c:\windows\system32\Ssusbp64.dll
2012-04-05 19:29 . 2011-03-18 05:49 323072 —-a-r- c:\windows\system32\SaMinDrv.dll
2012-04-05 19:29 . 2011-03-18 05:49 123904 —-a-r- c:\windows\system32\SaImgFlt.dll
2012-04-05 19:29 . 2011-03-18 05:49 55296 —-a-r- c:\windows\system32\SaErHdlr.dll
2012-04-05 19:29 . 2012-04-06 09:27 ——– d—–w- c:\programdata\Samsung
2012-04-05 19:29 . 2011-05-02 04:40 36864 —-a-w- c:\windows\system32\Spool\prtprocs\x64\ssm1mpc.dll
2012-04-05 19:28 . 2011-05-02 04:40 34304 —-a-w- c:\windows\system32\ssm1mlm.dll
2012-04-05 19:28 . 2011-03-22 08:31 151552 —-a-w- c:\windows\system32\ssm1mci.exe
2012-04-05 19:28 . 2011-03-22 08:31 89600 —-a-w- c:\windows\system32\ssm1mci.dll
2012-04-05 06:15 . 2012-04-05 06:15 418464 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-03-31 15:58 . 2012-03-31 15:58 ——– d—–w- c:\users\Desktop1\AppData\Roaming\Malwarebytes
2012-03-31 15:58 . 2012-03-31 15:58 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-31 15:58 . 2012-03-31 15:58 ——– d—–w- c:\programdata\Malwarebytes
2012-03-31 15:58 . 2011-12-10 13:24 23152 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-03-31 13:28 . 2012-03-31 13:28 ——– d–h–w- c:\programdata\CanonIJEGV
2012-03-29 14:48 . 2012-03-29 14:29 13464 —-a-w- c:\windows\system32\drivers\PSVolAcc.sys
2012-03-29 14:48 . 2012-03-29 14:29 43672 —-a-w- c:\windows\system32\drivers\psmounter.sys
2012-03-26 17:12 . 2012-04-05 06:34 ——– d—–w- c:\users\Desktop1\AppData\Roaming\QuickScan
2012-03-18 18:56 . 2012-03-18 18:56 592824 —-a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-18 18:56 . 2012-03-18 18:56 44472 —-a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-16 20:06 . 2012-02-03 04:34 3145728 —-a-w- c:\windows\system32\win32k.sys
2012-03-16 20:06 . 2012-01-25 06:38 77312 —-a-w- c:\windows\system32\rdpwsx.dll
2012-03-16 20:06 . 2012-01-25 06:38 149504 —-a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-16 20:06 . 2012-01-25 06:33 9216 —-a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-16 20:06 . 2012-02-10 06:36 1544192 —-a-w- c:\windows\system32\DWrite.dll
2012-03-16 20:06 . 2012-02-10 05:38 1077248 —-a-w- c:\windows\SysWow64\DWrite.dll
2012-03-16 20:06 . 2012-02-17 06:38 1112064 —-a-w- c:\windows\system32\rdpcorets.dll
2012-03-16 20:06 . 2012-02-17 06:38 1031680 —-a-w- c:\windows\system32\rdpcore.dll
2012-03-16 20:06 . 2012-02-17 05:34 826880 —-a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-16 20:06 . 2012-02-17 04:58 210944 —-a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-16 20:06 . 2012-02-17 04:57 23552 —-a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-13 18:31 . 2012-03-13 19:50 ——– d—–w- c:\users\Desktop1\AppData\Roaming\Belastingdienst
2012-03-12 18:40 . 2012-03-12 18:40 ——– d—–w- c:\users\Desktop1\AppData\Roaming\f-secure
2012-03-12 18:40 . 2012-03-12 18:40 ——– d—–w- c:\programdata\F-Secure
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-05 06:15 . 2011-09-21 14:20 70304 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-11 21:13 . 2011-06-30 07:38 43248 —-a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-03-11 21:13 . 2011-06-30 07:38 577824 —-a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-03-11 21:13 . 2011-06-30 07:38 22696 —-a-w- c:\windows\system32\drivers\cmderd.sys
2012-03-11 21:13 . 2011-10-21 11:23 41200 —-a-w- c:\windows\system32\cmdcsr.dll
2012-03-11 21:13 . 2011-06-30 07:37 301224 —-a-w- c:\windows\SysWow64\guard32.dll
2012-03-11 21:13 . 2011-06-30 07:37 389840 —-a-w- c:\windows\system32\guard64.dll
2012-03-02 08:38 . 2011-09-27 15:04 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2011-08-27 638736]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2011-11-01 1053056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 98304]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-03-30 113296]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=NFVXV1UtV0JEWEMtVllGTjMtUURKTUgtNDJBT0EtSzZIVTk&inst=NzctNzMxNzQ3NjkxLVNUMTJGT0krMS1ERFQrMC1FVUxBKzEtU1QxMkZBUFArMQ&prod=90&ver=2012.0.1809&mid=976a9517da6947d1bcbe6de7838a48a8-9f94b7e529eeb543e61c8400f77cb52237492586" [?]
.
c:\users\Desktop1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Spamihilator.lnk - c:\program files\Spamihilator\spamihilator.exe [2011-11-10 2430464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 253600]
R3 cpuz134;cpuz134;c:\users\Desktop1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 ReflectService.exe;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2012-03-29 301720]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
— Andere Services/Drivers In Geheugen —
.
*NewlyCreated* - WS2IFSL
.
Inhoud van de 'Gedeelde Taken' map
.
2012-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 06:15]
.
.
——— x86-64 ———–
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-09-21 11057768]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2010-12-17 438784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
——- Bijkomende Scan ——-
.
uLocal Page = c:\windows\system32\blank.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Desktop1\AppData\Roaming\Mozilla\Firefox\Profiles\wx8rcqhc.default\
.
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"v5Licence0"="15-ZPW3-5BEC-7GJ2-91R9-ME4S-MP2VRN5"
"Activated"="Y"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-04-06 13:57:50 - machine werd herstart
ComboFix-quarantined-files.txt 2012-04-06 11:57
.
Pre-Run: 58.772.000.768 bytes beschikbaar
Post-Run: 58.489.098.240 bytes beschikbaar
.
- - End Of File - - 1F7B1C9D50606E665582D3C08C13A30E - Heb je F-Secure als demoversie uitgeprobeerd?
Ik gebruik naast avg f-secure regelmatig als online scanner.
Moet ik desondanks jouw verdere instructies volgen met clearjavacache::?
En heb je verder nog iets kunnen vinden in verband met lsass.exe?
Bedankt, - Ik schoon mijn computer ook met CCleaner. Kun je dat ook zo instellen dat het de cache verwijdert? Er staat iets van cache bij geavanceerd: dns cache, systeemvakcache en lettertype cache. Of haal ik nu dingen door elkaar?
- Heb je F-Secure als demoversie uitgeprobeerd?
Zorg ervoor dat alle openstaande webbrowservensters gesloten zijn.
Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:e045e7bb47]Kladblok (of Notepad)[/b:e045e7bb47]". .
Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster
[b:e045e7bb47] - Laat het ComboFixscript maar achterwege inderdaad, indien het enkel de F-Secure onlinescanner betreft.
Wat betreft die mappen: laat Windows die maar beheren.
[b:56f7905949]Doe de ESET online scan (Klik).[/b:56f7905949]
[list:56f7905949]
[*:56f7905949]Klik op de knop [b:56f7905949]ESET Online Scanner[/b:56f7905949]
[*:56f7905949]Zet een vinkje bij [b:56f7905949]YES, I accept the Terms of Use[/b:56f7905949]
[*:56f7905949]Klik op [b:56f7905949]Start[/b:56f7905949]
[*:56f7905949]Sta het ActiveX control toe om te installeren.
[*:56f7905949]Zet een vinkje bij de volgende opties:
[list:56f7905949][*:56f7905949][b:56f7905949]Remove found threats[/b:56f7905949]
[*:56f7905949][b:56f7905949]Scan archives[/b:56f7905949][/list:u:56f7905949]
[*:56f7905949]Klik vervolgens op [b:56f7905949] - Hier de resultaten:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3604d7a1a4f26d40bd5b0c4643b9ff63
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-04-08 08:01:25
# local_time=2012-04-08 10:01:25 (+0100, West-Europa (zomertijd))
# country="Netherlands"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 17297759 17297759 0 0
# compatibility_mode=3073 16777213 80 71 2330076 9593981 0 0
# compatibility_mode=5893 16776574 100 94 17283990 85541415 0 0
# compatibility_mode=8192 67108863 100 0 134 134 0 0
# scanned=175123
# found=8
# cleaned=8
# scan_time=3720
C:\Users\Desktop1\Downloads\cnet2_dvdflick_setup_1_3_0_7_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Desktop1\Downloads\cnet_SopCast_zip.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Desktop1\Downloads\CrystalDiskMark3_0_1b-en.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Desktop1\Downloads\SoftonicDownloader_for_sopcast.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
H:\laptop schijf D juli 2008\verwisselbare schijf november 2006\NOD32\NOD32-FiX 1.8.exe Win32/RiskWare.HackAV.FU application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
H:\Nieuwe map\nieuw HDD\Install\NOD32\NOD32-FiX 1.8.exe Win32/RiskWare.HackAV.FU application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
H:\Nieuwe map\nieuw HDD\laptop schijf D juli 2008\verwisselbare schijf november 2006\NOD32\NOD32-FiX 1.8.exe Win32/RiskWare.HackAV.FU application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
H:\Nieuwe map\nieuw HDD\laptop schijf D juli 2008\verwisselbare schijf november 2006\WINRAR\WinRAR v3.60 corporate FINAL.rar probably a variant of Win32/Agent.FTMYHHE trojan (deleted - quarantined) 00000000000000000000000000000000 C - Hallo Jan, een kleine waarschuwing over het downloaden via CNET en SofTonic.
De downloads van deze sites zitten in een wrapper.
Die van CNET is wat dat betreft onschuldiger dan die van SofTonic, die in sommige gevallen zelfs de vieze Babylon Toolbar installeert, zonder dat je er weet van hebt!
In ieder geval wordt ook spyware in je PC gezet om gebruiksgegevens door te zenden!
En verwijder geheel die oude downloads uit 2006/2008.
Die heb je echt niet meer nodig.
Ondervindt je overigens nog hinder in jouw Windows? - [quote:50563da07c="Abraham54"]Hallo Jan, een kleine waarschuwing over het downloaden via CNET en SofTonic.
De downloads van deze sites zitten in een wrapper.
Die van CNET is wat dat betreft onschuldiger dan die van SofTonic, die in sommige gevallen zelfs de vieze Babylon Toolbar installeert, zonder dat je er weet van hebt!
In ieder geval wordt ook spyware in je PC gezet om gebruiksgegevens door te zenden!
En verwijder geheel die oude downloads uit 2006/2008.
Die heb je echt niet meer nodig.
Ondervindt je overigens nog hinder in jouw Windows?[/quote:50563da07c]
Dacht dat downloaden via CNET en Softonic veilig was….Van welke sites kun je dan wel 'veilig' downloaden? Heb nooit erg hinder ervaren met windows. Vroeg mij alleen af of die file lsass.exe wel veilig is en waarom die genoemde poorten niet stealth zijn. Kennelijk is lsass.exe wel een veilig windowsbestand.
Nod32 vindt kennelijk meer dan AVG! Gebruik deze laatste omdat hij gratis is. Ja..inderdaad moet mijn computer eens opschonen.
Bedankt voor het meekijken en je reacties.
Groeten, - Avast 7 Free is nog beter dan AVG.
En Nod schijn je eerder illegitiem gebruikt te hebben. - Gebruik nod was idd illegaal. Ik vind dat ze software veel goedkoper moeten aanbieden. Verdwijnt de illegaliteit ook grotendeels vanzelf.
Bedankt voor al je reacties.
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.
