Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

spyware?

iemand85
19 antwoorden
  • hallo,
    volgens mij heb ik last van spyware, Als het iets anders is kan natuurlijk ook, ik heb er niet veel verstand van:

    *Internet werd ontzettend traag
    * een tijdje geleden had ik via posts op dit forum begrepen dat het voor als je in een studentenhuis woont ivm veiligheid beter is de optie 'printer delen' uit te vinken. nu internet zo traag was ging ik daar kijken, en 'met wachtwoord delen' stond aan. ik kon me niet herinneren dat ik dat aan had gezet, dus nu direct uit gezet. waarschijnlijk had ik internet aan laten staan, s'avonds bleken opeens een heel aantal optie's in het zelfde lijstje aangezet.

    Klopt het dat dit komt door spyware?
    wat moet ik er aan doen?
    hieronder een scan met hijjack this, MBAM vond niks, die had ik wel geupdate
    LE
  • bij deze het log, hij jack this van een jaar oud:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:25:07, on 23-4-2013
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16476)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ecosia.org/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: http://www.hotmail.com
    O15 - Trusted Zone: www.live.com
    O15 - Trusted Zone: http://www.youtube.com
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Veoh Giraffic Video Accelerator (Giraffic) - Unknown owner - C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
    O23 - Service: WajamUpdater - Wajam - C:\Program Files\Wajam\Updater\WajamUpdater.exe


    End of file - 5322 bytes
  • Graag de drie logs in één keer posten.

  • dank je wel! volgens mij heb je vaker mijn ict problemen opgelost,

    bij deze de blog's
    # AdwCleaner v2.202 - Verslag gemaakt op 25/04/2013 om 17:23:06
    # Geactualiseerd op 23/04/2013 door Xplode
    # Besturingssysteem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # Gebruiker : Gebruiker - PC_VAN_GEBRUIKE
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Users\Gebruiker\Desktop\adwcleaner.exe
    # Optie [Verwijderen]


    ***** [Diensten] *****

    Gestopt & Verwijdert : WajamUpdater

    ***** [Files / Mappen] *****

    File Verwijdert : C:\END
    Map Verwijdert : C:\Program Files\Wajam
    Map Verwijdert : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\eghepdicbhhbhegihkllkmgjggcjpkma
    Map Verwijdert : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
    Map Verwijdert : C:\Users\Gebruiker\AppData\Local\Wajam
    Map Verwijdert : C:\Users\Gebruiker\AppData\LocalLow\Conduit
    Map Verwijdert : C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
    Verwijdert bij het opstarten : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\eghepdicbhhbhegihkllkmgjggcjpkma

    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar
    Sleutel Verwijdert : HKCU\Software\Conduit
    Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\eghepdicbhhbhegihkllkmgjggcjpkma
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Sleutel Verwijdert : HKCU\Software\Wajam
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wajam.WajamBHO
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\eghepdicbhhbhegihkllkmgjggcjpkma
    Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
    Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
    Sleutel Verwijdert : HKLM\Software\Wajam
    Sleutel Verwijdert : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater

    ***** [Browsers] *****

    -\\ Internet Explorer v9.0.8112.16476

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    -\\ Google Chrome v26.0.1410.64

    File : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Verwijdert [l.47] : icon_url = "hxxp://search.conduit.com/fav.ico",
    Verwijdert [l.50] : keyword = "search.conduit.com",
    Verwijdert [l.54] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&cui=UN36[…]
    Verwijdert [l.55] : suggest_url = "hxxp://suggest.search.conduit.com/Suggest.ashx?q=[{searchTerms}]"
    Verwijdert [l.2293] : homepage = "hxxp://search.conduit.com/?ctid=CT3201317&SearchSource=48&CUI=UN36011189492682731&UM[…]

    *************************

    AdwCleaner[R1].txt - [6549 octets] - [04/08/2012 11:11:28]
    AdwCleaner[R2].txt - [944 octets] - [05/08/2012 00:29:40]
    AdwCleaner[R3].txt - [1773 octets] - [22/11/2012 09:13:43]
    AdwCleaner[R4].txt - [1833 octets] - [22/11/2012 09:14:07]
    AdwCleaner[S1].txt - [6765 octets] - [04/08/2012 11:13:02]
    AdwCleaner[S2].txt - [1004 octets] - [05/08/2012 00:31:38]
    AdwCleaner[S3].txt - [1750 octets] - [22/11/2012 09:17:29]
    AdwCleaner[S4].txt - [4711 octets] - [25/04/2013 17:23:06]

    ########## EOF - C:\AdwCleaner[S4].txt - [4771 octets] ##########

    RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com
    oguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    besturingssysteem : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
    Gestart vanuit : Normale modus
    Gebruiker : Gebruiker [Administrator rechten]
    Modus : Scan – Datum : 04/25/2013 17:40:00
    | ARK || FAK || MBR |

    ¤¤¤ Kwaadaardige processen : 0 ¤¤¤

    ¤¤¤ Register verwijzingen : 6 ¤¤¤
    [HJPOL] HKCU\[…]\System : DisableTaskMgr (0) -> gevonden
    [HJPOL] HKCU\[…]\System : DisableRegistryTools (0) -> gevonden
    [HJ DESK] HKCU\[…]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> gevonden
    [HJ DESK] HKCU\[…]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> gevonden
    [HJ DESK] HKLM\[…]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> gevonden
    [HJ DESK] HKLM\[…]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden

    ¤¤¤ Speciale Files / Folders: ¤¤¤

    ¤¤¤ Driver : [Geladen] ¤¤¤

    ¤¤¤ HOSTS Bestand: ¤¤¤
    –> C:\Windows\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Controle: ¤¤¤

    +++++ PhysicalDrive0: Hitachi HTS721010G9SA00 ATA Device +++++
    — User —
    [MBR] 4c5ad099b8b10c0d102856350a81599f
    [BSP] 99e921080f6c02e2dc20e00d35de89f2 : Windows Vista MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 95393 Mo
    User = LL1 … OK!
    User = LL2 … OK!

    +++++ PhysicalDrive1: USB DISK 2.0 USB Device +++++
    — User —
    [MBR] 164d47e4b100ae160437ea076f6fd48d
    [BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
    Partition table:
    0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8064 | Size: 3696 Mo
    User = LL1 … OK!
    Error reading LL2 MBR!

    Gereed : << RKreport[1]_S_04252013_02d1740.txt >>
    RKreport[1]_S_04252013_02d1740.txt



    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 4.8.9 (04.22.2013:1)
    OS: Windows Vista (TM) Home Premium x86
    Ran by Gebruiker on do 25-04-2013 at 17:29:03,27
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders



    ~~~ Chrome

    Successfully deleted: [Folder] C:\Users\Gebruiker\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on do 25-04-2013 at 17:30:55,16
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    dat waren ze
  • Zelf gebruik ik hiervoor Spyware Terminator 2012. Werkt prima.
  • Download [b:30d5d55aeb]TDSSKStarter[/b:30d5d55aeb] naar het bureaublad.

    [b:30d5d55aeb]"[i:30d5d55aeb]TDSSKStarter.exe[/i:30d5d55aeb]" gebruiken[/b:30d5d55aeb]:
    [list:30d5d55aeb][*:30d5d55aeb] [b:30d5d55aeb]
  • bij deze het nieuwe log
    13:24:34.0526 3156 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
    13:24:34.0526 3156 ============================================================
    13:24:34.0526 3156 Current date / time: 2013/04/26 13:24:34.0526
    13:24:34.0526 3156 SystemInfo:
    13:24:34.0526 3156
    13:24:34.0526 3156 OS Version: 6.0.6002 ServicePack: 2.0
    13:24:34.0526 3156 Product type: Workstation
    13:24:34.0526 3156 ComputerName: PC_VAN_GEBRUIKE
    13:24:34.0526 3156 UserName: Gebruiker
    13:24:34.0526 3156 Windows directory: C:\Windows
    13:24:34.0526 3156 System windows directory: C:\Windows
    13:24:34.0526 3156 Processor architecture: Intel x86
    13:24:34.0526 3156 Number of processors: 2
    13:24:34.0526 3156 Page size: 0x1000
    13:24:34.0526 3156 Boot type: Normal boot
    13:24:34.0526 3156 ============================================================
    13:24:36.0352 3156 Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 (93.16 Gb), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    13:24:36.0352 3156 ============================================================
    13:24:36.0352 3156 \Device\Harddisk0\DR0:
    13:24:36.0352 3156 MBR partitions:
    13:24:36.0352 3156 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBA50E02
    13:24:36.0352 3156 ============================================================
    13:24:36.0383 3156 C: <-> \Device\Harddisk0\DR0\Partition1
    13:24:36.0383 3156 ============================================================
    13:24:36.0383 3156 Initialize success
    13:24:36.0383 3156 ============================================================
    13:24:36.0476 3768 ============================================================
    13:24:36.0476 3768 Scan started
    13:24:36.0476 3768 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
    13:24:36.0476 3768 ============================================================
    13:24:39.0284 3768 ================ Scan system memory ========================
    13:24:39.0284 3768 ================ Scan services =============================
    13:24:39.0581 3768 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
    13:24:39.0924 3768 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    13:24:40.0064 3768 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
    13:24:40.0096 3768 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
    13:24:40.0142 3768 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
    13:24:40.0205 3768 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
    13:24:40.0267 3768 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    13:24:40.0345 3768 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
    13:24:40.0408 3768 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
    13:24:40.0470 3768 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
    13:24:40.0564 3768 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
    13:24:41.0032 3768 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
    13:24:41.0078 3768 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
    13:24:41.0110 3768 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
    13:24:41.0141 3768 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
    13:24:41.0234 3768 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
    13:24:41.0328 3768 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
    13:24:41.0422 3768 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    13:24:41.0484 3768 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
    13:24:41.0546 3768 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
    13:24:41.0640 3768 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
    13:24:41.0702 3768 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
    13:24:41.0734 3768 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
    13:24:41.0858 3768 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
    13:24:41.0983 3768 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
    13:24:42.0046 3768 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
    13:24:42.0124 3768 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    13:24:42.0202 3768 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
    13:24:42.0264 3768 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    13:24:42.0342 3768 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
    13:24:42.0545 3768 [ 8FA553E9AE69808D99C164733A0F9590 ] avast\Program Files\AVAST Software\Avast\AvastSvc.exe
    13:24:42.0623 3768 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
    13:24:42.0748 3768 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
    13:24:43.0013 3768 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
    13:24:43.0122 3768 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
    13:24:43.0278 3768 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    13:24:43.0387 3768 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
    13:24:43.0434 3768 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
    13:24:43.0543 3768 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
    13:24:43.0621 3768 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
    13:24:43.0746 3768 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
    13:24:43.0840 3768 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
    13:24:43.0933 3768 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
    13:24:44.0027 3768 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
    13:24:44.0339 3768 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    13:24:44.0526 3768 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    13:24:44.0635 3768 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
    13:24:44.0729 3768 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
    13:24:44.0900 3768 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
    13:24:45.0212 3768 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    13:24:45.0384 3768 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    13:24:45.0478 3768 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    13:24:45.0649 3768 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
    13:24:45.0758 3768 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    13:24:45.0836 3768 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
    13:24:45.0883 3768 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
    13:24:46.0086 3768 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
    13:24:46.0273 3768 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
    13:24:46.0476 3768 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    13:24:46.0694 3768 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
    13:24:46.0882 3768 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
    13:24:47.0038 3768 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
    13:24:47.0178 3768 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
    13:24:47.0287 3768 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
    13:24:47.0552 3768 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
    13:24:47.0740 3768 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    13:24:48.0052 3768 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    13:24:48.0223 3768 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
    13:24:48.0379 3768 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
    13:24:48.0551 3768 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
    13:24:48.0722 3768 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    13:24:48.0816 3768 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
    13:24:48.0894 3768 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
    13:24:48.0972 3768 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
    13:24:49.0112 3768 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
    13:24:49.0222 3768 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
    13:24:49.0378 3768 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
    13:24:49.0502 3768 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
    13:24:49.0596 3768 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    13:24:49.0721 3768 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
    13:24:49.0799 3768 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
    13:24:49.0908 3768 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    13:24:49.0986 3768 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    13:24:50.0048 3768 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    13:24:50.0204 3768 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    13:24:50.0298 3768 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
    13:24:50.0454 3768 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    13:24:50.0501 3768 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    13:24:50.0610 3768 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
    13:24:50.0719 3768 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    13:24:50.0813 3768 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
    13:24:51.0031 3768 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
    13:24:51.0047 3768 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
    13:24:51.0172 3768 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    13:24:51.0390 3768 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
    13:24:51.0499 3768 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
    13:24:51.0640 3768 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
    13:24:51.0874 3768 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
    13:24:51.0936 3768 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    13:24:52.0030 3768 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
    13:24:52.0139 3768 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
    13:24:52.0295 3768 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
    13:24:52.0529 3768 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
    13:24:52.0825 3768 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
    13:24:52.0919 3768 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
    13:24:52.0997 3768 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
    13:24:53.0137 3768 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
    13:24:53.0309 3768 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    13:24:53.0434 3768 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
    13:24:53.0527 3768 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
    13:24:53.0668 3768 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
    13:24:53.0761 3768 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    13:24:53.0886 3768 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    13:24:54.0026 3768 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    13:24:54.0198 3768 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    13:24:54.0292 3768 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
    13:24:54.0401 3768 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
    13:24:54.0650 3768 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    13:24:54.0728 3768 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    13:24:54.0822 3768 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    13:24:54.0916 3768 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
    13:24:55.0040 3768 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
    13:24:55.0087 3768 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
    13:24:55.0134 3768 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    13:24:55.0181 3768 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    13:24:55.0228 3768 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
    13:24:55.0306 3768 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    13:24:55.0368 3768 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
    13:24:55.0540 3768 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
    13:24:55.0680 3768 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    13:24:55.0805 3768 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    13:24:55.0914 3768 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
    13:24:56.0008 3768 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
    13:24:56.0148 3768 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
    13:24:56.0226 3768 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
    13:24:56.0288 3768 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
    13:24:56.0351 3768 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
    13:24:56.0460 3768 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
    13:24:56.0678 3768 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    13:24:56.0788 3768 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    13:24:56.0866 3768 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
    13:24:56.0990 3768 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
    13:24:57.0037 3768 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
    13:24:57.0131 3768 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
    13:24:57.0224 3768 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    13:24:57.0271 3768 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    13:24:57.0334 3768 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    13:24:57.0427 3768 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
    13:24:57.0521 3768 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
    13:24:57.0583 3768 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    13:24:57.0646 3768 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
    13:24:57.0724 3768 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
    13:24:57.0770 3768 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    13:24:57.0817 3768 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    13:24:57.0926 3768 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    13:24:57.0958 3768 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    13:24:58.0004 3768 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
    13:24:58.0067 3768 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    13:24:58.0129 3768 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
    13:24:58.0238 3768 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    13:24:58.0332 3768 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    13:24:58.0426 3768 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    13:24:58.0519 3768 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    13:24:58.0628 3768 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    13:24:58.0691 3768 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    13:24:58.0784 3768 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    13:24:58.0862 3768 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
    13:24:58.0909 3768 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    13:24:59.0018 3768 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
    13:24:59.0112 3768 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
    13:24:59.0221 3768 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS
    wifi.sys
    13:24:59.0346 3768 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers
    dis.sys
    13:24:59.0533 3768 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS
    distapi.sys
    13:24:59.0705 3768 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS
    disuio.sys
    13:24:59.0814 3768 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS
    diswan.sys
    13:24:59.0954 3768 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    13:25:00.0095 3768 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS
    etbios.sys
    13:25:00.0313 3768 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS
    etbt.sys
    13:25:00.0407 3768 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
    13:25:00.0734 3768 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32
    etman.dll
    13:25:00.0922 3768 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32
    etprofm.dll
    13:25:01.0031 3768 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    13:25:01.0436 3768 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
    13:25:01.0998 3768 [ 6522DD40A5F67CED020BD81B856613FB ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
    13:25:02.0248 3768 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers
    frd960.sys
    13:25:02.0404 3768 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32
    lasvc.dll
    13:25:02.0528 3768 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    13:25:02.0638 3768 [ 75AC610A7481CB1F343DC971249BCB19 ] NPF_devolo C:\Windows\system32\drivers
    pf_devolo.sys
    13:25:02.0638 3768 NPF_devolo ( UnsignedFile.Multi.Generic ) -
    13:25:02.0638 3768 NPF_devolo - detected UnsignedFile.Multi.Generic (1)
    13:25:02.0669 3768 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32
    sisvc.dll
    13:25:02.0716 3768 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers
    siproxy.sys
    13:25:02.0950 3768 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    13:25:03.0106 3768 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers
    trigdigi.sys
    13:25:03.0215 3768 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
    13:25:03.0995 3768 [ DC89868592D74DE404406C9420C3F277 ] nvlddmkm C:\Windows\system32\DRIVERS
    vlddmkm.sys
    13:25:11.0342 3768 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers
    vraid.sys
    13:25:11.0389 3768 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers
    vstor.sys
    13:25:11.0436 3768 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers
    v_agp.sys
    13:25:11.0576 3768 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    13:25:11.0623 3768 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
    13:25:11.0748 3768 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    13:25:11.0842 3768 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
    13:25:11.0920 3768 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
    13:25:12.0029 3768 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
    13:25:12.0138 3768 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
    13:25:12.0200 3768 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
    13:25:12.0294 3768 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
    13:25:12.0341 3768 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
    13:25:12.0388 3768 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
    13:25:12.0419 3768 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    13:25:12.0606 3768 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    13:25:12.0934 3768 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
    13:25:13.0168 3768 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    13:25:13.0464 3768 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
    13:25:13.0573 3768 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
    13:25:13.0807 3768 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    13:25:13.0963 3768 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    13:25:14.0041 3768 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
    13:25:14.0135 3768 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
    13:25:14.0197 3768 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
    13:25:14.0291 3768 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
    13:25:14.0369 3768 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
    13:25:14.0462 3768 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
    13:25:14.0587 3768 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
    13:25:14.0712 3768 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    13:25:14.0774 3768 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    13:25:14.0884 3768 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
    13:25:14.0977 3768 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    13:25:15.0102 3768 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
    13:25:15.0242 3768 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    13:25:15.0414 3768 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    13:25:15.0539 3768 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    13:25:15.0632 3768 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    13:25:15.0757 3768 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
    13:25:15.0913 3768 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    13:25:16.0038 3768 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    13:25:16.0147 3768 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
    13:25:16.0210 3768 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
    13:25:16.0288 3768 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
    13:25:16.0334 3768 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
    13:25:16.0444 3768 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    13:25:16.0506 3768 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
    13:25:16.0568 3768 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    13:25:16.0646 3768 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
    13:25:16.0834 3768 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
    13:25:16.0927 3768 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
    13:25:17.0021 3768 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    13:25:17.0146 3768 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    13:25:17.0255 3768 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
    13:25:17.0380 3768 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
    13:25:17.0458 3768 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    13:25:17.0520 3768 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
    13:25:17.0598 3768 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
    13:25:17.0707 3768 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
    13:25:17.0770 3768 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    13:25:17.0832 3768 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    13:25:17.0926 3768 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    13:25:18.0019 3768 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
    13:25:18.0097 3768 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
    13:25:18.0175 3768 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    13:25:18.0222 3768 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
    13:25:18.0269 3768 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
    13:25:18.0316 3768 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
    13:25:18.0721 3768 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    13:25:19.0142 3768 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
    13:25:19.0470 3768 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
    13:25:19.0907 3768 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
    13:25:20.0000 3768 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    13:25:20.0141 3768 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    13:25:20.0250 3768 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
    13:25:20.0312 3768 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
    13:25:20.0406 3768 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
    13:25:20.0500 3768 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    13:25:20.0578 3768 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    13:25:20.0671 3768 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    13:25:20.0796 3768 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
    13:25:20.0874 3768 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
    13:25:20.0999 3768 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
    13:25:21.0061 3768 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
    13:25:21.0139 3768 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
    13:25:21.0186 3768 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
    13:25:21.0233 3768 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
    13:25:21.0467 3768 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
    13:25:21.0623 3768 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
    13:25:21.0732 3768 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
    13:25:21.0826 3768 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
    13:25:22.0091 3768 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    13:25:22.0231 3768 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
    13:25:22.0434 3768 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    13:25:22.0559 3768 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    13:25:22.0652 3768 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    13:25:22.0793 3768 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    13:25:22.0902 3768 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
    13:25:23.0058 3768 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
    13:25:23.0167 3768 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
    13:25:23.0230 3768 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
    13:25:23.0339 3768 [ CB258C2F726F1BE73C507022BE33EBB3 ] TPM C:\Windows\system32\drivers\tpm.sys
    13:25:23.0417 3768 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
    13:25:23.0573 3768 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    13:25:23.0651 3768 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    13:25:23.0713 3768 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
    13:25:23.0744 3768 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    13:25:23.0807 3768 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
    13:25:23.0854 3768 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    13:25:23.0963 3768 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    13:25:24.0056 3768 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    13:25:24.0119 3768 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
    13:25:24.0166 3768 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
    13:25:24.0244 3768 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
    13:25:24.0290 3768 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
    13:25:24.0400 3768 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
    13:25:24.0509 3768 [ 8BD3AE150D97BA4E633C6C5C51B41AE1 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
    13:25:24.0680 3768 [ 32C068EAF37C92D7194EEE1FAA1E7853 ] USBCCID C:\Windows\system32\DRIVERS\usbccid.sys
    13:25:24.0758 3768 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    13:25:24.0883 3768 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
    13:25:24.0914 3768 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    13:25:24.0977 3768 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
    13:25:25.0086 3768 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    13:25:25.0164 3768 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    13:25:25.0211 3768 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
    13:25:25.0273 3768 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
    13:25:25.0414 3768 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
    13:25:25.0523 3768 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    13:25:25.0616 3768 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
    13:25:25.0741 3768 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
    13:25:25.0835 3768 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
    13:25:25.0944 3768 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
    13:25:25.0991 3768 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    13:25:26.0084 3768 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    13:25:26.0178 3768 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
    13:25:26.0240 3768 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
    13:25:26.0521 3768 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
    13:25:26.0693 3768 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
    13:25:26.0786 3768 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
    13:25:26.0974 3768 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
    13:25:27.0036 3768 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    13:25:27.0130 3768 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
    13:25:27.0286 3768 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    13:25:27.0364 3768 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
    13:25:27.0582 3768 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    13:25:27.0785 3768 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
    13:25:27.0878 3768 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
    13:25:27.0988 3768 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
    13:25:28.0081 3768 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
    13:25:28.0175 3768 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    13:25:28.0268 3768 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
    13:25:28.0362 3768 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
    13:25:28.0690 3768 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
    13:25:28.0814 3768 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    13:25:29.0142 3768 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
    13:25:29.0345 3768 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
    13:25:29.0501 3768 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
    13:25:29.0626 3768 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    13:25:29.0797 3768 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
    13:25:29.0953 3768 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
    13:25:30.0031 3768 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    13:25:30.0203 3768 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    13:25:30.0281 3768 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    13:25:30.0406 3768 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
    13:25:30.0593 3768 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
    13:25:30.0811 3768 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    13:25:30.0905 3768 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    13:25:30.0998 3768 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    13:25:31.0045 3768 ================ Scan global ===============================
    13:25:31.0108 3768 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
    13:25:31.0154 3768 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
    13:25:31.0170 3768 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
    13:25:31.0295 3768 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
    13:25:31.0326 3768 ================ Scan MBR ==================================
    13:25:31.0342 3768 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
    13:25:31.0950 3768 ================ Scan VBR ==================================
    13:25:31.0950 3768 [ 36737AC7DFD2C6B74FDF9E2BA34905C5 ] \Device\Harddisk0\DR0\Partition1
    13:25:31.0950 3768 ================ Scan UEFI extensions ======================
    13:25:31.0950 3768 ================ Scan active images ========================
    13:25:31.0950 3768 ============================================================
    13:25:31.0950 3768 Scan finished
    13:25:31.0950 3768 ============================================================
    13:25:32.0980 0712 Deinitialize success
    .
    ==============================================
    System Restore Point Check:
    .
    TDSSKiller Starter Restore Point Created Succesfully
    ==============================================
    .
    ==============================================
    C:\TDSSStarter\Report_26-04-2013_1322_.log
    ==============================================
    Registry Export
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List]
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    ==============================================
    EOF


















  • Prima, ziet er goed uit.
    We kijken verder:

    [b:f161dafac5]Welk programma[/b:f161dafac5]:
  • ik krijg bij het downloaden de melding: dit bestand lijkt schadelijk te zijn, maar neem aan dat het goed zit
  • ComboFix 13-04-26.01 - Gebruiker 26-04-2013 15:15:40.5.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.1021.415 [GMT 2:00]
    Gestart vanuit: c:\users\Gebruiker\AppData\Local\Google\Chrome\Application\26.0.1410.64\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2013-03-26 to 2013-04-26 ))))))))))))))))))))))))))))))
    .
    .
    2013-04-26 13:22 . 2013-04-26 13:22 ——– d—–w- c:\users\Gebruiker\AppData\Local\temp
    2013-04-26 13:22 . 2013-04-26 13:22 ——– d—–w- c:\users\Public\AppData\Local\temp
    2013-04-26 13:22 . 2013-04-26 13:22 ——– d—–w- c:\users\Default\AppData\Local\temp
    2013-04-26 11:21 . 2013-04-26 11:25 ——– d—–w- C:\TDSSStarter
    2013-04-25 15:28 . 2013-04-25 15:28 ——– d—–w- c:\windows\ERUNT
    2013-04-25 15:28 . 2013-04-25 15:28 ——– d—–w- C:\JRT
    2013-04-25 15:23 . 2013-04-25 15:23 176 —-a-w- c:\windows\DeleteOnReboot.bat
    2013-04-11 19:41 . 2013-03-11 13:25 3603816 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2013-04-11 19:41 . 2013-03-11 13:25 3551080 —-a-w- c:\windows\system32
    toskrnl.exe
    2013-04-11 19:41 . 2013-03-09 01:28 64000 —-a-w- c:\windows\system32\smss.exe
    2013-04-11 19:41 . 2013-03-09 03:45 49152 —-a-w- c:\windows\system32\csrsrv.dll
    2013-04-11 19:41 . 2013-03-03 19:07 1082232 —-a-w- c:\windows\system32\drivers
    tfs.sys
    2013-04-11 19:41 . 2013-03-08 03:52 2067968 —-a-w- c:\windows\system32\mstscax.dll
    2013-04-11 19:41 . 2013-03-05 01:40 2049024 —-a-w- c:\windows\system32\win32k.sys
    2013-04-11 19:40 . 2013-03-08 03:53 376320 —-a-w- c:\windows\system32\winsrv.dll
    2013-04-07 05:28 . 2013-04-07 05:28 ——– d—–w- c:\users\Gebruiker\AppData\Local\ElevatedDiagnostics
    2013-04-07 05:09 . 2013-03-15 07:21 7108640 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{14048000-F10B-473C-8FF6-1C4BD9895A48}\mpengine.dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-03-11 23:10 . 2011-06-24 11:12 237088 ——w- c:\windows\system32\MpSigStub.exe
    2013-02-12 01:57 . 2013-03-13 17:05 15872 —-a-w- c:\windows\system32\drivers\usb8023.sys
    2012-11-03 16:24 . 2012-11-03 16:24 7723546 —-a-w- c:\program files\peazip-4.7.3.WINDOWS.exe
    2012-07-23 19:51 . 2012-07-23 19:51 4583914 —-a-r- c:\program files\ComboFix.exe
    2012-07-23 18:56 . 2012-07-23 18:57 388608 —-a-w- c:\program files\HijackThis.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2012-10-30 22:50 121528 —-a-w- c:\program files\AVAST Software\Avast\ashShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 —-a-w- c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
    @="Service"
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
    backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2011-06-06 10:55 937920 —-a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
    2012-02-20 19:28 59240 —-a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    2011-09-11 07:09 136176 —-atw- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
    2009-02-26 16:36 30040 —-a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2012-03-27 03:09 421736 —-a-w- c:\program files\itunes\iTunesHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
    2012-07-03 11:46 462920 —-a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    2007-10-04 19:24 8497696 —-a-w- c:\windows\System32
    vcpl.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVHotkey]
    2007-10-04 19:24 86016 —-a-w- c:\windows\System32
    vhotkey.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    2007-10-04 19:24 81920 —-a-w- c:\windows\System32
    vmctray.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
    2007-10-04 19:24 86016 —-a-w- c:\windows\System32
    vsvc.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2012-04-18 18:56 421888 —-a-w- c:\program files\quicktime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
    2009-04-11 06:28 1233920 —-a-w- c:\program files\Windows Sidebar\sidebar.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    2012-07-13 11:33 17418928 —-a-r- c:\program files\Skype\Phone\Skype.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
    2013-04-08 12:54 4503448 —-a-w- c:\users\Gebruiker\AppData\Roaming\Spotify\spotify.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
    2013-04-08 12:51 1104280 —-a-w- c:\users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2012-01-17 09:07 252296 —-a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    2012-06-05 20:23 296056 —-a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    2008-01-19 07:33 202240 —-a-w- c:\program files\Windows Media Player\wmpnscfg.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "AntiVirusOverride"=dword:00000001
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - 65742251
    *NewlyCreated* - 71865553
    *Deregistered* - 65742251
    *Deregistered* - 71865553
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2013-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-25 16:29]
    .
    2013-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-25 16:29]
    .
    2013-04-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3632470845-1243836632-4002592152-1000Core.job
    - c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-18 07:09]
    .
    2013-04-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3632470845-1243836632-4002592152-1000UA.job
    - c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-18 07:09]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.ecosia.org/
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    Trusted Zone: hotmail.com\www
    Trusted Zone: live.com\dub114.mail
    Trusted Zone: live.com\login
    Trusted Zone: live.com\www
    Trusted Zone: youtube.com\www
    TCP: DhcpNameServer = 192.168.156.1
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    SafeBoot-WudfPf
    SafeBoot-WudfRd
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2013-04-26 15:22
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————
    .
    - - - - - - - > 'Explorer.exe'(3908)
    c:\users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    c:\windows\system32\ieframe.dll
    .
    Voltooingstijd: 2013-04-26 15:24:58
    ComboFix-quarantined-files.txt 2013-04-26 13:24
    ComboFix2.txt 2012-08-06 14:12
    ComboFix3.txt 2012-08-06 13:57
    ComboFix4.txt 2012-08-05 21:26
    ComboFix5.txt 2013-04-26 13:13
    .
    Pre-Run: 44.720.267.264 bytes beschikbaar
    Post-Run: 44.716.425.216 bytes beschikbaar
    .
    - - End Of File - - 62917568873A203853B42BC82B6AABA3






  • Het log ziet er prima uit, laat maar weten hoe het inmiddels gaat.
  • het gaat goed, weer normale snelheid van internet. die gevonden bestanden van Roguekiller hoef ik niks mee te doen?
    ik gebruik een dell latitude d820, is het verstandig de gedownloade programma's te houden? kan me voorstellen dat het met een nieuwere sneller apparaat het niet uitmaakt, maar bij mij wel?


    RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com
    oguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    besturingssysteem : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
    Gestart vanuit : Normale modus
    Gebruiker : Gebruiker [Administrator rechten]
    Modus : Scan – Datum : 04/26/2013 16:43:19
    | ARK || FAK || MBR |

    ¤¤¤ Kwaadaardige processen : 0 ¤¤¤

    ¤¤¤ Register verwijzingen : 7 ¤¤¤
    [HJPOL] HKCU\[…]\System : DisableTaskMgr (0) -> gevonden
    [HJPOL] HKCU\[…]\System : DisableRegistryTools (0) -> gevonden
    [HJPOL] HKLM\[…]\System : DisableRegistryTools (0) -> gevonden
    [HJ DESK] HKCU\[…]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> gevonden
    [HJ DESK] HKCU\[…]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> gevonden
    [HJ DESK] HKLM\[…]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> gevonden
    [HJ DESK] HKLM\[…]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden

    ¤¤¤ Speciale Files / Folders: ¤¤¤

    ¤¤¤ Driver : [Geladen] ¤¤¤

    ¤¤¤ HOSTS Bestand: ¤¤¤
    –> C:\Windows\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Controle: ¤¤¤

    +++++ PhysicalDrive0: Hitachi HTS721010G9SA00 ATA Device +++++
    — User —
    [MBR] 4c5ad099b8b10c0d102856350a81599f
    [BSP] 99e921080f6c02e2dc20e00d35de89f2 : Windows Vista MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 95393 Mo
    User = LL1 … OK!
    User = LL2 … OK!

    Gereed : << RKreport[2]_S_04262013_02d1643.txt >>
    RKreport[1]_S_04252013_02d1740.txt ; RKreport[2]_S_04262013_02d1643.txt
  • Je hoeft verder niks te doen met RogueKiller hoor.
    Wat betreft jouw notebook, met een SSD en Windows 7 kan je er nog weer een tijdje tegenaan zonder echt naar een nieuwer notebook te gaan.

    Anderzijds op Marktplaats staan wel een paar mooie aanbiedingen betreffende Latitudes uit de E6500 en 6510 serie.
    Vooral die met LED-scherm zijn ook voor je ogen een weldaad wat betreft kleuren weergave en helderheid.

    Download naar je bureaublad [b:5cc8efe870].
    [list:5cc8efe870][*:5cc8efe870] Klik/dubbelklik op [b:5cc8efe870]SecurityCheck.exe[/b:5cc8efe870] en let op de instrukties in het zwarte venster.
    [*:5cc8efe870] Een Kladblok document genaamd [b:5cc8efe870]checkup.txt[/b:5cc8efe870] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:5cc8efe870] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:5cc8efe870]
    Post de inhoud van [b:5cc8efe870]checkup.txt [/b:5cc8efe870]in je volgende post.
  • nu eerst het log, vanmiddag de rest:
    Results of screen317's Security Check version 0.99.63
    Windows Vista Service Pack 2 x86 (UAC is enabled)
    Internet Explorer 9
    ``````````````Antivirus/Firewall Check:``````````````
    avast! Antivirus
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Malwarebytes Anti-Malware versie 1.62.0.1300
    CCleaner
    JavaFX 2.1.1
    Java 7 Update 9

    Adobe Reader 10.1.0
    Google Chrome 26.0.1410.43
    Google Chrome 26.0.1410.64
    ````````Process Check: objlist.exe by Laurent````````
    Malwarebytes Anti-Malware mbamservice.exe
    AVAST Software Avast AvastSvc.exe
    AVAST Software Avast AvastUI.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: %
    ````````````````````End of Log``````````````````````
  • Daar moet dus een en ander geregeld worden.

    Daar moet dringend wat aan gedaan worden!
    Ga naar [b:78f893a127]
  • mooi, ga ik doen als ik thuis ben, zit nu achter een andere pc.\

    over een andere pc kopen: als ik een tweedehans laptop/nootebook zie kan ik niet beoordelen wat ik koop, of iemand ermee heeft zitten prutsen, etc. daarom kocht ik tot nu toe een tweedehands dell via een winkel, met garantie, liever een paar euros meer voor meer zekerheid, maar mijn laatste aankoop is mij toch niet zo goed bevallen.

    nog een paar vragen:
    ik moest mijn netwerk opnieuw instellen, als ik invul: thuis netwerk, dan worden een aantal netwerk instellingen verkeerd ingesteld, dus ik stel in particuliere computer?

    en netwerk detecteren: dit kan ik uit zetten omdat ik wlan heb?

    last but not least: bedankt voor alle hulp!
  • Je kiest altijd voor openbaar netwerk, indien je niet in je thuisnetwerkzit.
    En heb je thuis ook geen eigen netwerk, ook dan voor openbaar kiezen.

    Netwerkdetectie niet uitzetten als je ook WLAN gebruikt.

    Al mijn Dell's zijn via Marktplaats gekomen, zo ook mijn nieuwste M6700!
  • mbt marktplaats: je kijkt dan of diegene betrouwbaar over komt, of het goed werkt, etc. en dan neem je hem mee?
  • Mijn huidige is opgestuurd!
    Het ging hierbij om een volkomen nieuwe M6700 waar ik de servicetag code van kreeg en dus via Dell support alles kon inzien en heb daarna de laptop via Dell geconfigureerd en daaruit bleek dat ik spekkoper werd!
    Ik was namelijk bijna de helft goedkoper met deze aanschaf.
    En dat alles doordat degene die hem had aangeschaft, het notebook te groot vond!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.