Yabui
-
Items
60 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Yabui
-
Verslag van combofix : ComboFix 12-02-19.02 - Asus 20/02/2012 10:26:35.2.4 - x64 NETWORK Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4008.3437 [GMT 1:00] Gestart vanuit: c:\users\Asus\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Asus\Desktop\CFScript.txt AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\assembly\GAC_32\Desktop.ini c:\windows\assembly\GAC_64\Desktop.ini c:\windows\assembly\temp\@ c:\windows\assembly\temp\cfg.ini c:\windows\system32\consrv.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-20 to 2012-02-20 )))))))))))))))))))))))))))))) . . 2012-02-19 17:08 . 2012-02-19 17:08 -------- d-----w- c:\users\Asus\AppData\Roaming\Malwarebytes 2012-02-19 17:08 . 2012-02-19 17:08 -------- d-----w- c:\programdata\Malwarebytes 2012-02-19 17:08 . 2012-02-19 17:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-02-19 17:08 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-19 16:54 . 2012-02-19 16:54 -------- d-----w- c:\users\Asus\AppData\Local\ElevatedDiagnostics 2012-02-19 13:45 . 2012-02-19 13:45 -------- d-----w- c:\users\Asus\AppData\Roaming\Tific 2012-02-19 13:45 . 2012-02-19 13:45 -------- d-----w- c:\users\Asus\AppData\Local\Symantec 2012-02-19 13:43 . 2012-02-20 09:22 0 --sha-w- c:\windows\system32\dds_trash_log.cmd 2012-02-15 12:48 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-15 12:48 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-02-15 12:48 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl 2012-02-15 12:48 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl 2012-02-15 12:48 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-02-15 12:48 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys 2012-02-15 12:47 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-15 12:47 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2012-02-12 20:43 . 2012-02-12 20:43 -------- d-----w- c:\program files\Common Files\Deterministic Networks 2012-02-12 20:43 . 2012-02-12 20:43 -------- d-----w- c:\program files (x86)\Cisco Systems 2012-01-31 16:17 . 2012-02-10 07:32 -------- d-----w- c:\windows\system32\drivers\NAVx64\1207000.00D . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((( SnapShot@2012-02-19_20.46.05 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-02-19 19:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-02-19 20:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-02-19 20:57 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-02-19 19:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-02-19 19:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-02-19 20:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-11-21 03:09 . 2012-02-19 20:53 44088 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-02-19 20:54 35250 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2012-02-19 14:09 . 2012-02-19 17:22 67584 c:\windows\system32\LogFiles\Srt\bootstat.dat + 2012-02-19 14:09 . 2012-02-20 09:14 67584 c:\windows\system32\LogFiles\Srt\bootstat.dat + 2011-05-18 12:10 . 2012-02-20 09:22 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-05-18 12:10 . 2012-02-19 13:58 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-05-18 12:10 . 2012-02-20 09:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-05-18 12:10 . 2012-02-19 13:58 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-02-19 13:58 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-02-20 09:22 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-05-18 12:21 . 2012-02-19 20:54 6718 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2765547659-3389848668-315783056-1000_UserData.bin + 2009-07-13 23:31 . 2009-07-14 01:39 6656 c:\windows\system32\racsvc.dll - 2012-02-19 20:45 . 2012-02-19 20:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-02-20 09:29 . 2012-02-20 09:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-02-19 20:45 . 2012-02-19 20:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-02-20 09:29 . 2012-02-20 09:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2010-11-21 16:48 . 2012-02-19 20:57 701798 c:\windows\system32\perfh013.dat + 2009-07-14 02:36 . 2012-02-19 20:57 616242 c:\windows\system32\perfh009.dat + 2010-11-21 16:48 . 2012-02-19 20:57 133798 c:\windows\system32\perfc013.dat + 2009-07-14 02:36 . 2012-02-19 20:57 106622 c:\windows\system32\perfc009.dat + 2009-07-14 05:01 . 2012-02-19 21:48 389116 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2012-02-19 14:03 389116 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-02-20 09:27 . 2012-02-20 09:27 223744 c:\windows\assembly\temp\twl.dll - 2012-02-19 16:43 . 2012-02-19 19:25 223744 c:\windows\assembly\temp\twl.dll + 2011-05-18 13:31 . 2012-02-19 21:48 39365668 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2765547659-3389848668-315783056-1000-8192.dat - 2011-05-18 13:31 . 2012-02-19 14:03 39365668 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2765547659-3389848668-315783056-1000-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="c:\users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-19 137536] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-02-08 2009704] R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1207000.00D\SYMDS64.SYS [x] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1207000.00D\SYMEFA64.SYS [x] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20120215.001\BHDrvx64.sys [2011-12-01 1157240] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20120217.003\IDSvia64.sys [2011-12-15 488568] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1207000.00D\Ironx64.SYS [x] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1207000.00D\SYMNETS.SYS [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416] S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe [2011-04-17 130008] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928] S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-09-22 645048] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-04 138360] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2012-02-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2765547659-3389848668-315783056-1000Core.job - c:\users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 14:58] . 2012-02-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2765547659-3389848668-315783056-1000UA.job - c:\users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 14:58] . 2012-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2765547659-3389848668-315783056-1000Core.job - c:\users\Asus\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-02 09:54] . 2012-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2765547659-3389848668-315783056-1000UA.job - c:\users\Asus\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-02 09:54] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096] "ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 2184520] "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312] "combofix"="c:\combofix\CF21477.3XE" [2010-11-21 345088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs DLH5X npkcsvc ziptoa FA312 NsTrcNT serialkeys caisafe . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Block This Image (ABP) - c:\program files (x86)\Adblock Pro\blockimg.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {{878AC5FC-BE78-4bae-896C-7F75B790A71E} - c:\program files (x86)\PokerStars.BE\PokerStarsUpdate.exe TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{3C34F940-2DD1-4868-98C4-40A375ED08B5}: NameServer = 8.8.8.8 TCP: Interfaces\{3C34F940-2DD1-4868-98C4-40A375ED08B5}\2494247456E647: NameServer = 8.8.8.8 TCP: Interfaces\{3C34F940-2DD1-4868-98C4-40A375ED08B5}\3596475636F6D6: NameServer = 8.8.8.8 TCP: Interfaces\{3C34F940-2DD1-4868-98C4-40A375ED08B5}\4554C454E4544584F4D4543505F445: NameServer = 8.8.8.8 FF - ProfilePath - c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\1oxb8gyd.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NAV] "ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\18.7.0.13\diMaster.dll\" /prefetch:1" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe c:\program files (x86)\Norton AntiVirus\Engine\18.7.0.13\hsplayer.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2012-02-20 10:32:23 - machine werd herstart ComboFix-quarantined-files.txt 2012-02-20 09:32 ComboFix2.txt 2012-02-19 20:49 . Pre-Run: 24.750.882.816 bytes beschikbaar Post-Run: 24.631.083.008 bytes beschikbaar . - - End Of File - - DDDFFEE2B682C218E157C30750FDF3DB Verslag van tdskiller 10:34:55.0231 1780 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14 10:34:55.0387 1780 ============================================================ 10:34:55.0387 1780 Current date / time: 2012/02/20 10:34:55.0387 10:34:55.0387 1780 SystemInfo: 10:34:55.0387 1780 10:34:55.0387 1780 OS Version: 6.1.7601 ServicePack: 1.0 10:34:55.0387 1780 Product type: Workstation 10:34:55.0387 1780 ComputerName: ASUS-PC 10:34:55.0387 1780 UserName: Asus 10:34:55.0387 1780 Windows directory: C:\Windows 10:34:55.0387 1780 System windows directory: C:\Windows 10:34:55.0387 1780 Running under WOW64 10:34:55.0387 1780 Processor architecture: Intel x64 10:34:55.0402 1780 Number of processors: 4 10:34:55.0402 1780 Page size: 0x1000 10:34:55.0402 1780 Boot type: Normal boot 10:34:55.0402 1780 ============================================================ 10:34:59.0708 1780 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 10:34:59.0755 1780 Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 10:34:59.0755 1780 \Device\Harddisk0\DR0: 10:34:59.0755 1780 MBR used 10:34:59.0755 1780 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A857000 10:34:59.0755 1780 \Device\Harddisk1\DR1: 10:34:59.0755 1780 MBR used 10:34:59.0755 1780 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 10:34:59.0755 1780 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x94DC800 10:34:59.0802 1780 Initialize success 10:34:59.0802 1780 ============================================================ 10:35:09.0411 0580 ============================================================ 10:35:09.0411 0580 Scan started 10:35:09.0411 0580 Mode: Manual; 10:35:09.0411 0580 ============================================================ 10:35:09.0552 0580 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 10:35:09.0552 0580 1394ohci - ok 10:35:09.0583 0580 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 10:35:09.0583 0580 ACPI - ok 10:35:09.0598 0580 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 10:35:09.0598 0580 AcpiPmi - ok 10:35:09.0630 0580 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 10:35:09.0645 0580 adp94xx - ok 10:35:09.0661 0580 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 10:35:09.0676 0580 adpahci - ok 10:35:09.0692 0580 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 10:35:09.0692 0580 adpu320 - ok 10:35:09.0739 0580 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 10:35:09.0739 0580 AFD - ok 10:35:09.0754 0580 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 10:35:09.0770 0580 agp440 - ok 10:35:09.0786 0580 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 10:35:09.0786 0580 aliide - ok 10:35:09.0801 0580 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 10:35:09.0801 0580 amdide - ok 10:35:09.0832 0580 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 10:35:09.0832 0580 AmdK8 - ok 10:35:09.0848 0580 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 10:35:09.0848 0580 AmdPPM - ok 10:35:09.0879 0580 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 10:35:09.0879 0580 amdsata - ok 10:35:09.0895 0580 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 10:35:09.0910 0580 amdsbs - ok 10:35:09.0926 0580 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 10:35:09.0926 0580 amdxata - ok 10:35:09.0942 0580 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 10:35:09.0942 0580 AppID - ok 10:35:09.0973 0580 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 10:35:09.0973 0580 arc - ok 10:35:10.0004 0580 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 10:35:10.0004 0580 arcsas - ok 10:35:10.0020 0580 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 10:35:10.0020 0580 ASMMAP64 - ok 10:35:10.0035 0580 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 10:35:10.0035 0580 AsyncMac - ok 10:35:10.0051 0580 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 10:35:10.0051 0580 atapi - ok 10:35:10.0066 0580 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 10:35:10.0066 0580 ATKWMIACPIIO - ok 10:35:10.0113 0580 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 10:35:10.0113 0580 b06bdrv - ok 10:35:10.0144 0580 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 10:35:10.0144 0580 b57nd60a - ok 10:35:10.0176 0580 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 10:35:10.0176 0580 Beep - ok 10:35:10.0207 0580 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20120215.001\BHDrvx64.sys 10:35:10.0207 0580 BHDrvx64 - ok 10:35:10.0238 0580 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 10:35:10.0238 0580 blbdrive - ok 10:35:10.0254 0580 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 10:35:10.0254 0580 bowser - ok 10:35:10.0285 0580 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 10:35:10.0285 0580 BrFiltLo - ok 10:35:10.0300 0580 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 10:35:10.0300 0580 BrFiltUp - ok 10:35:10.0316 0580 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 10:35:10.0332 0580 BridgeMP - ok 10:35:10.0347 0580 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 10:35:10.0363 0580 Brserid - ok 10:35:10.0378 0580 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 10:35:10.0378 0580 BrSerWdm - ok 10:35:10.0394 0580 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 10:35:10.0394 0580 BrUsbMdm - ok 10:35:10.0425 0580 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 10:35:10.0425 0580 BrUsbSer - ok 10:35:10.0441 0580 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 10:35:10.0441 0580 BTHMODEM - ok 10:35:10.0456 0580 catchme - ok 10:35:10.0472 0580 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 10:35:10.0488 0580 cdfs - ok 10:35:10.0503 0580 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 10:35:10.0503 0580 cdrom - ok 10:35:10.0534 0580 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 10:35:10.0534 0580 circlass - ok 10:35:10.0550 0580 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 10:35:10.0566 0580 CLFS - ok 10:35:10.0581 0580 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 10:35:10.0597 0580 CmBatt - ok 10:35:10.0612 0580 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 10:35:10.0612 0580 cmdide - ok 10:35:10.0644 0580 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 10:35:10.0644 0580 CNG - ok 10:35:10.0659 0580 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 10:35:10.0659 0580 Compbatt - ok 10:35:10.0690 0580 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 10:35:10.0690 0580 CompositeBus - ok 10:35:10.0706 0580 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 10:35:10.0722 0580 crcdisk - ok 10:35:10.0737 0580 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys 10:35:10.0737 0580 CVirtA - ok 10:35:10.0768 0580 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys 10:35:10.0768 0580 CVPNDRVA - ok 10:35:10.0800 0580 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 10:35:10.0800 0580 DfsC - ok 10:35:10.0831 0580 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 10:35:10.0831 0580 discache - ok 10:35:10.0846 0580 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 10:35:10.0846 0580 Disk - ok 10:35:10.0862 0580 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys 10:35:10.0878 0580 DNE - ok 10:35:10.0893 0580 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 10:35:10.0909 0580 drmkaud - ok 10:35:10.0940 0580 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 10:35:10.0940 0580 DXGKrnl - ok 10:35:11.0018 0580 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 10:35:11.0049 0580 ebdrv - ok 10:35:11.0080 0580 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 10:35:11.0080 0580 eeCtrl - ok 10:35:11.0127 0580 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 10:35:11.0127 0580 elxstor - ok 10:35:11.0143 0580 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 10:35:11.0143 0580 EraserUtilRebootDrv - ok 10:35:11.0158 0580 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 10:35:11.0158 0580 ErrDev - ok 10:35:11.0190 0580 ETD (5b042aa9cebdab5b61e747ddcebff51b) C:\Windows\system32\DRIVERS\ETD.sys 10:35:11.0190 0580 ETD - ok 10:35:11.0221 0580 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 10:35:11.0221 0580 exfat - ok 10:35:11.0236 0580 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 10:35:11.0252 0580 fastfat - ok 10:35:11.0268 0580 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 10:35:11.0268 0580 fdc - ok 10:35:11.0299 0580 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 10:35:11.0299 0580 FileInfo - ok 10:35:11.0314 0580 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 10:35:11.0330 0580 Filetrace - ok 10:35:11.0346 0580 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 10:35:11.0346 0580 flpydisk - ok 10:35:11.0361 0580 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 10:35:11.0377 0580 FltMgr - ok 10:35:11.0392 0580 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 10:35:11.0408 0580 FsDepends - ok 10:35:11.0424 0580 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 10:35:11.0424 0580 Fs_Rec - ok 10:35:11.0439 0580 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 10:35:11.0455 0580 fvevol - ok 10:35:11.0470 0580 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 10:35:11.0470 0580 gagp30kx - ok 10:35:11.0486 0580 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 10:35:11.0502 0580 hcw85cir - ok 10:35:11.0517 0580 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 10:35:11.0533 0580 HdAudAddService - ok 10:35:11.0548 0580 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 10:35:11.0548 0580 HDAudBus - ok 10:35:11.0564 0580 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 10:35:11.0564 0580 HidBatt - ok 10:35:11.0595 0580 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 10:35:11.0595 0580 HidBth - ok 10:35:11.0611 0580 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 10:35:11.0611 0580 HidIr - ok 10:35:11.0642 0580 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 10:35:11.0642 0580 HidUsb - ok 10:35:11.0673 0580 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 10:35:11.0673 0580 HpSAMD - ok 10:35:11.0704 0580 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 10:35:11.0720 0580 HTTP - ok 10:35:11.0736 0580 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 10:35:11.0736 0580 hwpolicy - ok 10:35:11.0751 0580 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 10:35:11.0751 0580 i8042prt - ok 10:35:11.0782 0580 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys 10:35:11.0782 0580 iaStor - ok 10:35:11.0814 0580 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 10:35:11.0829 0580 iaStorV - ok 10:35:11.0845 0580 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20120217.003\IDSvia64.sys 10:35:11.0845 0580 IDSVia64 - ok 10:35:12.0032 0580 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdkmd64.sys 10:35:12.0188 0580 igfx - ok 10:35:12.0204 0580 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 10:35:12.0219 0580 iirsp - ok 10:35:12.0282 0580 IntcAzAudAddService (72a253efca059d8cf303371255624890) C:\Windows\system32\drivers\RTKVHD64.sys 10:35:12.0297 0580 IntcAzAudAddService - ok 10:35:12.0328 0580 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 10:35:12.0328 0580 IntcDAud - ok 10:35:12.0344 0580 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 10:35:12.0344 0580 intelide - ok 10:35:12.0375 0580 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 10:35:12.0375 0580 intelppm - ok 10:35:12.0391 0580 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:35:12.0406 0580 IpFilterDriver - ok 10:35:12.0422 0580 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 10:35:12.0422 0580 IPMIDRV - ok 10:35:12.0453 0580 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 10:35:12.0453 0580 IPNAT - ok 10:35:12.0469 0580 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 10:35:12.0469 0580 IRENUM - ok 10:35:12.0484 0580 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 10:35:12.0500 0580 isapnp - ok 10:35:12.0516 0580 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 10:35:12.0516 0580 iScsiPrt - ok 10:35:12.0547 0580 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 10:35:12.0547 0580 kbdclass - ok 10:35:12.0562 0580 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 10:35:12.0562 0580 kbdhid - ok 10:35:12.0578 0580 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 10:35:12.0594 0580 kbfiltr - ok 10:35:12.0609 0580 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 10:35:12.0609 0580 KSecDD - ok 10:35:12.0640 0580 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 10:35:12.0640 0580 KSecPkg - ok 10:35:12.0656 0580 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 10:35:12.0656 0580 ksthunk - ok 10:35:12.0687 0580 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys 10:35:12.0687 0580 L1C - ok 10:35:12.0718 0580 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 10:35:12.0718 0580 lltdio - ok 10:35:12.0750 0580 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 10:35:12.0750 0580 LSI_FC - ok 10:35:12.0765 0580 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 10:35:12.0781 0580 LSI_SAS - ok 10:35:12.0796 0580 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 10:35:12.0796 0580 LSI_SAS2 - ok 10:35:12.0812 0580 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 10:35:12.0828 0580 LSI_SCSI - ok 10:35:12.0843 0580 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 10:35:12.0843 0580 luafv - ok 10:35:12.0874 0580 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 10:35:12.0874 0580 megasas - ok 10:35:12.0890 0580 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 10:35:12.0906 0580 MegaSR - ok 10:35:12.0921 0580 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys 10:35:12.0921 0580 MEIx64 - ok 10:35:12.0952 0580 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 10:35:12.0952 0580 Modem - ok 10:35:12.0968 0580 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 10:35:12.0968 0580 monitor - ok 10:35:12.0984 0580 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 10:35:12.0984 0580 mouclass - ok 10:35:13.0015 0580 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 10:35:13.0015 0580 mouhid - ok 10:35:13.0030 0580 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 10:35:13.0030 0580 mountmgr - ok 10:35:13.0062 0580 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 10:35:13.0062 0580 mpio - ok 10:35:13.0077 0580 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 10:35:13.0077 0580 mpsdrv - ok 10:35:13.0108 0580 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 10:35:13.0108 0580 MRxDAV - ok 10:35:13.0124 0580 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 10:35:13.0124 0580 mrxsmb - ok 10:35:13.0155 0580 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:35:13.0155 0580 mrxsmb10 - ok 10:35:13.0186 0580 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:35:13.0186 0580 mrxsmb20 - ok 10:35:13.0202 0580 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 10:35:13.0202 0580 msahci - ok 10:35:13.0218 0580 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 10:35:13.0233 0580 msdsm - ok 10:35:13.0264 0580 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 10:35:13.0264 0580 Msfs - ok 10:35:13.0280 0580 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 10:35:13.0280 0580 mshidkmdf - ok 10:35:13.0296 0580 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 10:35:13.0296 0580 msisadrv - ok 10:35:13.0327 0580 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 10:35:13.0327 0580 MSKSSRV - ok 10:35:13.0342 0580 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 10:35:13.0358 0580 MSPCLOCK - ok 10:35:13.0374 0580 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 10:35:13.0374 0580 MSPQM - ok 10:35:13.0405 0580 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 10:35:13.0405 0580 MsRPC - ok 10:35:13.0436 0580 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 10:35:13.0436 0580 mssmbios - ok 10:35:13.0452 0580 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 10:35:13.0452 0580 MSTEE - ok 10:35:13.0467 0580 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 10:35:13.0467 0580 MTConfig - ok 10:35:13.0498 0580 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 10:35:13.0498 0580 Mup - ok 10:35:13.0514 0580 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 10:35:13.0530 0580 NativeWifiP - ok 10:35:13.0545 0580 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120218.008\ENG64.SYS 10:35:13.0545 0580 NAVENG - ok 10:35:13.0576 0580 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120218.008\EX64.SYS 10:35:13.0592 0580 NAVEX15 - ok 10:35:13.0639 0580 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 10:35:13.0654 0580 NDIS - ok 10:35:13.0670 0580 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 10:35:13.0670 0580 NdisCap - ok 10:35:13.0686 0580 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 10:35:13.0701 0580 NdisTapi - ok 10:35:13.0717 0580 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 10:35:13.0717 0580 Ndisuio - ok 10:35:13.0732 0580 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 10:35:13.0748 0580 NdisWan - ok 10:35:13.0764 0580 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 10:35:13.0764 0580 NDProxy - ok 10:35:13.0779 0580 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 10:35:13.0779 0580 NetBIOS - ok 10:35:13.0810 0580 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 10:35:13.0810 0580 NetBT - ok 10:35:13.0857 0580 netr28x (f1814e62eb6e50472afc9903525ecec1) C:\Windows\system32\DRIVERS\netr28x.sys 10:35:13.0873 0580 netr28x - ok 10:35:13.0888 0580 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 10:35:13.0904 0580 nfrd960 - ok 10:35:13.0920 0580 nmwcd (903681bab213d5f84717c0fc42afb28a) C:\Windows\system32\drivers\ccdcmbx64.sys 10:35:13.0920 0580 nmwcd - ok 10:35:13.0935 0580 nmwcdc (ec4c5ebd003e0395bf4ea5a2efd13ce6) C:\Windows\system32\drivers\ccdcmbox64.sys 10:35:13.0951 0580 nmwcdc - ok 10:35:13.0966 0580 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 10:35:13.0966 0580 Npfs - ok 10:35:13.0982 0580 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 10:35:13.0998 0580 nsiproxy - ok 10:35:14.0044 0580 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 10:35:14.0060 0580 Ntfs - ok 10:35:14.0076 0580 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 10:35:14.0076 0580 Null - ok 10:35:14.0278 0580 nvlddmkm (41a7c6ed2bab4c304633b785c884a912) C:\Windows\system32\DRIVERS\nvlddmkm.sys 10:35:14.0388 0580 nvlddmkm - ok 10:35:14.0419 0580 nvpciflt (d542153cb23459b8aad88cf17e36b670) C:\Windows\system32\DRIVERS\nvpciflt.sys 10:35:14.0419 0580 nvpciflt - ok 10:35:14.0434 0580 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 10:35:14.0434 0580 nvraid - ok 10:35:14.0466 0580 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 10:35:14.0466 0580 nvstor - ok 10:35:14.0497 0580 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 10:35:14.0497 0580 nv_agp - ok 10:35:14.0528 0580 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 10:35:14.0528 0580 ohci1394 - ok 10:35:14.0559 0580 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 10:35:14.0559 0580 Parport - ok 10:35:14.0575 0580 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 10:35:14.0575 0580 partmgr - ok 10:35:14.0606 0580 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 10:35:14.0606 0580 pci - ok 10:35:14.0622 0580 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 10:35:14.0622 0580 pciide - ok 10:35:14.0653 0580 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 10:35:14.0653 0580 pcmcia - ok 10:35:14.0668 0580 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 10:35:14.0668 0580 pcw - ok 10:35:14.0700 0580 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 10:35:14.0715 0580 PEAUTH - ok 10:35:14.0778 0580 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 10:35:14.0778 0580 PptpMiniport - ok 10:35:14.0793 0580 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 10:35:14.0793 0580 Processor - ok 10:35:14.0824 0580 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 10:35:14.0824 0580 Psched - ok 10:35:14.0871 0580 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 10:35:14.0887 0580 ql2300 - ok 10:35:14.0918 0580 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 10:35:14.0918 0580 ql40xx - ok 10:35:14.0934 0580 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 10:35:14.0949 0580 QWAVEdrv - ok 10:35:14.0965 0580 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 10:35:14.0965 0580 RasAcd - ok 10:35:14.0980 0580 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 10:35:14.0980 0580 RasAgileVpn - ok 10:35:15.0012 0580 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 10:35:15.0012 0580 Rasl2tp - ok 10:35:15.0043 0580 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 10:35:15.0043 0580 RasPppoe - ok 10:35:15.0058 0580 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 10:35:15.0058 0580 RasSstp - ok 10:35:15.0090 0580 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 10:35:15.0090 0580 rdbss - ok 10:35:15.0105 0580 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 10:35:15.0121 0580 rdpbus - ok 10:35:15.0136 0580 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 10:35:15.0136 0580 RDPCDD - ok 10:35:15.0152 0580 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 10:35:15.0152 0580 RDPENCDD - ok 10:35:15.0183 0580 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 10:35:15.0183 0580 RDPREFMP - ok 10:35:15.0214 0580 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 10:35:15.0214 0580 RDPWD - ok 10:35:15.0246 0580 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 10:35:15.0246 0580 rdyboost - ok 10:35:15.0277 0580 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 10:35:15.0277 0580 rspndr - ok 10:35:15.0308 0580 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 10:35:15.0308 0580 sbp2port - ok 10:35:15.0339 0580 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 10:35:15.0339 0580 scfilter - ok 10:35:15.0370 0580 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 10:35:15.0370 0580 secdrv - ok 10:35:15.0402 0580 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 10:35:15.0402 0580 Serenum - ok 10:35:15.0417 0580 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 10:35:15.0417 0580 Serial - ok 10:35:15.0448 0580 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 10:35:15.0448 0580 sermouse - ok 10:35:15.0480 0580 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 10:35:15.0480 0580 sffdisk - ok 10:35:15.0495 0580 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 10:35:15.0511 0580 sffp_mmc - ok 10:35:15.0526 0580 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 10:35:15.0526 0580 sffp_sd - ok 10:35:15.0542 0580 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 10:35:15.0542 0580 sfloppy - ok 10:35:15.0573 0580 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 10:35:15.0573 0580 SiSRaid2 - ok 10:35:15.0604 0580 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 10:35:15.0604 0580 SiSRaid4 - ok 10:35:15.0620 0580 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 10:35:15.0620 0580 Smb - ok 10:35:15.0651 0580 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 10:35:15.0651 0580 spldr - ok 10:35:15.0698 0580 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NAVx64\1207000.00D\SRTSP64.SYS 10:35:15.0714 0580 SRTSP - ok 10:35:15.0729 0580 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NAVx64\1207000.00D\SRTSPX64.SYS 10:35:15.0729 0580 SRTSPX - ok 10:35:15.0760 0580 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 10:35:15.0760 0580 srv - ok 10:35:15.0792 0580 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 10:35:15.0807 0580 srv2 - ok 10:35:15.0823 0580 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 10:35:15.0823 0580 srvnet - ok 10:35:15.0854 0580 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 10:35:15.0854 0580 stexstor - ok 10:35:15.0885 0580 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 10:35:15.0885 0580 swenum - ok 10:35:15.0916 0580 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NAVx64\1207000.00D\SYMDS64.SYS 10:35:15.0916 0580 SymDS - ok 10:35:15.0948 0580 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NAVx64\1207000.00D\SYMEFA64.SYS 10:35:15.0963 0580 SymEFA - ok 10:35:15.0994 0580 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 10:35:15.0994 0580 SymEvent - ok 10:35:16.0010 0580 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NAVx64\1207000.00D\Ironx64.SYS 10:35:16.0010 0580 SymIRON - ok 10:35:16.0041 0580 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NAVx64\1207000.00D\SYMNETS.SYS 10:35:16.0041 0580 SymNetS - ok 10:35:16.0104 0580 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 10:35:16.0135 0580 Tcpip - ok 10:35:16.0182 0580 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 10:35:16.0197 0580 TCPIP6 - ok 10:35:16.0228 0580 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 10:35:16.0228 0580 tcpipreg - ok 10:35:16.0244 0580 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 10:35:16.0244 0580 TDPIPE - ok 10:35:16.0275 0580 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 10:35:16.0275 0580 TDTCP - ok 10:35:16.0291 0580 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 10:35:16.0291 0580 tdx - ok 10:35:16.0322 0580 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 10:35:16.0322 0580 TermDD - ok 10:35:16.0353 0580 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 10:35:16.0369 0580 tssecsrv - ok 10:35:16.0384 0580 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 10:35:16.0384 0580 TsUsbFlt - ok 10:35:16.0400 0580 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 10:35:16.0400 0580 TsUsbGD - ok 10:35:16.0431 0580 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 10:35:16.0431 0580 tunnel - ok 10:35:16.0447 0580 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys 10:35:16.0447 0580 TurboB - ok 10:35:16.0478 0580 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 10:35:16.0478 0580 uagp35 - ok 10:35:16.0509 0580 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 10:35:16.0509 0580 udfs - ok 10:35:16.0540 0580 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 10:35:16.0540 0580 uliagpkx - ok 10:35:16.0572 0580 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 10:35:16.0572 0580 umbus - ok 10:35:16.0587 0580 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 10:35:16.0587 0580 UmPass - ok 10:35:16.0618 0580 upperdev (7168819f30fe9622284ea19bde7f8ab4) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 10:35:16.0618 0580 upperdev - ok 10:35:16.0634 0580 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 10:35:16.0650 0580 usbccgp - ok 10:35:16.0665 0580 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 10:35:16.0665 0580 usbcir - ok 10:35:16.0681 0580 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 10:35:16.0681 0580 usbehci - ok 10:35:16.0712 0580 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 10:35:16.0712 0580 usbhub - ok 10:35:16.0743 0580 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 10:35:16.0743 0580 usbohci - ok 10:35:16.0759 0580 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 10:35:16.0759 0580 usbprint - ok 10:35:16.0790 0580 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 10:35:16.0790 0580 usbscan - ok 10:35:16.0806 0580 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys 10:35:16.0806 0580 usbser - ok 10:35:16.0837 0580 UsbserFilt (66c25cb20b2974e0c0cfdab49fb72a02) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys 10:35:16.0837 0580 UsbserFilt - ok 10:35:16.0868 0580 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:35:16.0868 0580 USBSTOR - ok 10:35:16.0884 0580 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 10:35:16.0884 0580 usbuhci - ok 10:35:16.0915 0580 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 10:35:16.0915 0580 usbvideo - ok 10:35:16.0946 0580 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 10:35:16.0946 0580 vdrvroot - ok 10:35:16.0977 0580 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 10:35:16.0977 0580 vga - ok 10:35:16.0993 0580 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 10:35:16.0993 0580 VgaSave - ok 10:35:17.0024 0580 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 10:35:17.0024 0580 vhdmp - ok 10:35:17.0040 0580 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 10:35:17.0055 0580 viaide - ok 10:35:17.0071 0580 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 10:35:17.0071 0580 volmgr - ok 10:35:17.0102 0580 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 10:35:17.0102 0580 volmgrx - ok 10:35:17.0118 0580 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 10:35:17.0133 0580 volsnap - ok 10:35:17.0149 0580 vpnva (13e6d95e7ac67abb7a1196557ef8849f) C:\Windows\system32\DRIVERS\vpnva64.sys 10:35:17.0149 0580 vpnva - ok 10:35:17.0180 0580 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 10:35:17.0180 0580 vsmraid - ok 10:35:17.0211 0580 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 10:35:17.0211 0580 vwifibus - ok 10:35:17.0227 0580 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 10:35:17.0227 0580 vwififlt - ok 10:35:17.0258 0580 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 10:35:17.0258 0580 WacomPen - ok 10:35:17.0274 0580 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 10:35:17.0289 0580 WANARP - ok 10:35:17.0289 0580 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 10:35:17.0289 0580 Wanarpv6 - ok 10:35:17.0336 0580 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 10:35:17.0336 0580 Wd - ok 10:35:17.0367 0580 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 10:35:17.0383 0580 Wdf01000 - ok 10:35:17.0414 0580 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 10:35:17.0414 0580 WfpLwf - ok 10:35:17.0445 0580 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 10:35:17.0445 0580 WIMMount - ok 10:35:17.0508 0580 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 10:35:17.0508 0580 WinUsb - ok 10:35:17.0539 0580 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 10:35:17.0539 0580 WmiAcpi - ok 10:35:17.0601 0580 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 10:35:17.0601 0580 ws2ifsl - ok 10:35:17.0632 0580 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 10:35:17.0632 0580 WudfPf - ok 10:35:17.0664 0580 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 10:35:17.0664 0580 WUDFRd - ok 10:35:17.0695 0580 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 10:35:17.0695 0580 \Device\Harddisk0\DR0 - ok 10:35:17.0695 0580 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1 10:35:17.0710 0580 \Device\Harddisk1\DR1 - ok 10:35:17.0710 0580 Boot (0x1200) (8397d6020769503b6b53e88ec47f6c5b) \Device\Harddisk0\DR0\Partition0 10:35:17.0710 0580 \Device\Harddisk0\DR0\Partition0 - ok 10:35:17.0710 0580 Boot (0x1200) (7e62f336deccaac28ba254f13d0681ae) \Device\Harddisk1\DR1\Partition0 10:35:17.0726 0580 \Device\Harddisk1\DR1\Partition0 - ok 10:35:17.0726 0580 Boot (0x1200) (db063aff02223b25eda0d2e46ce2b8f6) \Device\Harddisk1\DR1\Partition1 10:35:17.0726 0580 \Device\Harddisk1\DR1\Partition1 - ok 10:35:17.0726 0580 ============================================================ 10:35:17.0726 0580 Scan finished 10:35:17.0726 0580 ============================================================ 10:35:17.0742 2748 Detected object count: 0 10:35:17.0742 2748 Actual detected object count: 0 10:35:21.0673 2112 ============================================================ 10:35:21.0673 2112 Scan started 10:35:21.0673 2112 Mode: Manual; 10:35:21.0673 2112 ============================================================ 10:35:21.0798 2112 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 10:35:21.0798 2112 1394ohci - ok 10:35:21.0813 2112 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 10:35:21.0829 2112 ACPI - ok 10:35:21.0844 2112 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 10:35:21.0844 2112 AcpiPmi - ok 10:35:21.0876 2112 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 10:35:21.0876 2112 adp94xx - ok 10:35:21.0907 2112 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 10:35:21.0907 2112 adpahci - ok 10:35:21.0938 2112 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 10:35:21.0938 2112 adpu320 - ok 10:35:21.0969 2112 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 10:35:21.0985 2112 AFD - ok 10:35:22.0000 2112 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 10:35:22.0000 2112 agp440 - ok 10:35:22.0016 2112 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 10:35:22.0016 2112 aliide - ok 10:35:22.0047 2112 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 10:35:22.0047 2112 amdide - ok 10:35:22.0063 2112 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 10:35:22.0078 2112 AmdK8 - ok 10:35:22.0094 2112 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 10:35:22.0094 2112 AmdPPM - ok 10:35:22.0110 2112 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 10:35:22.0110 2112 amdsata - ok 10:35:22.0141 2112 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 10:35:22.0141 2112 amdsbs - ok 10:35:22.0156 2112 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 10:35:22.0156 2112 amdxata - ok 10:35:22.0172 2112 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 10:35:22.0172 2112 AppID - ok 10:35:22.0219 2112 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 10:35:22.0219 2112 arc - ok 10:35:22.0234 2112 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 10:35:22.0234 2112 arcsas - ok 10:35:22.0250 2112 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 10:35:22.0250 2112 ASMMAP64 - ok 10:35:22.0281 2112 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 10:35:22.0281 2112 AsyncMac - ok 10:35:22.0297 2112 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 10:35:22.0297 2112 atapi - ok 10:35:22.0312 2112 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 10:35:22.0312 2112 ATKWMIACPIIO - ok 10:35:22.0344 2112 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 10:35:22.0359 2112 b06bdrv - ok 10:35:22.0375 2112 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 10:35:22.0375 2112 b57nd60a - ok 10:35:22.0406 2112 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 10:35:22.0406 2112 Beep - ok 10:35:22.0437 2112 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20120215.001\BHDrvx64.sys 10:35:22.0437 2112 BHDrvx64 - ok 10:35:22.0468 2112 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 10:35:22.0468 2112 blbdrive - ok 10:35:22.0500 2112 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 10:35:22.0500 2112 bowser - ok 10:35:22.0515 2112 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 10:35:22.0515 2112 BrFiltLo - ok 10:35:22.0531 2112 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 10:35:22.0546 2112 BrFiltUp - ok 10:35:22.0578 2112 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 10:35:22.0578 2112 BridgeMP - ok 10:35:22.0609 2112 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 10:35:22.0609 2112 Brserid - ok 10:35:22.0624 2112 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 10:35:22.0624 2112 BrSerWdm - ok 10:35:22.0656 2112 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 10:35:22.0656 2112 BrUsbMdm - ok 10:35:22.0671 2112 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 10:35:22.0671 2112 BrUsbSer - ok 10:35:22.0687 2112 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 10:35:22.0687 2112 BTHMODEM - ok 10:35:22.0702 2112 catchme - ok 10:35:22.0734 2112 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 10:35:22.0734 2112 cdfs - ok 10:35:22.0749 2112 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 10:35:22.0749 2112 cdrom - ok 10:35:22.0780 2112 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 10:35:22.0780 2112 circlass - ok 10:35:22.0796 2112 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 10:35:22.0812 2112 CLFS - ok 10:35:22.0843 2112 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 10:35:22.0843 2112 CmBatt - ok 10:35:22.0858 2112 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 10:35:22.0858 2112 cmdide - ok 10:35:22.0905 2112 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 10:35:22.0905 2112 CNG - ok 10:35:22.0921 2112 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 10:35:22.0921 2112 Compbatt - ok 10:35:22.0952 2112 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 10:35:22.0952 2112 CompositeBus - ok 10:35:22.0983 2112 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 10:35:22.0983 2112 crcdisk - ok 10:35:23.0030 2112 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys 10:35:23.0030 2112 CVirtA - ok 10:35:23.0061 2112 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys 10:35:23.0077 2112 CVPNDRVA - ok 10:35:23.0108 2112 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 10:35:23.0108 2112 DfsC - ok 10:35:23.0124 2112 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 10:35:23.0124 2112 discache - ok 10:35:23.0155 2112 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 10:35:23.0155 2112 Disk - ok 10:35:23.0186 2112 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys 10:35:23.0186 2112 DNE - ok 10:35:23.0217 2112 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 10:35:23.0217 2112 drmkaud - ok 10:35:23.0264 2112 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 10:35:23.0264 2112 DXGKrnl - ok 10:35:23.0326 2112 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 10:35:23.0358 2112 ebdrv - ok 10:35:23.0373 2112 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 10:35:23.0389 2112 eeCtrl - ok 10:35:23.0436 2112 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 10:35:23.0436 2112 elxstor - ok 10:35:23.0451 2112 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 10:35:23.0451 2112 EraserUtilRebootDrv - ok 10:35:23.0467 2112 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 10:35:23.0467 2112 ErrDev - ok 10:35:23.0514 2112 ETD (5b042aa9cebdab5b61e747ddcebff51b) C:\Windows\system32\DRIVERS\ETD.sys 10:35:23.0514 2112 ETD - ok 10:35:23.0529 2112 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 10:35:23.0545 2112 exfat - ok 10:35:23.0560 2112 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 10:35:23.0560 2112 fastfat - ok 10:35:23.0576 2112 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 10:35:23.0592 2112 fdc - ok 10:35:23.0607 2112 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 10:35:23.0607 2112 FileInfo - ok 10:35:23.0638 2112 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 10:35:23.0638 2112 Filetrace - ok 10:35:23.0654 2112 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 10:35:23.0654 2112 flpydisk - ok 10:35:23.0670 2112 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 10:35:23.0685 2112 FltMgr - ok 10:35:23.0701 2112 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 10:35:23.0701 2112 FsDepends - ok 10:35:23.0732 2112 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 10:35:23.0732 2112 Fs_Rec - ok 10:35:23.0748 2112 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 10:35:23.0748 2112 fvevol - ok 10:35:23.0763 2112 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 10:35:23.0779 2112 gagp30kx - ok 10:35:23.0794 2112 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 10:35:23.0794 2112 hcw85cir - ok 10:35:23.0826 2112 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 10:35:23.0826 2112 HdAudAddService - ok 10:35:23.0841 2112 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 10:35:23.0841 2112 HDAudBus - ok 10:35:23.0857 2112 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 10:35:23.0872 2112 HidBatt - ok 10:35:23.0888 2112 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 10:35:23.0888 2112 HidBth - ok 10:35:23.0904 2112 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 10:35:23.0904 2112 HidIr - ok 10:35:23.0935 2112 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 10:35:23.0935 2112 HidUsb - ok 10:35:23.0966 2112 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 10:35:23.0966 2112 HpSAMD - ok 10:35:23.0997 2112 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 10:35:23.0997 2112 HTTP - ok 10:35:24.0028 2112 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 10:35:24.0028 2112 hwpolicy - ok 10:35:24.0044 2112 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 10:35:24.0044 2112 i8042prt - ok 10:35:24.0075 2112 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys 10:35:24.0075 2112 iaStor - ok 10:35:24.0106 2112 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 10:35:24.0106 2112 iaStorV - ok 10:35:24.0122 2112 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20120217.003\IDSvia64.sys 10:35:24.0138 2112 IDSVia64 - ok 10:35:24.0309 2112 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdkmd64.sys 10:35:24.0418 2112 igfx - ok 10:35:24.0434 2112 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 10:35:24.0434 2112 iirsp - ok 10:35:24.0496 2112 IntcAzAudAddService (72a253efca059d8cf303371255624890) C:\Windows\system32\drivers\RTKVHD64.sys 10:35:24.0528 2112 IntcAzAudAddService - ok 10:35:24.0543 2112 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 10:35:24.0559 2112 IntcDAud - ok 10:35:24.0574 2112 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 10:35:24.0574 2112 intelide - ok 10:35:24.0590 2112 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 10:35:24.0590 2112 intelppm - ok 10:35:24.0621 2112 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:35:24.0621 2112 IpFilterDriver - ok 10:35:24.0637 2112 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 10:35:24.0637 2112 IPMIDRV - ok 10:35:24.0668 2112 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 10:35:24.0668 2112 IPNAT - ok 10:35:24.0684 2112 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 10:35:24.0684 2112 IRENUM - ok 10:35:24.0699 2112 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 10:35:24.0699 2112 isapnp - ok 10:35:24.0730 2112 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 10:35:24.0730 2112 iScsiPrt - ok 10:35:24.0746 2112 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 10:35:24.0746 2112 kbdclass - ok 10:35:24.0777 2112 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 10:35:24.0777 2112 kbdhid - ok 10:35:24.0793 2112 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 10:35:24.0793 2112 kbfiltr - ok 10:35:24.0824 2112 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 10:35:24.0824 2112 KSecDD - ok 10:35:24.0840 2112 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 10:35:24.0840 2112 KSecPkg - ok 10:35:24.0855 2112 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 10:35:24.0871 2112 ksthunk - ok 10:35:24.0886 2112 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys 10:35:24.0886 2112 L1C - ok 10:35:24.0918 2112 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 10:35:24.0918 2112 lltdio - ok 10:35:24.0949 2112 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 10:35:24.0949 2112 LSI_FC - ok 10:35:24.0964 2112 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 10:35:24.0980 2112 LSI_SAS - ok 10:35:24.0996 2112 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 10:35:24.0996 2112 LSI_SAS2 - ok 10:35:25.0011 2112 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 10:35:25.0011 2112 LSI_SCSI - ok 10:35:25.0042 2112 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 10:35:25.0042 2112 luafv - ok 10:35:25.0058 2112 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 10:35:25.0058 2112 megasas - ok 10:35:25.0089 2112 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 10:35:25.0089 2112 MegaSR - ok 10:35:25.0105 2112 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys 10:35:25.0105 2112 MEIx64 - ok 10:35:25.0136 2112 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 10:35:25.0136 2112 Modem - ok 10:35:25.0152 2112 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 10:35:25.0152 2112 monitor - ok 10:35:25.0167 2112 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 10:35:25.0167 2112 mouclass - ok 10:35:25.0198 2112 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 10:35:25.0198 2112 mouhid - ok 10:35:25.0214 2112 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 10:35:25.0214 2112 mountmgr - ok 10:35:25.0245 2112 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 10:35:25.0245 2112 mpio - ok 10:35:25.0261 2112 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 10:35:25.0261 2112 mpsdrv - ok 10:35:25.0292 2112 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 10:35:25.0292 2112 MRxDAV - ok 10:35:25.0308 2112 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 10:35:25.0308 2112 mrxsmb - ok 10:35:25.0339 2112 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:35:25.0339 2112 mrxsmb10 - ok 10:35:25.0354 2112 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:35:25.0354 2112 mrxsmb20 - ok 10:35:25.0370 2112 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 10:35:25.0386 2112 msahci - ok 10:35:25.0401 2112 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 10:35:25.0401 2112 msdsm - ok 10:35:25.0432 2112 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 10:35:25.0432 2112 Msfs - ok 10:35:25.0448 2112 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 10:35:25.0464 2112 mshidkmdf - ok 10:35:25.0479 2112 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 10:35:25.0479 2112 msisadrv - ok 10:35:25.0495 2112 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 10:35:25.0510 2112 MSKSSRV - ok 10:35:25.0526 2112 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 10:35:25.0526 2112 MSPCLOCK - ok 10:35:25.0542 2112 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 10:35:25.0542 2112 MSPQM - ok 10:35:25.0573 2112 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 10:35:25.0573 2112 MsRPC - ok 10:35:25.0604 2112 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 10:35:25.0604 2112 mssmbios - ok 10:35:25.0620 2112 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 10:35:25.0620 2112 MSTEE - ok 10:35:25.0635 2112 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 10:35:25.0635 2112 MTConfig - ok 10:35:25.0666 2112 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 10:35:25.0666 2112 Mup - ok 10:35:25.0682 2112 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 10:35:25.0698 2112 NativeWifiP - ok 10:35:25.0698 2112 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120218.008\ENG64.SYS 10:35:25.0698 2112 NAVENG - ok 10:35:25.0744 2112 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120218.008\EX64.SYS 10:35:25.0760 2112 NAVEX15 - ok 10:35:25.0791 2112 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 10:35:25.0807 2112 NDIS - ok 10:35:25.0822 2112 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 10:35:25.0822 2112 NdisCap - ok 10:35:25.0854 2112 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 10:35:25.0854 2112 NdisTapi - ok 10:35:25.0869 2112 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 10:35:25.0869 2112 Ndisuio - ok 10:35:25.0885 2112 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 10:35:25.0900 2112 NdisWan - ok 10:35:25.0916 2112 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 10:35:25.0916 2112 NDProxy - ok 10:35:25.0932 2112 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 10:35:25.0932 2112 NetBIOS - ok 10:35:25.0963 2112 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 10:35:25.0963 2112 NetBT - ok 10:35:26.0010 2112 netr28x (f1814e62eb6e50472afc9903525ecec1) C:\Windows\system32\DRIVERS\netr28x.sys 10:35:26.0025 2112 netr28x - ok 10:35:26.0041 2112 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 10:35:26.0056 2112 nfrd960 - ok 10:35:26.0072 2112 nmwcd (903681bab213d5f84717c0fc42afb28a) C:\Windows\system32\drivers\ccdcmbx64.sys 10:35:26.0072 2112 nmwcd - ok 10:35:26.0088 2112 nmwcdc (ec4c5ebd003e0395bf4ea5a2efd13ce6) C:\Windows\system32\drivers\ccdcmbox64.sys 10:35:26.0088 2112 nmwcdc - ok 10:35:26.0119 2112 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 10:35:26.0119 2112 Npfs - ok 10:35:26.0134 2112 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 10:35:26.0134 2112 nsiproxy - ok 10:35:26.0181 2112 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 10:35:26.0197 2112 Ntfs - ok 10:35:26.0228 2112 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 10:35:26.0228 2112 Null - ok 10:35:26.0415 2112 nvlddmkm (41a7c6ed2bab4c304633b785c884a912) C:\Windows\system32\DRIVERS\nvlddmkm.sys 10:35:26.0524 2112 nvlddmkm - ok 10:35:26.0556 2112 nvpciflt (d542153cb23459b8aad88cf17e36b670) C:\Windows\system32\DRIVERS\nvpciflt.sys 10:35:26.0556 2112 nvpciflt - ok 10:35:26.0571 2112 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 10:35:26.0587 2112 nvraid - ok 10:35:26.0602 2112 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 10:35:26.0602 2112 nvstor - ok 10:35:26.0634 2112 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 10:35:26.0634 2112 nv_agp - ok 10:35:26.0649 2112 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 10:35:26.0649 2112 ohci1394 - ok 10:35:26.0680 2112 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 10:35:26.0680 2112 Parport - ok 10:35:26.0712 2112 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 10:35:26.0712 2112 partmgr - ok 10:35:26.0727 2112 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 10:35:26.0727 2112 pci - ok 10:35:26.0758 2112 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 10:35:26.0758 2112 pciide - ok 10:35:26.0774 2112 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 10:35:26.0774 2112 pcmcia - ok 10:35:26.0805 2112 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 10:35:26.0805 2112 pcw - ok 10:35:26.0821 2112 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 10:35:26.0836 2112 PEAUTH - ok 10:35:26.0899 2112 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 10:35:26.0899 2112 PptpMiniport - ok 10:35:26.0914 2112 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 10:35:26.0914 2112 Processor - ok 10:35:26.0946 2112 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 10:35:26.0946 2112 Psched - ok 10:35:26.0992 2112 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 10:35:27.0008 2112 ql2300 - ok 10:35:27.0024 2112 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 10:35:27.0039 2112 ql40xx - ok 10:35:27.0055 2112 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 10:35:27.0055 2112 QWAVEdrv - ok 10:35:27.0070 2112 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 10:35:27.0070 2112 RasAcd - ok 10:35:27.0102 2112 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 10:35:27.0102 2112 RasAgileVpn - ok 10:35:27.0117 2112 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 10:35:27.0133 2112 Rasl2tp - ok 10:35:27.0148 2112 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 10:35:27.0148 2112 RasPppoe - ok 10:35:27.0164 2112 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 10:35:27.0180 2112 RasSstp - ok 10:35:27.0195 2112 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 10:35:27.0195 2112 rdbss - ok 10:35:27.0226 2112 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 10:35:27.0226 2112 rdpbus - ok 10:35:27.0242 2112 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 10:35:27.0242 2112 RDPCDD - ok 10:35:27.0273 2112 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 10:35:27.0273 2112 RDPENCDD - ok 10:35:27.0289 2112 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 10:35:27.0289 2112 RDPREFMP - ok 10:35:27.0320 2112 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 10:35:27.0320 2112 RDPWD - ok 10:35:27.0351 2112 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 10:35:27.0351 2112 rdyboost - ok 10:35:27.0382 2112 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 10:35:27.0382 2112 rspndr - ok 10:35:27.0414 2112 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 10:35:27.0414 2112 sbp2port - ok 10:35:27.0429 2112 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 10:35:27.0429 2112 scfilter - ok 10:35:27.0460 2112 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 10:35:27.0460 2112 secdrv - ok 10:35:27.0492 2112 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 10:35:27.0492 2112 Serenum - ok 10:35:27.0523 2112 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 10:35:27.0523 2112 Serial - ok 10:35:27.0538 2112 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 10:35:27.0538 2112 sermouse - ok 10:35:27.0570 2112 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 10:35:27.0570 2112 sffdisk - ok 10:35:27.0585 2112 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 10:35:27.0585 2112 sffp_mmc - ok 10:35:27.0616 2112 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 10:35:27.0616 2112 sffp_sd - ok 10:35:27.0632 2112 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 10:35:27.0632 2112 sfloppy - ok 10:35:27.0663 2112 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 10:35:27.0663 2112 SiSRaid2 - ok 10:35:27.0679 2112 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 10:35:27.0679 2112 SiSRaid4 - ok 10:35:27.0694 2112 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 10:35:27.0710 2112 Smb - ok 10:35:27.0726 2112 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 10:35:27.0726 2112 spldr - ok 10:35:27.0772 2112 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NAVx64\1207000.00D\SRTSP64.SYS 10:35:27.0788 2112 SRTSP - ok 10:35:27.0804 2112 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NAVx64\1207000.00D\SRTSPX64.SYS 10:35:27.0804 2112 SRTSPX - ok 10:35:27.0835 2112 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 10:35:27.0835 2112 srv - ok 10:35:27.0866 2112 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 10:35:27.0866 2112 srv2 - ok 10:35:27.0897 2112 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 10:35:27.0897 2112 srvnet - ok 10:35:27.0913 2112 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 10:35:27.0928 2112 stexstor - ok 10:35:27.0944 2112 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 10:35:27.0944 2112 swenum - ok 10:35:27.0975 2112 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NAVx64\1207000.00D\SYMDS64.SYS 10:35:27.0991 2112 SymDS - ok 10:35:28.0022 2112 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NAVx64\1207000.00D\SYMEFA64.SYS 10:35:28.0022 2112 SymEFA - ok 10:35:28.0053 2112 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 10:35:28.0053 2112 SymEvent - ok 10:35:28.0084 2112 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NAVx64\1207000.00D\Ironx64.SYS 10:35:28.0084 2112 SymIRON - ok 10:35:28.0100 2112 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NAVx64\1207000.00D\SYMNETS.SYS 10:35:28.0116 2112 SymNetS - ok 10:35:28.0178 2112 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 10:35:28.0194 2112 Tcpip - ok 10:35:28.0240 2112 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 10:35:28.0256 2112 TCPIP6 - ok 10:35:28.0287 2112 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 10:35:28.0287 2112 tcpipreg - ok 10:35:28.0303 2112 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 10:35:28.0303 2112 TDPIPE - ok 10:35:28.0334 2112 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 10:35:28.0334 2112 TDTCP - ok 10:35:28.0350 2112 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 10:35:28.0350 2112 tdx - ok 10:35:28.0365 2112 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 10:35:28.0381 2112 TermDD - ok 10:35:28.0412 2112 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 10:35:28.0412 2112 tssecsrv - ok 10:35:28.0428 2112 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 10:35:28.0428 2112 TsUsbFlt - ok 10:35:28.0459 2112 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 10:35:28.0459 2112 TsUsbGD - ok 10:35:28.0474 2112 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 10:35:28.0474 2112 tunnel - ok 10:35:28.0506 2112 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys 10:35:28.0506 2112 TurboB - ok 10:35:28.0521 2112 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 10:35:28.0521 2112 uagp35 - ok 10:35:28.0552 2112 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 10:35:28.0552 2112 udfs - ok 10:35:28.0584 2112 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 10:35:28.0584 2112 uliagpkx - ok 10:35:28.0599 2112 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 10:35:28.0599 2112 umbus - ok 10:35:28.0630 2112 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 10:35:28.0630 2112 UmPass - ok 10:35:28.0662 2112 upperdev (7168819f30fe9622284ea19bde7f8ab4) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 10:35:28.0662 2112 upperdev - ok 10:35:28.0677 2112 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 10:35:28.0677 2112 usbccgp - ok 10:35:28.0693 2112 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 10:35:28.0708 2112 usbcir - ok 10:35:28.0724 2112 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 10:35:28.0724 2112 usbehci - ok 10:35:28.0755 2112 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 10:35:28.0755 2112 usbhub - ok 10:35:28.0771 2112 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 10:35:28.0771 2112 usbohci - ok 10:35:28.0802 2112 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 10:35:28.0802 2112 usbprint - ok 10:35:28.0818 2112 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 10:35:28.0818 2112 usbscan - ok 10:35:28.0833 2112 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys 10:35:28.0833 2112 usbser - ok 10:35:28.0864 2112 UsbserFilt (66c25cb20b2974e0c0cfdab49fb72a02) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys 10:35:28.0864 2112 UsbserFilt - ok 10:35:28.0880 2112 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:35:28.0880 2112 USBSTOR - ok 10:35:28.0911 2112 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 10:35:28.0911 2112 usbuhci - ok 10:35:28.0927 2112 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 10:35:28.0927 2112 usbvideo - ok 10:35:28.0958 2112 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 10:35:28.0958 2112 vdrvroot - ok 10:35:28.0989 2112 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 10:35:28.0989 2112 vga - ok 10:35:29.0005 2112 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 10:35:29.0005 2112 VgaSave - ok 10:35:29.0036 2112 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 10:35:29.0036 2112 vhdmp - ok 10:35:29.0052 2112 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 10:35:29.0052 2112 viaide - ok 10:35:29.0067 2112 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 10:35:29.0083 2112 volmgr - ok 10:35:29.0098 2112 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 10:35:29.0098 2112 volmgrx - ok 10:35:29.0130 2112 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 10:35:29.0130 2112 volsnap - ok 10:35:29.0161 2112 vpnva (13e6d95e7ac67abb7a1196557ef8849f) C:\Windows\system32\DRIVERS\vpnva64.sys 10:35:29.0161 2112 vpnva - ok 10:35:29.0176 2112 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 10:35:29.0176 2112 vsmraid - ok 10:35:29.0208 2112 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 10:35:29.0208 2112 vwifibus - ok 10:35:29.0223 2112 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 10:35:29.0239 2112 vwififlt - ok 10:35:29.0254 2112 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 10:35:29.0254 2112 WacomPen - ok 10:35:29.0286 2112 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 10:35:29.0286 2112 WANARP - ok 10:35:29.0286 2112 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 10:35:29.0286 2112 Wanarpv6 - ok 10:35:29.0332 2112 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 10:35:29.0332 2112 Wd - ok 10:35:29.0364 2112 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 10:35:29.0364 2112 Wdf01000 - ok 10:35:29.0410 2112 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 10:35:29.0410 2112 WfpLwf - ok 10:35:29.0426 2112 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 10:35:29.0426 2112 WIMMount - ok 10:35:29.0473 2112 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 10:35:29.0473 2112 WinUsb - ok 10:35:29.0504 2112 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 10:35:29.0504 2112 WmiAcpi - ok 10:35:29.0535 2112 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 10:35:29.0535 2112 ws2ifsl - ok 10:35:29.0582 2112 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 10:35:29.0582 2112 WudfPf - ok 10:35:29.0598 2112 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 10:35:29.0598 2112 WUDFRd - ok 10:35:29.0629 2112 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 10:35:29.0629 2112 \Device\Harddisk0\DR0 - ok 10:35:29.0644 2112 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1 10:35:29.0644 2112 \Device\Harddisk1\DR1 - ok 10:35:29.0644 2112 Boot (0x1200) (8397d6020769503b6b53e88ec47f6c5b) \Device\Harddisk0\DR0\Partition0 10:35:29.0644 2112 \Device\Harddisk0\DR0\Partition0 - ok 10:35:29.0660 2112 Boot (0x1200) (7e62f336deccaac28ba254f13d0681ae) \Device\Harddisk1\DR1\Partition0 10:35:29.0660 2112 \Device\Harddisk1\DR1\Partition0 - ok 10:35:29.0660 2112 Boot (0x1200) (db063aff02223b25eda0d2e46ce2b8f6) \Device\Harddisk1\DR1\Partition1 10:35:29.0660 2112 \Device\Harddisk1\DR1\Partition1 - ok 10:35:29.0660 2112 ============================================================ 10:35:29.0660 2112 Scan finished 10:35:29.0660 2112 ============================================================ 10:35:29.0676 1736 Detected object count: 0 10:35:29.0676 1736 Actual detected object count: 0 ---------- Post toegevoegd om 10:46 ---------- Vorige post was om 10:36 ---------- NortonAntivirus vindt nu nog maar 1 kritiek punt. (Trojan.ZeroAccess. ---------- Post toegevoegd om 10:46 ---------- Vorige post was om 10:46 ---------- NortonAntivirus vindt nu nog maar 1 kritiek punt. (Trojan.ZeroAccess.
-
Enig idee, hoe ik dit kan verwijderen? Alvast bedankt ! http://i39.tinypic.com/6tk3yw.jpg
-
Het is gelukt om Windows normaal op te starten. Hier is het verslag van combofix : ComboFix 12-02-19.02 - Asus 19/02/2012 21:42:50.1.4 - x64 NETWORK Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4008.3179 [GMT 1:00] Gestart vanuit: c:\users\Asus\Downloads\ComboFix.exe AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\StartSearch plugin c:\programdata\~4EhEyyyNycwRMt c:\programdata\~4EhEyyyNycwRMtr c:\programdata\4EhEyyyNycwRMt c:\programdata\4EhEyyyNycwRMt.exe c:\programdata\BHMmHjYKMAcfJ.exe c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\System Check.lnk c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\Uninstall System Check.lnk c:\users\Asus\Desktop\System Check.lnk c:\windows\assembly\GAC_32\Desktop.ini c:\windows\assembly\GAC_64\Desktop.ini c:\windows\assembly\temp\@ c:\windows\assembly\temp\cfg.ini c:\windows\system32\consrv.dll c:\windows\System64 . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_AMService . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-19 to 2012-02-19 )))))))))))))))))))))))))))))) . . 2012-02-19 17:08 . 2012-02-19 17:08 -------- d-----w- c:\users\Asus\AppData\Roaming\Malwarebytes 2012-02-19 17:08 . 2012-02-19 17:08 -------- d-----w- c:\programdata\Malwarebytes 2012-02-19 17:08 . 2012-02-19 17:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-02-19 17:08 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-19 16:54 . 2012-02-19 16:54 -------- d-----w- c:\users\Asus\AppData\Local\ElevatedDiagnostics 2012-02-19 13:45 . 2012-02-19 13:45 -------- d--h--w- c:\users\Asus\AppData\Roaming\Tific 2012-02-19 13:45 . 2012-02-19 13:45 -------- d--h--w- c:\users\Asus\AppData\Local\Symantec 2012-02-19 13:43 . 2012-02-19 19:20 0 --sha-w- c:\windows\system32\dds_trash_log.cmd 2012-02-15 12:48 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-15 12:48 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-02-15 12:48 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl 2012-02-15 12:48 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl 2012-02-15 12:48 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-02-15 12:48 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys 2012-02-15 12:47 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-15 12:47 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2012-02-12 20:43 . 2012-02-12 20:43 -------- d-----w- c:\program files\Common Files\Deterministic Networks 2012-02-12 20:43 . 2012-02-12 20:43 -------- d-----w- c:\program files (x86)\Cisco Systems 2012-01-31 16:17 . 2012-02-10 07:32 -------- d-----w- c:\windows\system32\drivers\NAVx64\1207000.00D . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="c:\users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-19 137536] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-02-08 2009704] R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1207000.00D\SYMDS64.SYS [x] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1207000.00D\SYMEFA64.SYS [x] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20120215.001\BHDrvx64.sys [2011-12-01 1157240] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20120217.003\IDSvia64.sys [2011-12-15 488568] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1207000.00D\Ironx64.SYS [x] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1207000.00D\SYMNETS.SYS [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416] S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe [2011-04-17 130008] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928] S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-09-22 645048] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-04 138360] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-02-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2765547659-3389848668-315783056-1000Core.job - c:\users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 14:58] . 2012-02-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2765547659-3389848668-315783056-1000UA.job - c:\users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 14:58] . 2012-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2765547659-3389848668-315783056-1000Core.job - c:\users\Asus\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-02 09:54] . 2012-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2765547659-3389848668-315783056-1000UA.job - c:\users\Asus\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-02 09:54] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 2184520] "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312] "combofix"="c:\combofix\CF1329.3XE" [2010-11-21 345088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs DLH5X npkcsvc ziptoa NsTrcNT serialkeys caisafe . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Block This Image (ABP) - c:\program files (x86)\Adblock Pro\blockimg.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {{878AC5FC-BE78-4bae-896C-7F75B790A71E} - c:\program files (x86)\PokerStars.BE\PokerStarsUpdate.exe TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{3C34F940-2DD1-4868-98C4-40A375ED08B5}: NameServer = 8.8.8.8 TCP: Interfaces\{3C34F940-2DD1-4868-98C4-40A375ED08B5}\2494247456E647: NameServer = 8.8.8.8 TCP: Interfaces\{3C34F940-2DD1-4868-98C4-40A375ED08B5}\3596475636F6D6: NameServer = 8.8.8.8 TCP: Interfaces\{3C34F940-2DD1-4868-98C4-40A375ED08B5}\4554C454E4544584F4D4543505F445: NameServer = 8.8.8.8 FF - ProfilePath - c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\1oxb8gyd.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - hxxp://startsear.ch/?aff=2&src=sp&cf=706dfa9e-241a-11e1-b101-f46d042802ac&q= . - - - - ORPHANS VERWIJDERD - - - - . HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NAV] "ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\18.7.0.13\diMaster.dll\" /prefetch:1" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe c:\program files (x86)\Norton AntiVirus\Engine\18.7.0.13\hsplayer.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2012-02-19 21:49:09 - machine werd herstart ComboFix-quarantined-files.txt 2012-02-19 20:49 . Pre-Run: 25.181.208.576 bytes beschikbaar Post-Run: 24.810.848.256 bytes beschikbaar . - - End Of File - - F7488AAB2F320B01BD109C5E464587B0
-
Ok zal ik nu doen. Maar ik kan mijn virusscanner niet tijdelijk uitzetten in Veilige modus. Als ik bij zoeken 'Norton' ingeef dan is er geen resultaat. Is het erg dat Norton nog aanstaat, ook al is Norton nergens te vinden op mijn computer in veilige modus.
-
Neen het is niet gelukt. Ik heb de computer afgesloten en bij het opstarten kwam er het scherm 'windows foutherstel'. Dan heb ik Windows normaal proberen opstarten maar dat lukt niet. Hij start op , windowsvlagje met windows start op wordt weergegeven en dan start hij opnieuw op..
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:14:14, on 19/02/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Safe mode with network support Running processes: C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Asus\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.0.13\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [Google Update] "C:\Users\Asus\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files (x86)\Adblock Pro\blockimg.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files (x86)\PokerStars.BE\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3C34F940-2DD1-4868-98C4-40A375ED08B5}: NameServer = 8.8.8.8 O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMService - Provtech Limited - C:\Windows\TEMP\ddntjh\setup.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Intel® Turbo Boost Technology Monitor (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8809 bytes --------------------------------------------------------- Malwarebytes Anti-Malware 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.02.19.02 Windows 7 Service Pack 1 x64 NTFS (Veilige modus/netwerkmogelijkheden) Internet Explorer 9.0.8112.16421 Asus :: ASUS-PC [administrator] 19/02/2012 18:09:47 mbam-log-2012-02-19 (18-09-47).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 198038 Verstreken tijd: 1 minuut/minuten, 10 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 4 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Slecht: (SearchCompletion Search) Goed: (Google) -> Succesvol in quarantaine geplaatst en gerepareerd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Slecht: (0) Goed: (1) -> Succesvol in quarantaine geplaatst en gerepareerd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Slecht: (0) Goed: (1) -> Succesvol in quarantaine geplaatst en gerepareerd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Slecht: (SearchCompletion Search) Goed: (Google) -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) ----------------
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:47:58, on 19/02/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Safe mode with network support Running processes: C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\Asus\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = SearchCompletion Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = SearchCompletion Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.0.13\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Asus\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [bHMmHjYKMAcfJ.exe] C:\ProgramData\BHMmHjYKMAcfJ.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files (x86)\Adblock Pro\blockimg.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file) O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file) O9 - Extra button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files (x86)\PokerStars.BE\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Asus\Desktop\PartyPoker.lnk (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Asus\Desktop\PartyPoker.lnk (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3C34F940-2DD1-4868-98C4-40A375ED08B5}: NameServer = 8.8.8.8 O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMService - Provtech Limited - C:\Windows\TEMP\ddntjh\setup.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Intel® Turbo Boost Technology Monitor (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9504 bytes
-
Danku Eindelijk kunnen aanmelden in windows via veilige modus Zou ik via die youtube-guide mijn virus kunnen verwijderen? Of raad je iets anders aan? Mvg en bedankt!
-
Volgens mij kan ik via deze guide mijn virus verwijderen. Nu moet ik nog kunnen aanmelden in windows.. iemand die weet hoe ik dit moet doen? MVG
-
Beste, Vandaag zat ik te surfen op mijn laptop toen er plots pop-ups verschenen met als tekst : delayed write failed. Direct erna heb ik mijn virusscanner laten scannen en die dedecteerde een trojan horse. Helaas moest ik die handmatig verwijderen via een removal tool van NortonAntiVirus die enkel werkt bij een 32-bit. Doordat ik een 64-bit(windows 7) heb is dit dus niet gelukt. Daarna heb ik mijn laptop uitgeschakeld. Bij het opstarten verscheen er een scherm 'windows foutherstel'. Bij dit scherm kan ik enkel kiezen tussen : 1. Opstartherstel starten (aanbevolen) 2. Windows normaal starten. Als ik 1. doe dan verschijnt er een popup van windows : 'Deze computer kan niet automatisch worden hersteld' . Als ik 2. doe dan start mijn pc opnieuw op en kom ik terug terecht bij 'windows foutherstel'. Ik kan dus niet meer terecht in Windows... Hopelijk kan iemand mij helpen want ik weet echt niet wat ik moet doen. Met vriendelijke groeten en alvast bedankt. Yannick
