dieter9080
-
Items
45 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door dieter9080
-
LACIE mobiele schijf kan ik niet meer lezen
dieter9080 reageerde op dieter9080's topic in Archief Andere software
Ik denk dat je dit wil zien . klopt?
-
LACIE mobiele schijf kan ik niet meer lezen
dieter9080 plaatste een topic in Archief Andere software
Hey allen, ik kocht een mobiele, externe harde schijf "Lacie, LaCie Rugged Mini " LaCie - LaCie Rugged Mini om een video opname van een dansoptreden op te plaatsen. de firma die de video opname bewerkt heeft, heeft deze schijf gebruikt . Nu kan ik deze niet meer lezen. Ik vermoed dat de firma deze geconfigureerd heeft voor mac ipv Windows. ik kreeg reeds een tip van de cameraman : " Je bent niet de enige die me die vraag stuurt. Eenartiest die beelden van zijn concert deze zomer had gekocht stelde me dezelfdevraag. Indien je de hdd wil kunnen lezen moet je macdrive installeren. Het iseen gratis programma en stelt je in staat mac geformatteerde harde schijven telezen (http://download.cnet.com/MacDrive-Standard/3000-2248_4-10313024.html).Wil je de hdd echter opnieuw gebruiken en wil je alles wissen, dan moet je zeformateren naar een msdos of fat32 formaat. Dit lukt me echter niet ... Kunnen jullie me verder helpen? Wat op de schijf staat, mag verwijderd worden. Alvast bedankt!! -
Hey Clarkie, alles is weer normaal. Alweer enorm bedankt voor jullie hulp. Super !
-
Heb ik inderdaad gedaan, maar er stond al een windows 7 versie op die echter niet officieel was en niet correct werkte. Ik heb nu ook nergens de codes moeten ingeven. alles liep vast
-
Hey allen, ik wou een pc even volledig resetten en windows 7 installeren. Tijdens de installatie van windows 7 is deze vast gelopen en wanneer ik de pc nu opstart krijg ik eerst op de blauwe windowsachtergrond de melding "SERVICES STARTEN " en nadien een wit kader met daarin volgende boodschap : "Uw computer is onverwacht opnieuw opgestart of er is een onverwachte fout opgetreden ..... De installatie kan niet doorgaan . klik op ok om herop te starten en opnieuw te installeren." Wanneer je ok klikt, krijg je de melding "de installatie wordt voortgezet nadat de pc is opgestart"; Nadien steeds dezelfde meldingen. ik kan dus niet meer vooruit of achteruit. Kunnen jullie ook hierin helpen? ik ben in het bezit van een officiële windows versie . Alvast bedankt
-
W32 Blaster Worm
dieter9080 reageerde op dieter9080's topic in Archief Bestrijding malware & virussen
Hey Jion, alles lijkt ok te zijn. Bedankt!! ik heb echter nog een tweede probleem op een andere pc. ik wou deze even volledig resetten en windows 7 installeren. Tijdens de installatie van windows 7 is deze vast gelopen en wanneer ik de pc nu opstart krijg ik eerst op de blauwe windowsachtergrond de melding "SERVICES STARTEN " en nadien een wit kader met daarin volgende boodschap : "Uw computer is onverwacht opnieuw opgestart of er is een onverwachte fout opgetreden ..... De installatie kan niet doorgaan . klik op ok om herop te starten en opnieuw te installeren." Wanneer je ok klikt, krijg je de melding "de installatie wordt voortgezet nadat de pc is opgestart"; Nadien steeds dezelfde meldingen. ik kan dus niet meer vooruit of achteruit. Kan je ook hierin helpen? ik ben in het bezit van een officiële windows versie . Alvast bedankt -
W32 Blaster Worm
dieter9080 reageerde op dieter9080's topic in Archief Bestrijding malware & virussen
Beste Jion, ik heb de indruk dat alle problemen van de baan zijn. ik wil je van harte danken voor de snelle en accurate hulp. Jullie zijn top! Tot later! -
W32 Blaster Worm
dieter9080 reageerde op dieter9080's topic in Archief Bestrijding malware & virussen
in bijlage log van Junkware removal ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.5.9 (09.07.2013:1) OS: Windows 7 Home Premium x64 Ran by Dieter on di 10/09/2013 at 21:49:37,35 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstaller_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstaller_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r287-n-bi_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r287-n-bi_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstaller_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstaller_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup-r287-n-bi_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup-r287-n-bi_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2E49288F-9C33-48B4-911B-639DD15B5C2F} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{44cbc005-6243-4502-8a02-3a096a282664}" Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{80703783-e415-4ee3-ab60-d36981c5a6f1}" Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{d8278076-bc68-4484-9233-6e7f1628b56c}" Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{f297534d-7b06-459d-bc19-2dd8ef69297b}" Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{9945959c-aad8-4312-8b57-2de11927e770}" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{6978f29a-3493-40b2-8cdc-9c13a02f85a4}" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{d7949a66-d936-4028-9552-14f7dc50f38d}" ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\fighters" Successfully deleted: [Folder] "C:\Users\Dieter\AppData\Roaming\fighters" Successfully deleted: [Folder] "C:\Program Files (x86)\wiseconvert" Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{0D258889-FB74-4975-9ECA-B4048922E404} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{276DCC3D-26C8-40BA-A98E-8201B5FEF2D6} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{2A79D188-836D-45A4-B2FD-5A6430E4933A} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{46544440-0BBF-4903-B2C3-468391E562E2} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{598E5D35-4712-4CA1-95C7-78B7D594D318} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{6125F2BE-CA5C-48D5-A088-47FF795ABB73} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{782CA37E-6C39-4F90-9883-CC0116787BB8} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{8DAA9BCD-EB39-4E3B-8DD6-95DE9ECBACDE} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{8FDB0EA3-86E8-4C32-82B5-27D99C53A23D} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{9C813BF4-2465-4A05-A5BD-F99BE763460F} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{A9A7F6EA-1888-41AC-9219-59CA6B4111E5} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{AA5205DF-B33D-4F32-905C-CF7FCD38A211} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{B42125FC-D633-4771-BA98-0CD2D4760D0D} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{C5B301F9-172F-49D8-868F-98C288520D60} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{CE663957-19AF-45C0-9C43-F78A14759CA6} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{CE90F71E-5F59-4838-8235-2B7B8194F47C} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{E3976E5C-598A-4475-A89D-D74FC43B7058} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{F09EED17-8BDE-4A79-A617-4AF63BF20998} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{F322ADEB-72AC-443E-BAC8-EC71E0A344B7} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{F6B5F95F-EC6A-4130-AC44-77FCCE62380C} Successfully deleted: [Empty Folder] C:\Users\Dieter\appdata\local\{FF5937A7-4DD3-43BD-AC29-B8C074E34963} ~~~ FireFox Emptied folder: C:\Users\Dieter\AppData\Roaming\mozilla\firefox\profiles\n37i9m6g.default\minidumps [2 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on di 10/09/2013 at 21:57:08,65 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -
W32 Blaster Worm
dieter9080 reageerde op dieter9080's topic in Archief Bestrijding malware & virussen
logbestand van adwcleaner onderstaand # AdwCleaner v3.003 - Report created 10/09/2013 at 21:09:58 # Updated 07/09/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Dieter - LAPTOPDIETER # Running from : C:\Users\Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CAG71JNM\AdwCleaner (1).exe # Option : Clean ***** [ Services ] ***** Service Deleted : APNMCP Service Deleted : VideoDownloadConverter_4zService ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\apn Folder Deleted : C:\ProgramData\Ask Folder Deleted : C:\ProgramData\AskPartnerNetwork Folder Deleted : C:\ProgramData\Browser Manager Folder Deleted : C:\ProgramData\FreeRIP Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\FreeRIP Folder Deleted : C:\Program Files (x86)\VideoDownloadConverter_4z Folder Deleted : C:\Program Files (x86)\Yontoo Folder Deleted : C:\Program Files (x86)\Common Files\Plasmoo Folder Deleted : C:\Users\Dieter\AppData\Local\apn Folder Deleted : C:\Users\Dieter\AppData\Local\Conduit Folder Deleted : C:\Users\Dieter\AppData\Local\cre Folder Deleted : C:\Users\Dieter\AppData\Local\iac Folder Deleted : C:\Users\Dieter\AppData\Local\VideoDownloadConverter_4z Folder Deleted : C:\Users\Dieter\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\Dieter\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Dieter\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Dieter\AppData\LocalLow\searchresultstb Folder Deleted : C:\Users\Dieter\AppData\LocalLow\VideoDownloadConverter_4z Folder Deleted : C:\Users\Dieter\AppData\Roaming\dvdvideosoftiehelpers Folder Deleted : C:\Users\Dieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP Folder Deleted : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\n37i9m6g.default\Smartbar Folder Deleted : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\n37i9m6g.default\CT2269050 Folder Deleted : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\n37i9m6g.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} Folder Deleted : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc Folder Deleted : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo File Deleted : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\n37i9m6g.default\Extensions\plugin@yontoo.com.xpi File Deleted : C:\END File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml File Deleted : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\n37i9m6g.default\searchplugins\dvdvideosofttb-customized-web-search.xml File Deleted : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\n37i9m6g.default\searchplugins\Search_Results.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml File Deleted : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\n37i9m6g.default\user.js File Deleted : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage File Deleted : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Key Deleted : HKCU\Software\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_free-studio-manager[1]_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_free-studio-manager[1]_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_freemind_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_freemind_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_camtasia-studio_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_camtasia-studio_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_gimp_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_gimp_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_imindmap_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_imindmap_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_samsung-kies[1]_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_samsung-kies[1]_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_winzip_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_winzip_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{116BA71C-8187-4F15-9A1F-C9D6289155D1} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\AskPartnerNetwork Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKLM\Software\AskPartnerNetwork Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\iLividSRTB Key Deleted : HKLM\Software\PIP Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16447 -\\ Mozilla Firefox v16.0.1 (nl) [ File : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\n37i9m6g.default\prefs.js ] Line Deleted : user_pref("CT2269050.1000082.isDisplayHidden", "true"); Line Deleted : user_pref("CT2269050.1000082.isPlayDisplay", "true"); Line Deleted : user_pref("CT2269050.1000082.state", "{\"state\":\"stopped\",\"text\":\"Hotmix 108\",\"description\":\"Hotmix 108\",\"url\":\"hxxp://67.202.67.18:8082\"}"); Line Deleted : user_pref("CT2269050.1000234.TWC_TMP_city", "BRUSSELS"); Line Deleted : user_pref("CT2269050.1000234.TWC_TMP_country", "BE"); Line Deleted : user_pref("CT2269050.1000234.TWC_locId", "BEXX0005"); Line Deleted : user_pref("CT2269050.1000234.TWC_location", "Brussels, Belgium"); Line Deleted : user_pref("CT2269050.1000234.TWC_region", "OT"); Line Deleted : user_pref("CT2269050.1000234.TWC_temp_dis", "c"); Line Deleted : user_pref("CT2269050.1000234.TWC_wind_dis", "kmh"); Line Deleted : user_pref("CT2269050.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"14°C\",\"temperatureClear\":\"14°C\",\"highTemperature\":\"16°C\",\"lowTemperature\":\"11°C\",\"feelsLike\":\"14°C\",[...] Line Deleted : user_pref("CT2269050.CBOpenMAMSettings.enc", "MA=="); Line Deleted : user_pref("CT2269050.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT2269050.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT2269050.FirstTime", "true"); Line Deleted : user_pref("CT2269050.FirstTimeFF3", "true"); Line Deleted : user_pref("CT2269050.LoginRevertSettingsEnabled", true); Line Deleted : user_pref("CT2269050.PG_ENABLE", "dHJ1ZQ=="); Line Deleted : user_pref("CT2269050.PG_ENABLE.enc", "dHJ1ZQ=="); Line Deleted : user_pref("CT2269050.RevertSettingsEnabled", true); Line Deleted : user_pref("CT2269050.SearchAppState.enc", "Mw=="); Line Deleted : user_pref("CT2269050.SearchAppTracking.enc", "c2VudA=="); Line Deleted : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q="); Line Deleted : user_pref("CT2269050.UserID", "UN93504817473555591"); Line Deleted : user_pref("CT2269050.addressBarTakeOverEnabledInHidden", "true"); Line Deleted : user_pref("CT2269050.autoDisableScopes", 0); Line Deleted : user_pref("CT2269050.browser.search.defaultthis.engineName", true); Line Deleted : user_pref("CT2269050.cbcountry_001.enc", "QkU="); Line Deleted : user_pref("CT2269050.cbfirsttime.enc", "U3VuIE9jdCAyMSAyMDEyIDE0OjU0OjI3IEdNVCswMjAw"); Line Deleted : user_pref("CT2269050.embeddedsData", "[{\"appId\":\"128834881989343895\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...] Line Deleted : user_pref("CT2269050.enableAlerts", "always"); Line Deleted : user_pref("CT2269050.enableFix404ByUser", "TRUE"); Line Deleted : user_pref("CT2269050.firstTimeDialogOpened", "true"); Line Deleted : user_pref("CT2269050.fixPageNotFoundErrorByUser", "TRUE"); Line Deleted : user_pref("CT2269050.fixPageNotFoundErrorInHidden", "true"); Line Deleted : user_pref("CT2269050.fixUrls", true); Line Deleted : user_pref("CT2269050.hxxp___storage_conduit_com_marketplace_83_6d_8399d181_be98_42f2_b035_1616f617316d_.PriceSparrowUuid.enc", "ODIxNTU1NDctNUYzMS00N0QyLUFERUUtQjQwMTIwRkFBQzNE"); Line Deleted : user_pref("CT2269050.installType", "Unknown"); Line Deleted : user_pref("CT2269050.isCheckedStartAsHidden", true); Line Deleted : user_pref("CT2269050.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT2269050.isFirstTimeToolbarLoading", "false"); Line Deleted : user_pref("CT2269050.isNewTabEnabled", true); Line Deleted : user_pref("CT2269050.isPerformedSmartBarTransition", "true"); Line Deleted : user_pref("CT2269050.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Line Deleted : user_pref("CT2269050.keyword", true); Line Deleted : user_pref("CT2269050.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2269050&octid=CT2269050&SearchSource=15&CUI=UN93504817473555591&SSPV=EB_SSPV&Lay=1&UM=\[...] Line Deleted : user_pref("CT2269050.lastVersion", "10.16.2.509"); Line Deleted : user_pref("CT2269050.mam_gk_appStateReportTime.enc", "MTM3MjUwMTg5OTY3OQ=="); Line Deleted : user_pref("CT2269050.mam_gk_appState_CouponBuddy.enc", "b24="); Line Deleted : user_pref("CT2269050.mam_gk_appState_Easytobook.enc", "b24="); Line Deleted : user_pref("CT2269050.mam_gk_appState_Easytobook_targeted.enc", "b24="); Line Deleted : user_pref("CT2269050.mam_gk_appState_PriceGong.enc", "b24="); Line Deleted : user_pref("CT2269050.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5h[...] Line Deleted : user_pref("CT2269050.mam_gk_appsDefaultEnabled.enc", "bnVsbA=="); Line Deleted : user_pref("CT2269050.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiIzNzQzYmEzNS0zZDEyLTQ3M2ItOTg3ZC0zODU3ZjZjM2NkNDkiLCJ[...] Line Deleted : user_pref("CT2269050.mam_gk_currentVersion.enc", "MS44LjAuNA=="); Line Deleted : user_pref("CT2269050.mam_gk_first_time.enc", "MQ=="); Line Deleted : user_pref("CT2269050.mam_gk_lastLoginTime.enc", "MTM3MjUwMTg5MjQzMQ=="); Line Deleted : user_pref("CT2269050.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJCZWxlaWQgYmV0cmVmZmVuZGUgaW5ob3VkIn0sIm5ld2FwcGxlYXJubW9yZSI6eyJUZXh0IjoiTWVlciBpbmZvcm1hdGllIn0sIm5ld2FwcHRl[...] Line Deleted : user_pref("CT2269050.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ=="); Line Deleted : user_pref("CT2269050.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsd[...] Line Deleted : user_pref("CT2269050.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiQkUiLCJpc1dlbGNvbWVFeHBlc[...] Line Deleted : user_pref("CT2269050.mam_gk_showCloseButton.enc", "dHJ1ZQ=="); Line Deleted : user_pref("CT2269050.mam_gk_showWelcomeGadget.enc", "ZmFsc2U="); Line Deleted : user_pref("CT2269050.mam_gk_userId.enc", "ZTk5MDZkMDQtODVkOS00OTJkLWI0YmYtMTJjYzgzZDcyOGJl"); Line Deleted : user_pref("CT2269050.migrateAppsAndComponents", true); Line Deleted : user_pref("CT2269050.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://DVDVideoSoftTB.OurToolbar.com/\",\"EB_[...] Line Deleted : user_pref("CT2269050.openThankYouPage", "FALSE"); Line Deleted : user_pref("CT2269050.openUninstallPage", "FALSE"); Line Deleted : user_pref("CT2269050.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&CUI=UN93504817473555591&UM=&q="); Line Deleted : user_pref("CT2269050.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"01\\\\/26\\\\/2013 22\\\"}\"}"); Line Deleted : user_pref("CT2269050.price-gong.isManagedApp", "true"); Line Deleted : user_pref("CT2269050.search.searchAppId", "128834881989343895"); Line Deleted : user_pref("CT2269050.search.searchCount", "0"); Line Deleted : user_pref("CT2269050.searchInNewTabEnabledByUser", "true"); Line Deleted : user_pref("CT2269050.searchInNewTabEnabledInHidden", "true"); Line Deleted : user_pref("CT2269050.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT2269050.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Line Deleted : user_pref("CT2269050.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); Line Deleted : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2269050\"}"); Line Deleted : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://DVDVideoSoftTB.OurToolbar.com//xpi\"}"); Line Deleted : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"DVDVideoSoftTB\"}"); Line Deleted : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Deleted : user_pref("CT2269050.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1372502004624"); Line Deleted : user_pref("CT2269050.serviceLayer_services_appsMetadata_lastUpdate", "1372501892993"); Line Deleted : user_pref("CT2269050.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1372502004476"); Line Deleted : user_pref("CT2269050.serviceLayer_services_location_lastUpdate", "1372502003220"); Line Deleted : user_pref("CT2269050.serviceLayer_services_login_10.13.1.89_lastUpdate", "1357572197404"); Line Deleted : user_pref("CT2269050.serviceLayer_services_login_10.13.40.15_lastUpdate", "1366030129577"); Line Deleted : user_pref("CT2269050.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372502004442"); Line Deleted : user_pref("CT2269050.serviceLayer_services_optimizer_lastUpdate", "1355842542944"); Line Deleted : user_pref("CT2269050.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1372502004578"); Line Deleted : user_pref("CT2269050.serviceLayer_services_searchAPI_lastUpdate", "1372502003377"); Line Deleted : user_pref("CT2269050.serviceLayer_services_serviceMap_lastUpdate", "1372502003185"); Line Deleted : user_pref("CT2269050.serviceLayer_services_toolbarContextMenu_lastUpdate", "1372502004523"); Line Deleted : user_pref("CT2269050.serviceLayer_services_toolbarSettings_lastUpdate", "1372501893127"); Line Deleted : user_pref("CT2269050.serviceLayer_services_translation_lastUpdate", "1372502004614"); Line Deleted : user_pref("CT2269050.serviceLayer_services_userApps_lastUpdate", "1366030011611"); Line Deleted : user_pref("CT2269050.settingsINI", true); Line Deleted : user_pref("CT2269050.shouldFirstTimeDialog", "FALSE"); Line Deleted : user_pref("CT2269050.showToolbarPermission", "false"); Line Deleted : user_pref("CT2269050.smartbar.CTID", "CT2269050"); Line Deleted : user_pref("CT2269050.smartbar.Uninstall", "0"); Line Deleted : user_pref("CT2269050.smartbar.homepage", true); Line Deleted : user_pref("CT2269050.smartbar.toolbarName", "DVDVideoSoftTB "); Line Deleted : user_pref("CT2269050.toolbarBornServerTime", "21-10-2012"); Line Deleted : user_pref("CT2269050.toolbarCurrentServerTime", "29-6-2013"); Line Deleted : user_pref("CT2269050.toolbarLoginClientTime", "Tue Apr 23 2013 09:50:17 GMT+0200"); Line Deleted : user_pref("CT2269050.url_history0001.enc", "aHR0cDovL2ZyLndpa2lsb2MuY29tL3dpa2lsb2MvdXNlci5kbz9pZD00ODA3NjU6OjpjbGlja2hhbmRsZXI6OjoxMzU3NTczMzgxMDgwLCwsaHR0cDovL2ZyLndpa2lsb2MuY29tL3dpa2lsb2Mvdmlldy5k[...] Line Deleted : user_pref("CT2269050_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1372501876816,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]"); Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13"); Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "DVDVideoSoftTB Customized Web Search"); Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q="); Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT2269050"); Line Deleted : user_pref("browser.search.defaultenginename", "Search Results"); Line Deleted : user_pref("browser.search.order.1", "Search Results"); Line Deleted : user_pref("browser.search.selectedEngine", "DVDVideoSoftTB Customized Web Search"); Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13"); Line Deleted : user_pref("extensions.enabledAddons", "plugin@yontoo.com:1.20.02,toolbar_MP3RV6@apn.ask.com:12.42737,{872b5b88-9db5-4310-bdd0-ac189557e5f5}:10.16.2.509,{972ce4c6-7e08-4474-a285-3208198ce6fd}:16.0.1"); Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers"); Line Deleted : user_pref("extentions.y2layers.installId", "6e92036c-7301-4f24-99c5-d38e288768d4"); Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&CUI=UN93504817473555591&UM=&q="); Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT2269050"); Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13"); Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&CU[...] Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT2269050"); Line Deleted : user_pref("smartbar.machineId", "IHKLJWC5KZKL9O30E71UDCMBOQHUE9J92YYQEF4+//MUPHQHQB6WGDLYMK7S3HE362AK+S+3J5AJNOQACV0RMA"); Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://www.searchnu.com/406?appid=287"); Line Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q="); Line Deleted : user_pref("smartbar.originalSearchEngine", "Search Results"); ************************* AdwCleaner[R0].txt - [31746 octets] - [10/09/2013 21:09:07] AdwCleaner[s0].txt - [31890 octets] - [10/09/2013 21:09:58] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [31951 octets] ########## -
W32 Blaster Worm
dieter9080 reageerde op dieter9080's topic in Archief Bestrijding malware & virussen
logbestand ComboFix ComboFix 13-09-10.01 - Dieter 10/09/2013 18:41:17.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.2807.1020 [GMT 2:00] Gestart vanuit: c:\users\Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1WJZ7NEF\ComboFix.exe AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Dieter\AppData\Local\assembly\tmp c:\users\Dieter\AppData\Local\assembly\tmp\DM471633\WZSVC.DLL c:\users\Dieter\AppData\Local\assembly\tmp\ZUEMEIM4\AddinExpress.MSO.2005.DLL c:\users\Dieter\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\users\Dieter\AppData\Local\Google\Desktop\Install c:\users\Dieter\AppData\Local\Google\Desktop\Install\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38}\2E2F~1\28F0~1\E628~1\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38}\@ c:\users\Dieter\AppData\Local\Temp\IntResource.dll c:\users\Dieter\jucheck.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2013-08-10 to 2013-09-10 )))))))))))))))))))))))))))))) . . 2013-09-10 16:51 . 2013-09-10 16:51 -------- d-----w- c:\users\Public\AppData\Local\temp 2013-09-10 16:51 . 2013-09-10 16:51 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-09-10 16:06 . 2013-09-10 16:06 -------- d-----w- C:\TDSSKiller_Quarantine 2013-09-10 15:02 . 2013-09-10 15:02 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-09-10 15:02 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-09-06 13:58 . 2013-09-06 13:58 -------- d-----w- c:\users\Dieter\AppData\Local\Programs 2013-08-27 19:08 . 2013-08-27 19:08 -------- d-----w- C:\HP Universal Print Driver 2013-08-27 19:03 . 2013-08-27 19:03 -------- d-----w- C:\LJ1300 2013-08-20 21:29 . 2013-08-20 21:30 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-08-20 21:29 . 2013-08-20 21:30 -------- d-----w- c:\program files\iTunes 2013-08-20 21:29 . 2013-08-20 21:30 -------- d-----w- c:\program files (x86)\iTunes 2013-08-20 21:29 . 2013-08-20 21:29 -------- d-----w- c:\program files\iPod . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-08-21 17:45 . 2012-04-14 16:59 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-08-21 17:45 . 2011-05-20 06:21 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-07-19 23:51 . 2013-07-19 23:51 311608 ----a-w- c:\windows\system32\drivers\avgloga.sys 2013-07-19 23:50 . 2013-07-19 23:50 71480 ----a-w- c:\windows\system32\drivers\avgidsha.sys 2013-07-19 23:50 . 2013-07-19 23:50 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys 2013-07-19 23:50 . 2013-07-19 23:50 206648 ----a-w- c:\windows\system32\drivers\avgldx64.sys 2013-07-09 23:32 . 2013-07-09 23:32 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys 2013-06-30 23:45 . 2013-06-30 23:45 116536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys 2003-03-21 12:45 . 2011-11-08 17:20 250544 ----a-w- c:\program files (x86)\Common Files\keyhelp.ocx . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay] @="{6E4908D0-77D4-431C-A776-7C9FDF4689FB}" [HKEY_CLASSES_ROOT\CLSID\{6E4908D0-77D4-431C-A776-7C9FDF4689FB}] 2011-12-02 16:37 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\Dieter\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\Dieter\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\Dieter\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay] @="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}" [HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}] 2011-12-02 16:37 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-12-27 937360] "KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-12-27 21392] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-15 39408] "Spotify Web Helper"="c:\users\Dieter\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-06-23 1193176] "LaCie Desktop Manager Startup"="c:\program files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe" [2012-04-12 3441664] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696] "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2010-05-26 1545568] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "NeroCheck"="c:\windows\SysWOW64\\NeroCheck.exe" [2001-07-09 155648] "SMART Board Service"="c:\program files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" [2011-07-13 1761136] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-12-27 3508624] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-06-30 4411440] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888] "Genie TimeLine Tray"="c:\program files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe" [2011-02-02 874624] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-08-16 152392] . c:\users\Dieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Dieter\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968] iMindMap6 Preloader.lnk - c:\users\Dieter\.thinkbuzan\imindmap6\preload\iMindMap6_Preloader.exe [2013-4-22 31232] OneNote 2010 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2010-12-21 227712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x] R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys;c:\windows\SYSNATIVE\DRIVERS\avfsfilter.sys [x] R3 OXSDIDRV_x64;Oxford Semi eSATA Filter (x64);c:\windows\system32\DRIVERS\OXSDIDRV_x64.sys;c:\windows\SYSNATIVE\DRIVERS\OXSDIDRV_x64.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x] S1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys;c:\windows\SYSNATIVE\drivers\cbfs3.sys [x] S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x] S2 APNMCP;Ask-updateservice;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x] S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x] S2 GenieTimelineService;Genie Timeline Service;c:\program files\Genie-Soft\Genie Timeline\GenieTimelineService.exe;c:\program files\Genie-Soft\Genie Timeline\GenieTimelineService.exe [x] S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [x] S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x] S2 VideoDownloadConverter_4zService;VideoDownloadConverterService;c:\progra~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe;c:\progra~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe [x] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x] S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTMouseFilterx64.sys [x] S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x] S3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVTabletPCx64.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2013-09-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 17:45] . 2013-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-15 18:39] . 2013-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-15 18:39] . 2013-09-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2019540163-143549655-3842846006-1000Core.job - c:\users\Dieter\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-24 09:54] . 2013-09-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2019540163-143549655-3842846006-1000UA.job - c:\users\Dieter\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-24 09:54] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon1] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2011-05-26 14:11 592384 ----a-w- c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon2] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2011-05-26 14:11 592384 ----a-w- c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon3] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2011-05-26 14:11 592384 ----a-w- c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon4] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2011-05-26 14:11 592384 ----a-w- c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay] @="{6E4908D0-77D4-431C-A776-7C9FDF4689FB}" [HKEY_CLASSES_ROOT\CLSID\{6E4908D0-77D4-431C-A776-7C9FDF4689FB}] 2011-12-02 16:37 191504 ----a-w- c:\windows\System32\CbFsMntNtf3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\Dieter\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\Dieter\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\Dieter\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\Dieter\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay] @="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}" [HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}] 2011-12-02 16:37 191504 ----a-w- c:\windows\System32\CbFsMntNtf3.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-10 206208] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552] "ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-06-11 861216] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360] "VideoDownloadConverter Home Page Guard 64 bit"="c:\progra~2\VIDEOD~2\bar\1.bin\AppIntegrator64.exe" [2013-05-21 548936] . ------- Bijkomende Scan ------- . uStart Page = hxxp://app.zorgkompas.be/care/ uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://packardbell.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB FF - ProfilePath - c:\users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\n37i9m6g.default\ FF - prefs.js: browser.search.selectedEngine - DVDVideoSoftTB Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&CUI=UN93504817473555591&UM=&q= FF - user.js: extentions.y2layers.installId - 6e92036c-7301-4f24-99c5-d38e288768d4 FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffers FF - user.js: extensions.autoDisableScopes - 14 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Wow6432Node-HKLM-Run-ROC_ROC_JULY_P1 - c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe SafeBoot-58853928.sys BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll Toolbar-10 - (no file) WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file) HKLM-Run-LaCie Desktop Manager Launcher - c:\program files\LaCie\Desktop Manager\lacie_launcherd.exe AddRemove-Applet - c:\windows\system32\javaws.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files\Genie-Soft\Genie Timeline\x86\WebServer\PHP\php-cgi.exe c:\program files\Genie-Soft\Genie Timeline\x86\WebServer\nginx\GSTimeLineSearch.exe c:\program files\Genie-Soft\Genie Timeline\x86\WebServer\nginx\GSTimeLineSearch.exe . ************************************************************************** . Voltooingstijd: 2013-09-10 19:03:48 - machine werd herstart ComboFix-quarantined-files.txt 2013-09-10 17:03 . Pre-Run: 171.218.919.424 bytes beschikbaar Post-Run: 171.913.883.648 bytes beschikbaar . - - End Of File - - B38544DCD5DD7B855CC4722B63A38A4F -
W32 Blaster Worm
dieter9080 reageerde op dieter9080's topic in Archief Bestrijding malware & virussen
TDSSKiller uitgevoerd. logbestand onder (2 stuks) 1e niets verwijderd, 2e 3 bastanden laten verwijderen. 18:00:04.0111 0x1304 TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29 18:00:04.0296 0x1304 ============================================================ 18:00:04.0296 0x1304 Current date / time: 2013/09/10 18:00:04.0296 18:00:04.0296 0x1304 SystemInfo: 18:00:04.0296 0x1304 18:00:04.0296 0x1304 OS Version: 6.1.7601 ServicePack: 1.0 18:00:04.0296 0x1304 Product type: Workstation 18:00:04.0296 0x1304 ComputerName: LAPTOPDIETER 18:00:04.0296 0x1304 UserName: Dieter 18:00:04.0296 0x1304 Windows directory: C:\Windows 18:00:04.0296 0x1304 System windows directory: C:\Windows 18:00:04.0296 0x1304 Running under WOW64 18:00:04.0296 0x1304 Processor architecture: Intel x64 18:00:04.0296 0x1304 Number of processors: 4 18:00:04.0296 0x1304 Page size: 0x1000 18:00:04.0296 0x1304 Boot type: Normal boot 18:00:04.0296 0x1304 ============================================================ 18:00:04.0971 0x1304 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:00:04.0976 0x1304 ============================================================ 18:00:04.0976 0x1304 \Device\Harddisk0\DR0: 18:00:04.0976 0x1304 MBR partitions: 18:00:04.0976 0x1304 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000 18:00:04.0981 0x1304 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800 18:00:04.0981 0x1304 ============================================================ 18:00:05.0026 0x1304 C: <-> \Device\Harddisk0\DR0\Partition2 18:00:05.0026 0x1304 ============================================================ 18:00:05.0031 0x1304 Initialize success 18:00:05.0031 0x1304 ============================================================ 18:02:38.0647 0x1ab0 ============================================================ 18:02:38.0647 0x1ab0 Scan started 18:02:38.0647 0x1ab0 Mode: Manual; SigCheck; TDLFS; 18:02:38.0647 0x1ab0 ============================================================ 18:02:41.0767 0x1ab0 ================ Scan system memory ======================== 18:02:41.0767 0x1ab0 System memory - ok 18:02:41.0767 0x1ab0 ================ Scan services ============================= 18:02:42.0141 0x1ab0 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 18:02:42.0500 0x1ab0 1394ohci - ok 18:02:42.0593 0x1ab0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 18:02:42.0625 0x1ab0 ACPI - ok 18:02:42.0687 0x1ab0 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 18:02:42.0812 0x1ab0 AcpiPmi - ok 18:02:42.0937 0x1ab0 [ 34400005DE52842C4D6D4EE978B4D7CE ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe 18:02:42.0999 0x1ab0 AdobeActiveFileMonitor8.0 - ok 18:02:43.0233 0x1ab0 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 18:02:43.0264 0x1ab0 AdobeFlashPlayerUpdateSvc - ok 18:02:43.0327 0x1ab0 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 18:02:43.0358 0x1ab0 adp94xx - ok 18:02:43.0405 0x1ab0 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 18:02:43.0420 0x1ab0 adpahci - ok 18:02:43.0451 0x1ab0 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 18:02:43.0467 0x1ab0 adpu320 - ok 18:02:43.0514 0x1ab0 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:02:43.0732 0x1ab0 AeLookupSvc - ok 18:02:43.0826 0x1ab0 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 18:02:43.0919 0x1ab0 AFD - ok 18:02:44.0029 0x1ab0 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 18:02:44.0044 0x1ab0 agp440 - ok 18:02:44.0075 0x1ab0 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 18:02:44.0138 0x1ab0 ALG - ok 18:02:44.0185 0x1ab0 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 18:02:44.0216 0x1ab0 aliide - ok 18:02:44.0247 0x1ab0 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 18:02:44.0247 0x1ab0 amdide - ok 18:02:44.0278 0x1ab0 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 18:02:44.0372 0x1ab0 AmdK8 - ok 18:02:44.0403 0x1ab0 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 18:02:44.0465 0x1ab0 AmdPPM - ok 18:02:44.0512 0x1ab0 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 18:02:44.0528 0x1ab0 amdsata - ok 18:02:44.0575 0x1ab0 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 18:02:44.0606 0x1ab0 amdsbs - ok 18:02:44.0653 0x1ab0 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 18:02:44.0668 0x1ab0 amdxata - ok 18:02:44.0699 0x1ab0 androidusb - ok 18:02:44.0809 0x1ab0 [ 812A055CF0774160B7FBA37F8637451D ] APNMCP C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe 18:02:44.0824 0x1ab0 APNMCP - ok 18:02:44.0887 0x1ab0 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 18:02:45.0136 0x1ab0 AppID - ok 18:02:45.0199 0x1ab0 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 18:02:45.0292 0x1ab0 AppIDSvc - ok 18:02:45.0339 0x1ab0 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 18:02:45.0433 0x1ab0 Appinfo - ok 18:02:45.0573 0x1ab0 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:02:45.0604 0x1ab0 Apple Mobile Device - ok 18:02:45.0713 0x1ab0 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 18:02:45.0729 0x1ab0 arc - ok 18:02:45.0745 0x1ab0 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 18:02:45.0760 0x1ab0 arcsas - ok 18:02:45.0791 0x1ab0 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:02:45.0854 0x1ab0 AsyncMac - ok 18:02:45.0916 0x1ab0 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 18:02:45.0932 0x1ab0 atapi - ok 18:02:45.0979 0x1ab0 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:02:46.0072 0x1ab0 AudioEndpointBuilder - ok 18:02:46.0088 0x1ab0 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 18:02:46.0135 0x1ab0 AudioSrv - ok 18:02:46.0181 0x1ab0 AVFSFilter - ok 18:02:46.0369 0x1ab0 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe 18:02:46.0525 0x1ab0 AVGIDSAgent - ok 18:02:46.0571 0x1ab0 [ 241C32E942869FD1351CC5864976C3AC ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys 18:02:46.0603 0x1ab0 AVGIDSDriver - ok 18:02:46.0649 0x1ab0 [ C8D9EEACF266512C1FA52E2ECF5AD944 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys 18:02:46.0681 0x1ab0 AVGIDSHA - ok 18:02:46.0727 0x1ab0 [ FACD18A89FDEBC35C85CAF762B294BE2 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys 18:02:46.0759 0x1ab0 Avgldx64 - ok 18:02:46.0837 0x1ab0 [ 29FCDEAC6086FB7E55344B51E35D99CE ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys 18:02:46.0883 0x1ab0 Avgloga - ok 18:02:46.0915 0x1ab0 [ 85053293DCDE19829E8691A9E9E8A6FF ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys 18:02:46.0930 0x1ab0 Avgmfx64 - ok 18:02:46.0961 0x1ab0 [ 0638096A30B7081DAACB8DCC39BD16EF ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys 18:02:46.0977 0x1ab0 Avgrkx64 - ok 18:02:47.0024 0x1ab0 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys 18:02:47.0055 0x1ab0 Avgtdia - ok 18:02:47.0102 0x1ab0 [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe 18:02:47.0117 0x1ab0 avgwd - ok 18:02:47.0164 0x1ab0 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 18:02:47.0289 0x1ab0 AxInstSV - ok 18:02:47.0351 0x1ab0 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 18:02:47.0429 0x1ab0 b06bdrv - ok 18:02:47.0461 0x1ab0 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 18:02:47.0539 0x1ab0 b57nd60a - ok 18:02:47.0585 0x1ab0 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 18:02:47.0648 0x1ab0 BDESVC - ok 18:02:47.0663 0x1ab0 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 18:02:47.0773 0x1ab0 Beep - ok 18:02:47.0851 0x1ab0 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 18:02:47.0944 0x1ab0 BFE - ok 18:02:48.0007 0x1ab0 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 18:02:48.0038 0x1ab0 blbdrive - ok 18:02:48.0147 0x1ab0 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 18:02:48.0178 0x1ab0 Bonjour Service - ok 18:02:48.0225 0x1ab0 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:02:48.0303 0x1ab0 bowser - ok 18:02:48.0319 0x1ab0 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 18:02:48.0412 0x1ab0 BrFiltLo - ok 18:02:48.0443 0x1ab0 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 18:02:48.0490 0x1ab0 BrFiltUp - ok 18:02:48.0537 0x1ab0 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 18:02:48.0615 0x1ab0 BridgeMP - ok 18:02:48.0662 0x1ab0 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll 18:02:48.0740 0x1ab0 Browser - ok 18:02:48.0771 0x1ab0 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 18:02:48.0849 0x1ab0 Brserid - ok 18:02:48.0865 0x1ab0 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 18:02:48.0911 0x1ab0 BrSerWdm - ok 18:02:48.0927 0x1ab0 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 18:02:48.0989 0x1ab0 BrUsbMdm - ok 18:02:49.0005 0x1ab0 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 18:02:49.0052 0x1ab0 BrUsbSer - ok 18:02:49.0083 0x1ab0 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 18:02:49.0145 0x1ab0 BTHMODEM - ok 18:02:49.0192 0x1ab0 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 18:02:49.0270 0x1ab0 bthserv - ok 18:02:49.0333 0x1ab0 catchme - ok 18:02:49.0395 0x1ab0 [ 500D11B4DC045AF6EB7EC4D4F0F5CF08 ] cbfs3 C:\Windows\system32\drivers\cbfs3.sys 18:02:49.0426 0x1ab0 cbfs3 - ok 18:02:49.0442 0x1ab0 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:02:49.0520 0x1ab0 cdfs - ok 18:02:49.0598 0x1ab0 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 18:02:49.0660 0x1ab0 cdrom - ok 18:02:49.0738 0x1ab0 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 18:02:49.0832 0x1ab0 CertPropSvc - ok 18:02:49.0863 0x1ab0 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 18:02:49.0879 0x1ab0 circlass - ok 18:02:49.0910 0x1ab0 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 18:02:49.0925 0x1ab0 CLFS - ok 18:02:50.0019 0x1ab0 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:02:50.0035 0x1ab0 clr_optimization_v2.0.50727_32 - ok 18:02:50.0081 0x1ab0 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:02:50.0097 0x1ab0 clr_optimization_v2.0.50727_64 - ok 18:02:50.0175 0x1ab0 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:02:50.0300 0x1ab0 clr_optimization_v4.0.30319_32 - ok 18:02:50.0347 0x1ab0 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:02:50.0409 0x1ab0 clr_optimization_v4.0.30319_64 - ok 18:02:50.0440 0x1ab0 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 18:02:50.0471 0x1ab0 CmBatt - ok 18:02:50.0487 0x1ab0 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:02:50.0503 0x1ab0 cmdide - ok 18:02:50.0534 0x1ab0 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 18:02:50.0596 0x1ab0 CNG - ok 18:02:50.0627 0x1ab0 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 18:02:50.0643 0x1ab0 Compbatt - ok 18:02:50.0705 0x1ab0 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 18:02:50.0783 0x1ab0 CompositeBus - ok 18:02:50.0799 0x1ab0 COMSysApp - ok 18:02:50.0815 0x1ab0 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 18:02:50.0830 0x1ab0 crcdisk - ok 18:02:50.0893 0x1ab0 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:02:50.0971 0x1ab0 CryptSvc - ok 18:02:51.0033 0x1ab0 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:02:51.0158 0x1ab0 DcomLaunch - ok 18:02:51.0205 0x1ab0 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 18:02:51.0267 0x1ab0 defragsvc - ok 18:02:51.0329 0x1ab0 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 18:02:51.0423 0x1ab0 DfsC - ok 18:02:51.0470 0x1ab0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 18:02:51.0579 0x1ab0 Dhcp - ok 18:02:51.0595 0x1ab0 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 18:02:51.0688 0x1ab0 discache - ok 18:02:51.0751 0x1ab0 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 18:02:51.0766 0x1ab0 Disk - ok 18:02:51.0797 0x1ab0 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:02:51.0860 0x1ab0 Dnscache - ok 18:02:51.0922 0x1ab0 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 18:02:52.0016 0x1ab0 dot3svc - ok 18:02:52.0063 0x1ab0 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 18:02:52.0094 0x1ab0 DPS - ok 18:02:52.0125 0x1ab0 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:02:52.0203 0x1ab0 drmkaud - ok 18:02:52.0281 0x1ab0 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe 18:02:52.0312 0x1ab0 DsiWMIService - ok 18:02:52.0375 0x1ab0 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:02:52.0437 0x1ab0 DXGKrnl - ok 18:02:52.0484 0x1ab0 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 18:02:52.0562 0x1ab0 EapHost - ok 18:02:52.0655 0x1ab0 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 18:02:52.0780 0x1ab0 ebdrv - ok 18:02:52.0827 0x1ab0 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 18:02:52.0905 0x1ab0 EFS - ok 18:02:52.0967 0x1ab0 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:02:53.0061 0x1ab0 ehRecvr - ok 18:02:53.0108 0x1ab0 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 18:02:53.0186 0x1ab0 ehSched - ok 18:02:53.0217 0x1ab0 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 18:02:53.0248 0x1ab0 elxstor - ok 18:02:53.0311 0x1ab0 [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe 18:02:53.0389 0x1ab0 ePowerSvc - ok 18:02:53.0404 0x1ab0 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 18:02:53.0451 0x1ab0 ErrDev - ok 18:02:53.0498 0x1ab0 [ 0975BF32399A24117E317B5BF1D5D0AA ] ETD C:\Windows\system32\DRIVERS\ETD.sys 18:02:53.0513 0x1ab0 ETD - ok 18:02:53.0545 0x1ab0 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 18:02:53.0591 0x1ab0 EventSystem - ok 18:02:53.0623 0x1ab0 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 18:02:53.0685 0x1ab0 exfat - ok 18:02:53.0716 0x1ab0 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:02:53.0779 0x1ab0 fastfat - ok 18:02:53.0857 0x1ab0 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 18:02:53.0935 0x1ab0 Fax - ok 18:02:53.0966 0x1ab0 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 18:02:53.0981 0x1ab0 fdc - ok 18:02:53.0997 0x1ab0 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 18:02:54.0075 0x1ab0 fdPHost - ok 18:02:54.0106 0x1ab0 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 18:02:54.0184 0x1ab0 FDResPub - ok 18:02:54.0200 0x1ab0 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:02:54.0215 0x1ab0 FileInfo - ok 18:02:54.0231 0x1ab0 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:02:54.0325 0x1ab0 Filetrace - ok 18:02:54.0387 0x1ab0 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 18:02:54.0403 0x1ab0 FLEXnet Licensing Service - ok 18:02:54.0418 0x1ab0 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 18:02:54.0434 0x1ab0 flpydisk - ok 18:02:54.0481 0x1ab0 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:02:54.0496 0x1ab0 FltMgr - ok 18:02:54.0543 0x1ab0 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 18:02:54.0637 0x1ab0 FontCache - ok 18:02:54.0715 0x1ab0 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:02:54.0730 0x1ab0 FontCache3.0.0.0 - ok 18:02:54.0761 0x1ab0 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 18:02:54.0777 0x1ab0 FsDepends - ok 18:02:54.0824 0x1ab0 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 18:02:54.0839 0x1ab0 fssfltr - ok 18:02:54.0964 0x1ab0 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 18:02:55.0027 0x1ab0 fsssvc - ok 18:02:55.0073 0x1ab0 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:02:55.0105 0x1ab0 Fs_Rec - ok 18:02:55.0151 0x1ab0 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 18:02:55.0183 0x1ab0 fvevol - ok 18:02:55.0214 0x1ab0 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 18:02:55.0229 0x1ab0 gagp30kx - ok 18:02:55.0354 0x1ab0 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe 18:02:55.0401 0x1ab0 GameConsoleService - ok 18:02:55.0463 0x1ab0 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 18:02:55.0463 0x1ab0 GEARAspiWDM - ok 18:02:55.0541 0x1ab0 [ C591513CBE63957F7D39CEEABE372BA0 ] GenieTimelineService C:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe 18:02:55.0573 0x1ab0 GenieTimelineService - ok 18:02:55.0651 0x1ab0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 18:02:55.0744 0x1ab0 gpsvc - ok 18:02:55.0822 0x1ab0 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe 18:02:55.0838 0x1ab0 GREGService - ok 18:02:55.0900 0x1ab0 [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys 18:02:55.0916 0x1ab0 grmnusb - ok 18:02:55.0963 0x1ab0 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:02:55.0978 0x1ab0 gupdate - ok 18:02:56.0009 0x1ab0 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:02:56.0025 0x1ab0 gupdatem - ok 18:02:56.0041 0x1ab0 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 18:02:56.0056 0x1ab0 gusvc - ok 18:02:56.0056 0x1ab0 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 18:02:56.0134 0x1ab0 hcw85cir - ok 18:02:56.0197 0x1ab0 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:02:56.0259 0x1ab0 HdAudAddService - ok 18:02:56.0321 0x1ab0 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 18:02:56.0368 0x1ab0 HDAudBus - ok 18:02:56.0431 0x1ab0 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 18:02:56.0431 0x1ab0 HECIx64 - ok 18:02:56.0446 0x1ab0 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 18:02:56.0477 0x1ab0 HidBatt - ok 18:02:56.0509 0x1ab0 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 18:02:56.0540 0x1ab0 HidBth - ok 18:02:56.0571 0x1ab0 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 18:02:56.0602 0x1ab0 HidIr - ok 18:02:56.0633 0x1ab0 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 18:02:56.0727 0x1ab0 hidserv - ok 18:02:56.0758 0x1ab0 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 18:02:56.0789 0x1ab0 HidUsb - ok 18:02:56.0836 0x1ab0 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 18:02:56.0899 0x1ab0 hkmsvc - ok 18:02:56.0977 0x1ab0 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 18:02:57.0055 0x1ab0 HomeGroupListener - ok 18:02:57.0086 0x1ab0 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 18:02:57.0148 0x1ab0 HomeGroupProvider - ok 18:02:57.0179 0x1ab0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 18:02:57.0195 0x1ab0 HpSAMD - ok 18:02:57.0273 0x1ab0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:02:57.0382 0x1ab0 HTTP - ok 18:02:57.0413 0x1ab0 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 18:02:57.0445 0x1ab0 hwpolicy - ok 18:02:57.0491 0x1ab0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 18:02:57.0523 0x1ab0 i8042prt - ok 18:02:57.0569 0x1ab0 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 18:02:57.0585 0x1ab0 iaStor - ok 18:02:57.0663 0x1ab0 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 18:02:57.0679 0x1ab0 IAStorDataMgrSvc - ok 18:02:57.0741 0x1ab0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 18:02:57.0757 0x1ab0 iaStorV - ok 18:02:57.0803 0x1ab0 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:02:57.0850 0x1ab0 idsvc - ok 18:02:58.0084 0x1ab0 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 18:02:58.0505 0x1ab0 igfx - ok 18:02:58.0537 0x1ab0 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 18:02:58.0568 0x1ab0 iirsp - ok 18:02:58.0599 0x1ab0 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 18:02:58.0693 0x1ab0 IKEEXT - ok 18:02:58.0755 0x1ab0 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys 18:02:58.0817 0x1ab0 Impcd - ok 18:02:58.0911 0x1ab0 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 18:02:59.0098 0x1ab0 IntcAzAudAddService - ok 18:02:59.0145 0x1ab0 [ 03C74719D48056A1078F3A51CEB76BAA ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 18:02:59.0207 0x1ab0 IntcDAud - ok 18:02:59.0239 0x1ab0 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 18:02:59.0254 0x1ab0 intelide - ok 18:02:59.0270 0x1ab0 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 18:02:59.0301 0x1ab0 intelppm - ok 18:02:59.0363 0x1ab0 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:02:59.0395 0x1ab0 IPBusEnum - ok 18:02:59.0457 0x1ab0 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:02:59.0535 0x1ab0 IpFilterDriver - ok 18:02:59.0629 0x1ab0 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 18:02:59.0707 0x1ab0 iphlpsvc - ok 18:02:59.0738 0x1ab0 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 18:02:59.0785 0x1ab0 IPMIDRV - ok 18:02:59.0831 0x1ab0 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 18:02:59.0909 0x1ab0 IPNAT - ok 18:03:00.0019 0x1ab0 [ 78486992AC657AE5065C4A2135838570 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 18:03:00.0081 0x1ab0 iPod Service - ok 18:03:00.0112 0x1ab0 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 18:03:00.0206 0x1ab0 IRENUM - ok 18:03:00.0253 0x1ab0 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:03:00.0268 0x1ab0 isapnp - ok 18:03:00.0315 0x1ab0 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 18:03:00.0331 0x1ab0 iScsiPrt - ok 18:03:00.0377 0x1ab0 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys 18:03:00.0393 0x1ab0 k57nd60a - ok 18:03:00.0424 0x1ab0 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 18:03:00.0440 0x1ab0 kbdclass - ok 18:03:00.0471 0x1ab0 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 18:03:00.0487 0x1ab0 kbdhid - ok 18:03:00.0502 0x1ab0 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 18:03:00.0502 0x1ab0 KeyIso - ok 18:03:00.0533 0x1ab0 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:03:00.0549 0x1ab0 KSecDD - ok 18:03:00.0565 0x1ab0 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 18:03:00.0580 0x1ab0 KSecPkg - ok 18:03:00.0596 0x1ab0 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 18:03:00.0674 0x1ab0 ksthunk - ok 18:03:00.0721 0x1ab0 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 18:03:00.0799 0x1ab0 KtmRm - ok 18:03:00.0908 0x1ab0 [ AE7318E309AAB3B7A836BA75A7F3D7C6 ] LaCieDesktopManagerService C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe 18:03:00.0986 0x1ab0 LaCieDesktopManagerService ( UnsignedFile.Multi.Generic ) - warning 18:03:00.0986 0x1ab0 LaCieDesktopManagerService - detected UnsignedFile.Multi.Generic (1) 18:03:01.0048 0x1ab0 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 18:03:01.0111 0x1ab0 LanmanServer - ok 18:03:01.0173 0x1ab0 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:03:01.0251 0x1ab0 LanmanWorkstation - ok 18:03:01.0298 0x1ab0 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:03:01.0376 0x1ab0 lltdio - ok 18:03:01.0407 0x1ab0 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:03:01.0485 0x1ab0 lltdsvc - ok 18:03:01.0501 0x1ab0 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:03:01.0532 0x1ab0 lmhosts - ok 18:03:01.0547 0x1ab0 lmimirr - ok 18:03:01.0641 0x1ab0 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 18:03:01.0657 0x1ab0 LMS - ok 18:03:01.0703 0x1ab0 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 18:03:01.0719 0x1ab0 LSI_FC - ok 18:03:01.0735 0x1ab0 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 18:03:01.0750 0x1ab0 LSI_SAS - ok 18:03:01.0766 0x1ab0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 18:03:01.0781 0x1ab0 LSI_SAS2 - ok 18:03:01.0797 0x1ab0 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 18:03:01.0813 0x1ab0 LSI_SCSI - ok 18:03:01.0844 0x1ab0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 18:03:01.0906 0x1ab0 luafv - ok 18:03:01.0984 0x1ab0 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 18:03:02.0016 0x1ab0 MBAMProtector - ok 18:03:02.0109 0x1ab0 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 18:03:02.0140 0x1ab0 MBAMScheduler - ok 18:03:02.0187 0x1ab0 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 18:03:02.0203 0x1ab0 MBAMService - ok 18:03:02.0234 0x1ab0 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:03:02.0312 0x1ab0 Mcx2Svc - ok 18:03:02.0328 0x1ab0 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 18:03:02.0343 0x1ab0 megasas - ok 18:03:02.0359 0x1ab0 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 18:03:02.0374 0x1ab0 MegaSR - ok 18:03:02.0484 0x1ab0 Microsoft SharePoint Workspace Audit Service - ok 18:03:02.0530 0x1ab0 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 18:03:02.0608 0x1ab0 MMCSS - ok 18:03:02.0624 0x1ab0 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 18:03:02.0686 0x1ab0 Modem - ok 18:03:02.0749 0x1ab0 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:03:02.0811 0x1ab0 monitor - ok 18:03:02.0874 0x1ab0 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 18:03:02.0889 0x1ab0 mouclass - ok 18:03:02.0905 0x1ab0 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 18:03:02.0952 0x1ab0 mouhid - ok 18:03:02.0998 0x1ab0 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 18:03:03.0014 0x1ab0 mountmgr - ok 18:03:03.0076 0x1ab0 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 18:03:03.0076 0x1ab0 MozillaMaintenance - ok 18:03:03.0123 0x1ab0 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 18:03:03.0154 0x1ab0 mpio - ok 18:03:03.0170 0x1ab0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:03:03.0232 0x1ab0 mpsdrv - ok 18:03:03.0357 0x1ab0 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 18:03:03.0435 0x1ab0 MpsSvc - ok 18:03:03.0466 0x1ab0 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:03:03.0544 0x1ab0 MRxDAV - ok 18:03:03.0576 0x1ab0 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:03:03.0638 0x1ab0 mrxsmb - ok 18:03:03.0685 0x1ab0 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:03:03.0716 0x1ab0 mrxsmb10 - ok 18:03:03.0747 0x1ab0 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:03:03.0794 0x1ab0 mrxsmb20 - ok 18:03:03.0825 0x1ab0 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 18:03:03.0841 0x1ab0 msahci - ok 18:03:03.0856 0x1ab0 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:03:03.0872 0x1ab0 msdsm - ok 18:03:03.0919 0x1ab0 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 18:03:03.0934 0x1ab0 MSDTC - ok 18:03:03.0966 0x1ab0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:03:04.0012 0x1ab0 Msfs - ok 18:03:04.0044 0x1ab0 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 18:03:04.0106 0x1ab0 mshidkmdf - ok 18:03:04.0137 0x1ab0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:03:04.0153 0x1ab0 msisadrv - ok 18:03:04.0184 0x1ab0 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:03:04.0215 0x1ab0 MSiSCSI - ok 18:03:04.0231 0x1ab0 msiserver - ok 18:03:04.0262 0x1ab0 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:03:04.0340 0x1ab0 MSKSSRV - ok 18:03:04.0371 0x1ab0 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:03:04.0434 0x1ab0 MSPCLOCK - ok 18:03:04.0465 0x1ab0 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:03:04.0512 0x1ab0 MSPQM - ok 18:03:04.0558 0x1ab0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:03:04.0574 0x1ab0 MsRPC - ok 18:03:04.0590 0x1ab0 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 18:03:04.0590 0x1ab0 mssmbios - ok 18:03:04.0605 0x1ab0 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:03:04.0652 0x1ab0 MSTEE - ok 18:03:04.0699 0x1ab0 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 18:03:04.0730 0x1ab0 MTConfig - ok 18:03:04.0746 0x1ab0 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 18:03:04.0761 0x1ab0 Mup - ok 18:03:04.0808 0x1ab0 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 18:03:04.0917 0x1ab0 napagent - ok 18:03:04.0964 0x1ab0 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:03:04.0995 0x1ab0 NativeWifiP - ok 18:03:05.0042 0x1ab0 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys 18:03:05.0073 0x1ab0 NDIS - ok 18:03:05.0104 0x1ab0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 18:03:05.0136 0x1ab0 NdisCap - ok 18:03:05.0167 0x1ab0 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:03:05.0214 0x1ab0 NdisTapi - ok 18:03:05.0292 0x1ab0 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:03:05.0370 0x1ab0 Ndisuio - ok 18:03:05.0401 0x1ab0 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:03:05.0463 0x1ab0 NdisWan - ok 18:03:05.0541 0x1ab0 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:03:05.0604 0x1ab0 NDProxy - ok 18:03:05.0697 0x1ab0 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 18:03:05.0760 0x1ab0 Nero BackItUp Scheduler 4.0 - ok 18:03:05.0838 0x1ab0 [ 1AB24A3DF1A458FA517364CBD69CCDF6 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 18:03:05.0838 0x1ab0 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:03:05.0838 0x1ab0 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:03:05.0853 0x1ab0 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:03:05.0916 0x1ab0 NetBIOS - ok 18:03:05.0962 0x1ab0 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 18:03:06.0009 0x1ab0 NetBT - ok 18:03:06.0040 0x1ab0 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 18:03:06.0056 0x1ab0 Netlogon - ok 18:03:06.0087 0x1ab0 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 18:03:06.0150 0x1ab0 Netman - ok 18:03:06.0181 0x1ab0 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 18:03:06.0228 0x1ab0 netprofm - ok 18:03:06.0259 0x1ab0 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:03:06.0259 0x1ab0 NetTcpPortSharing - ok 18:03:06.0306 0x1ab0 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 18:03:06.0321 0x1ab0 nfrd960 - ok 18:03:06.0384 0x1ab0 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 18:03:06.0477 0x1ab0 NlaSvc - ok 18:03:06.0493 0x1ab0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:03:06.0540 0x1ab0 Npfs - ok 18:03:06.0555 0x1ab0 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 18:03:06.0618 0x1ab0 nsi - ok 18:03:06.0649 0x1ab0 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:03:06.0711 0x1ab0 nsiproxy - ok 18:03:06.0789 0x1ab0 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:03:06.0883 0x1ab0 Ntfs - ok 18:03:06.0930 0x1ab0 [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe 18:03:06.0945 0x1ab0 NTI IScheduleSvc - ok 18:03:06.0961 0x1ab0 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys 18:03:06.0961 0x1ab0 NTIDrvr - ok 18:03:06.0976 0x1ab0 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 18:03:07.0054 0x1ab0 Null - ok 18:03:07.0117 0x1ab0 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:03:07.0148 0x1ab0 nvraid - ok 18:03:07.0179 0x1ab0 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:03:07.0195 0x1ab0 nvstor - ok 18:03:07.0257 0x1ab0 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:03:07.0257 0x1ab0 nv_agp - ok 18:03:07.0304 0x1ab0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 18:03:07.0351 0x1ab0 ohci1394 - ok 18:03:07.0444 0x1ab0 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:03:07.0460 0x1ab0 ose - ok 18:03:07.0678 0x1ab0 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 18:03:07.0819 0x1ab0 osppsvc - ok 18:03:07.0881 0x1ab0 [ DAF5D6B1696D42140839CD557336EFC8 ] OXSDIDRV_x64 C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys 18:03:07.0897 0x1ab0 OXSDIDRV_x64 - ok 18:03:07.0928 0x1ab0 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 18:03:08.0006 0x1ab0 p2pimsvc - ok 18:03:08.0053 0x1ab0 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 18:03:08.0100 0x1ab0 p2psvc - ok 18:03:08.0131 0x1ab0 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 18:03:08.0162 0x1ab0 Parport - ok 18:03:08.0209 0x1ab0 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:03:08.0240 0x1ab0 partmgr - ok 18:03:08.0256 0x1ab0 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 18:03:08.0302 0x1ab0 PcaSvc - ok 18:03:08.0334 0x1ab0 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 18:03:08.0349 0x1ab0 pci - ok 18:03:08.0365 0x1ab0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 18:03:08.0380 0x1ab0 pciide - ok 18:03:08.0396 0x1ab0 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 18:03:08.0412 0x1ab0 pcmcia - ok 18:03:08.0443 0x1ab0 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 18:03:08.0443 0x1ab0 pcw - ok 18:03:08.0474 0x1ab0 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:03:08.0552 0x1ab0 PEAUTH - ok 18:03:08.0661 0x1ab0 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 18:03:08.0692 0x1ab0 PerfHost - ok 18:03:08.0724 0x1ab0 pfc - ok 18:03:08.0802 0x1ab0 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 18:03:08.0926 0x1ab0 pla - ok 18:03:09.0020 0x1ab0 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:03:09.0114 0x1ab0 PlugPlay - ok 18:03:09.0160 0x1ab0 [ 17A0A09C8C1CA72BBFB3D9E3B0A5E018 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 18:03:09.0160 0x1ab0 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:03:09.0160 0x1ab0 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:03:09.0176 0x1ab0 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 18:03:09.0207 0x1ab0 PNRPAutoReg - ok 18:03:09.0238 0x1ab0 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 18:03:09.0254 0x1ab0 PNRPsvc - ok 18:03:09.0285 0x1ab0 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:03:09.0348 0x1ab0 PolicyAgent - ok 18:03:09.0394 0x1ab0 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 18:03:09.0457 0x1ab0 Power - ok 18:03:09.0519 0x1ab0 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:03:09.0613 0x1ab0 PptpMiniport - ok 18:03:09.0660 0x1ab0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 18:03:09.0675 0x1ab0 Processor - ok 18:03:09.0706 0x1ab0 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 18:03:09.0784 0x1ab0 ProfSvc - ok 18:03:09.0800 0x1ab0 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 18:03:09.0816 0x1ab0 ProtectedStorage - ok 18:03:09.0862 0x1ab0 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 18:03:09.0925 0x1ab0 Psched - ok 18:03:09.0972 0x1ab0 PxHelp20 - ok 18:03:09.0987 0x1ab0 [ FBF4DB6D53585437E41A113300002A2B ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 18:03:10.0003 0x1ab0 PxHlpa64 - ok 18:03:10.0050 0x1ab0 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 18:03:10.0112 0x1ab0 ql2300 - ok 18:03:10.0128 0x1ab0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 18:03:10.0143 0x1ab0 ql40xx - ok 18:03:10.0190 0x1ab0 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 18:03:10.0237 0x1ab0 QWAVE - ok 18:03:10.0252 0x1ab0 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:03:10.0268 0x1ab0 QWAVEdrv - ok 18:03:10.0346 0x1ab0 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 18:03:10.0377 0x1ab0 RapiMgr - ok 18:03:10.0393 0x1ab0 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:03:10.0455 0x1ab0 RasAcd - ok 18:03:10.0502 0x1ab0 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 18:03:10.0580 0x1ab0 RasAgileVpn - ok 18:03:10.0611 0x1ab0 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 18:03:10.0658 0x1ab0 RasAuto - ok 18:03:10.0689 0x1ab0 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:03:10.0736 0x1ab0 Rasl2tp - ok 18:03:10.0783 0x1ab0 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 18:03:10.0876 0x1ab0 RasMan - ok 18:03:10.0908 0x1ab0 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:03:10.0970 0x1ab0 RasPppoe - ok 18:03:11.0001 0x1ab0 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:03:11.0048 0x1ab0 RasSstp - ok 18:03:11.0110 0x1ab0 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:03:11.0188 0x1ab0 rdbss - ok 18:03:11.0220 0x1ab0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 18:03:11.0251 0x1ab0 rdpbus - ok 18:03:11.0282 0x1ab0 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:03:11.0313 0x1ab0 RDPCDD - ok 18:03:11.0329 0x1ab0 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:03:11.0360 0x1ab0 RDPENCDD - ok 18:03:11.0391 0x1ab0 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 18:03:11.0438 0x1ab0 RDPREFMP - ok 18:03:11.0485 0x1ab0 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:03:11.0547 0x1ab0 RDPWD - ok 18:03:11.0610 0x1ab0 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 18:03:11.0625 0x1ab0 rdyboost - ok 18:03:11.0672 0x1ab0 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 18:03:11.0719 0x1ab0 RemoteAccess - ok 18:03:11.0734 0x1ab0 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:03:11.0797 0x1ab0 RemoteRegistry - ok 18:03:11.0828 0x1ab0 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 18:03:11.0890 0x1ab0 RpcEptMapper - ok 18:03:11.0937 0x1ab0 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 18:03:11.0953 0x1ab0 RpcLocator - ok 18:03:12.0000 0x1ab0 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 18:03:12.0046 0x1ab0 RpcSs - ok 18:03:12.0062 0x1ab0 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:03:12.0140 0x1ab0 rspndr - ok 18:03:12.0202 0x1ab0 [ 763AE0C6D9DF4C24B7E2C26036A8188A ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 18:03:12.0234 0x1ab0 RSUSBSTOR - ok 18:03:12.0280 0x1ab0 [ 183C4139EC67E7506927DE5EAD28CAAE ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys 18:03:12.0327 0x1ab0 rtl8192se - ok 18:03:12.0343 0x1ab0 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 18:03:12.0358 0x1ab0 SamSs - ok 18:03:12.0405 0x1ab0 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:03:12.0436 0x1ab0 sbp2port - ok 18:03:12.0452 0x1ab0 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:03:12.0530 0x1ab0 SCardSvr - ok 18:03:12.0577 0x1ab0 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 18:03:12.0655 0x1ab0 scfilter - ok 18:03:12.0702 0x1ab0 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 18:03:12.0842 0x1ab0 Schedule - ok 18:03:12.0889 0x1ab0 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 18:03:12.0920 0x1ab0 SCPolicySvc - ok 18:03:12.0967 0x1ab0 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:03:13.0045 0x1ab0 SDRSVC - ok 18:03:13.0060 0x1ab0 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:03:13.0123 0x1ab0 secdrv - ok 18:03:13.0170 0x1ab0 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 18:03:13.0248 0x1ab0 seclogon - ok 18:03:13.0279 0x1ab0 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 18:03:13.0341 0x1ab0 SENS - ok 18:03:13.0372 0x1ab0 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 18:03:13.0404 0x1ab0 SensrSvc - ok 18:03:13.0419 0x1ab0 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 18:03:13.0450 0x1ab0 Serenum - ok 18:03:13.0482 0x1ab0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 18:03:13.0528 0x1ab0 Serial - ok 18:03:13.0591 0x1ab0 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 18:03:13.0606 0x1ab0 sermouse - ok 18:03:13.0669 0x1ab0 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 18:03:13.0731 0x1ab0 SessionEnv - ok 18:03:13.0762 0x1ab0 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 18:03:13.0794 0x1ab0 sffdisk - ok 18:03:13.0809 0x1ab0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:03:13.0840 0x1ab0 sffp_mmc - ok 18:03:13.0872 0x1ab0 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 18:03:13.0903 0x1ab0 sffp_sd - ok 18:03:13.0934 0x1ab0 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 18:03:13.0950 0x1ab0 sfloppy - ok 18:03:14.0012 0x1ab0 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 18:03:14.0074 0x1ab0 SharedAccess - ok 18:03:14.0121 0x1ab0 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:03:14.0184 0x1ab0 ShellHWDetection - ok 18:03:14.0230 0x1ab0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 18:03:14.0246 0x1ab0 SiSRaid2 - ok 18:03:14.0262 0x1ab0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 18:03:14.0277 0x1ab0 SiSRaid4 - ok 18:03:14.0324 0x1ab0 [ D335450B591CA26F421D7F975399DDC3 ] SMARTMouseFilterx64 C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys 18:03:14.0355 0x1ab0 SMARTMouseFilterx64 - ok 18:03:14.0371 0x1ab0 [ CE70BFC09969B480627D0ED8DD7B3943 ] SMARTVHidMiniVistaAmd64 C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys 18:03:14.0386 0x1ab0 SMARTVHidMiniVistaAmd64 - ok 18:03:14.0418 0x1ab0 [ 9EB228E604FA70636E5A3C7C2A2FE304 ] SMARTVTabletPCx64 C:\Windows\system32\DRIVERS\SMARTVTabletPCx64.sys 18:03:14.0418 0x1ab0 SMARTVTabletPCx64 - ok 18:03:14.0449 0x1ab0 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:03:14.0496 0x1ab0 Smb - ok 18:03:14.0542 0x1ab0 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:03:14.0605 0x1ab0 SNMPTRAP - ok 18:03:14.0605 0x1ab0 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 18:03:14.0620 0x1ab0 spldr - ok 18:03:14.0667 0x1ab0 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe 18:03:14.0730 0x1ab0 Spooler - ok 18:03:14.0854 0x1ab0 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 18:03:15.0042 0x1ab0 sppsvc - ok 18:03:15.0057 0x1ab0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 18:03:15.0120 0x1ab0 sppuinotify - ok 18:03:15.0166 0x1ab0 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 18:03:15.0213 0x1ab0 srv - ok 18:03:15.0244 0x1ab0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:03:15.0260 0x1ab0 srv2 - ok 18:03:15.0276 0x1ab0 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:03:15.0307 0x1ab0 srvnet - ok 18:03:15.0338 0x1ab0 ssadbus - ok 18:03:15.0354 0x1ab0 ssadmdfl - ok 18:03:15.0354 0x1ab0 ssadmdm - ok 18:03:15.0369 0x1ab0 ssadserd - ok 18:03:15.0400 0x1ab0 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:03:15.0478 0x1ab0 SSDPSRV - ok 18:03:15.0494 0x1ab0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:03:15.0572 0x1ab0 SstpSvc - ok 18:03:15.0588 0x1ab0 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 18:03:15.0619 0x1ab0 stexstor - ok 18:03:15.0681 0x1ab0 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 18:03:15.0759 0x1ab0 stisvc - ok 18:03:15.0790 0x1ab0 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 18:03:15.0806 0x1ab0 swenum - ok 18:03:15.0822 0x1ab0 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 18:03:15.0900 0x1ab0 swprv - ok 18:03:15.0978 0x1ab0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 18:03:16.0102 0x1ab0 SysMain - ok 18:03:16.0134 0x1ab0 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:03:16.0196 0x1ab0 TabletInputService - ok 18:03:16.0258 0x1ab0 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 18:03:16.0321 0x1ab0 TapiSrv - ok 18:03:16.0352 0x1ab0 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 18:03:16.0446 0x1ab0 TBS - ok 18:03:16.0555 0x1ab0 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:03:16.0633 0x1ab0 Tcpip - ok 18:03:16.0664 0x1ab0 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 18:03:16.0711 0x1ab0 TCPIP6 - ok 18:03:16.0742 0x1ab0 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:03:16.0789 0x1ab0 tcpipreg - ok 18:03:16.0836 0x1ab0 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:03:16.0914 0x1ab0 TDPIPE - ok 18:03:16.0929 0x1ab0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:03:16.0960 0x1ab0 TDTCP - ok 18:03:17.0007 0x1ab0 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:03:17.0054 0x1ab0 tdx - ok 18:03:17.0272 0x1ab0 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe 18:03:17.0413 0x1ab0 TeamViewer8 - ok 18:03:17.0444 0x1ab0 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 18:03:17.0460 0x1ab0 TermDD - ok 18:03:17.0522 0x1ab0 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 18:03:17.0631 0x1ab0 TermService - ok 18:03:17.0647 0x1ab0 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 18:03:17.0678 0x1ab0 Themes - ok 18:03:17.0725 0x1ab0 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 18:03:17.0756 0x1ab0 THREADORDER - ok 18:03:17.0772 0x1ab0 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 18:03:17.0834 0x1ab0 TrkWks - ok 18:03:17.0912 0x1ab0 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:03:17.0974 0x1ab0 TrustedInstaller - ok 18:03:18.0021 0x1ab0 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:03:18.0084 0x1ab0 tssecsrv - ok 18:03:18.0162 0x1ab0 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 18:03:18.0193 0x1ab0 TsUsbFlt - ok 18:03:18.0240 0x1ab0 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:03:18.0333 0x1ab0 tunnel - ok 18:03:18.0364 0x1ab0 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 18:03:18.0380 0x1ab0 uagp35 - ok 18:03:18.0396 0x1ab0 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys 18:03:18.0396 0x1ab0 UBHelper - ok 18:03:18.0442 0x1ab0 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:03:18.0489 0x1ab0 udfs - ok 18:03:18.0520 0x1ab0 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:03:18.0536 0x1ab0 UI0Detect - ok 18:03:18.0552 0x1ab0 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:03:18.0567 0x1ab0 uliagpkx - ok 18:03:18.0630 0x1ab0 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 18:03:18.0645 0x1ab0 umbus - ok 18:03:18.0645 0x1ab0 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 18:03:18.0661 0x1ab0 UmPass - ok 18:03:18.0786 0x1ab0 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 18:03:18.0864 0x1ab0 UNS - ok 18:03:18.0910 0x1ab0 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe 18:03:18.0942 0x1ab0 Updater Service - ok 18:03:18.0957 0x1ab0 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 18:03:19.0051 0x1ab0 upnphost - ok 18:03:19.0082 0x1ab0 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 18:03:19.0144 0x1ab0 USBAAPL64 - ok 18:03:19.0238 0x1ab0 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 18:03:19.0300 0x1ab0 usbaudio - ok 18:03:19.0316 0x1ab0 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 18:03:19.0378 0x1ab0 usbccgp - ok 18:03:19.0410 0x1ab0 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:03:19.0472 0x1ab0 usbcir - ok 18:03:19.0519 0x1ab0 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 18:03:19.0566 0x1ab0 usbehci - ok 18:03:19.0612 0x1ab0 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:03:19.0659 0x1ab0 usbhub - ok 18:03:19.0690 0x1ab0 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 18:03:19.0706 0x1ab0 usbohci - ok 18:03:19.0737 0x1ab0 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 18:03:19.0800 0x1ab0 usbprint - ok 18:03:19.0815 0x1ab0 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:03:19.0909 0x1ab0 USBSTOR - ok 18:03:19.0924 0x1ab0 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 18:03:19.0971 0x1ab0 usbuhci - ok 18:03:20.0018 0x1ab0 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 18:03:20.0065 0x1ab0 usbvideo - ok 18:03:20.0112 0x1ab0 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys 18:03:20.0127 0x1ab0 usb_rndisx - ok 18:03:20.0143 0x1ab0 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 18:03:20.0236 0x1ab0 UxSms - ok 18:03:20.0268 0x1ab0 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 18:03:20.0268 0x1ab0 VaultSvc - ok 18:03:20.0330 0x1ab0 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 18:03:20.0330 0x1ab0 vdrvroot - ok 18:03:20.0392 0x1ab0 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 18:03:20.0455 0x1ab0 vds - ok 18:03:20.0502 0x1ab0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:03:20.0517 0x1ab0 vga - ok 18:03:20.0548 0x1ab0 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 18:03:20.0580 0x1ab0 VgaSave - ok 18:03:20.0611 0x1ab0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 18:03:20.0626 0x1ab0 vhdmp - ok 18:03:20.0642 0x1ab0 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 18:03:20.0642 0x1ab0 viaide - ok 18:03:20.0751 0x1ab0 [ 622FCF264119F7DF127BE353F796B319 ] VideoDownloadConverter_4zService C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe 18:03:20.0767 0x1ab0 VideoDownloadConverter_4zService - ok 18:03:20.0814 0x1ab0 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:03:20.0829 0x1ab0 volmgr - ok 18:03:20.0876 0x1ab0 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:03:20.0923 0x1ab0 volmgrx - ok 18:03:20.0938 0x1ab0 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:03:20.0954 0x1ab0 volsnap - ok 18:03:20.0970 0x1ab0 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 18:03:20.0985 0x1ab0 vsmraid - ok 18:03:21.0063 0x1ab0 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 18:03:21.0219 0x1ab0 VSS - ok 18:03:21.0235 0x1ab0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 18:03:21.0250 0x1ab0 vwifibus - ok 18:03:21.0297 0x1ab0 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 18:03:21.0313 0x1ab0 vwififlt - ok 18:03:21.0328 0x1ab0 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 18:03:21.0360 0x1ab0 vwifimp - ok 18:03:21.0391 0x1ab0 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 18:03:21.0469 0x1ab0 W32Time - ok 18:03:21.0500 0x1ab0 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 18:03:21.0531 0x1ab0 WacomPen - ok 18:03:21.0562 0x1ab0 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 18:03:21.0625 0x1ab0 WANARP - ok 18:03:21.0656 0x1ab0 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:03:21.0687 0x1ab0 Wanarpv6 - ok 18:03:21.0750 0x1ab0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 18:03:21.0796 0x1ab0 WatAdminSvc - ok 18:03:21.0874 0x1ab0 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 18:03:21.0968 0x1ab0 wbengine - ok 18:03:21.0984 0x1ab0 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 18:03:22.0030 0x1ab0 WbioSrvc - ok 18:03:22.0077 0x1ab0 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 18:03:22.0093 0x1ab0 WcesComm - ok 18:03:22.0124 0x1ab0 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:03:22.0155 0x1ab0 wcncsvc - ok 18:03:22.0171 0x1ab0 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:03:22.0186 0x1ab0 WcsPlugInService - ok 18:03:22.0202 0x1ab0 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 18:03:22.0218 0x1ab0 Wd - ok 18:03:22.0249 0x1ab0 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:03:22.0264 0x1ab0 Wdf01000 - ok 18:03:22.0280 0x1ab0 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:03:22.0374 0x1ab0 WdiServiceHost - ok 18:03:22.0389 0x1ab0 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:03:22.0405 0x1ab0 WdiSystemHost - ok 18:03:22.0452 0x1ab0 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 18:03:22.0498 0x1ab0 WebClient - ok 18:03:22.0530 0x1ab0 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:03:22.0576 0x1ab0 Wecsvc - ok 18:03:22.0592 0x1ab0 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:03:22.0670 0x1ab0 wercplsupport - ok 18:03:22.0686 0x1ab0 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 18:03:22.0732 0x1ab0 WerSvc - ok 18:03:22.0779 0x1ab0 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 18:03:22.0842 0x1ab0 WfpLwf - ok 18:03:22.0873 0x1ab0 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 18:03:22.0888 0x1ab0 WIMMount - ok 18:03:22.0920 0x1ab0 WinDefend - ok 18:03:22.0920 0x1ab0 WinHttpAutoProxySvc - ok 18:03:22.0998 0x1ab0 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:03:23.0076 0x1ab0 Winmgmt - ok 18:03:23.0138 0x1ab0 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 18:03:23.0263 0x1ab0 WinRM - ok 18:03:23.0356 0x1ab0 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 18:03:23.0403 0x1ab0 WinUsb - ok 18:03:23.0450 0x1ab0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 18:03:23.0512 0x1ab0 Wlansvc - ok 18:03:23.0559 0x1ab0 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 18:03:23.0575 0x1ab0 wlcrasvc - ok 18:03:23.0715 0x1ab0 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:03:23.0778 0x1ab0 wlidsvc - ok 18:03:23.0840 0x1ab0 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 18:03:23.0887 0x1ab0 WmiAcpi - ok 18:03:23.0918 0x1ab0 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:03:23.0965 0x1ab0 wmiApSrv - ok 18:03:23.0996 0x1ab0 WMPNetworkSvc - ok 18:03:24.0012 0x1ab0 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:03:24.0058 0x1ab0 WPCSvc - ok 18:03:24.0105 0x1ab0 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:03:24.0152 0x1ab0 WPDBusEnum - ok 18:03:24.0199 0x1ab0 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:03:24.0261 0x1ab0 ws2ifsl - ok 18:03:24.0339 0x1ab0 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 18:03:24.0386 0x1ab0 wscsvc - ok 18:03:24.0386 0x1ab0 WSearch - ok 18:03:24.0495 0x1ab0 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 18:03:24.0589 0x1ab0 wuauserv - ok 18:03:24.0604 0x1ab0 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 18:03:24.0667 0x1ab0 WudfPf - ok 18:03:24.0729 0x1ab0 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:03:24.0792 0x1ab0 WUDFRd - ok 18:03:24.0838 0x1ab0 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:03:24.0885 0x1ab0 wudfsvc - ok 18:03:24.0901 0x1ab0 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 18:03:24.0963 0x1ab0 WwanSvc - ok 18:03:24.0994 0x1ab0 ================ Scan global =============================== 18:03:25.0026 0x1ab0 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 18:03:25.0088 0x1ab0 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 18:03:25.0088 0x1ab0 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 18:03:25.0119 0x1ab0 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 18:03:25.0150 0x1ab0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 18:03:25.0166 0x1ab0 [Global] - ok 18:03:25.0166 0x1ab0 ================ Scan MBR ================================== 18:03:25.0182 0x1ab0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 18:03:25.0650 0x1ab0 \Device\Harddisk0\DR0 - ok 18:03:25.0650 0x1ab0 ================ Scan VBR ================================== 18:03:25.0650 0x1ab0 [ BE0975FAB15E31B7907EAECC17732A27 ] \Device\Harddisk0\DR0\Partition1 18:03:25.0665 0x1ab0 \Device\Harddisk0\DR0\Partition1 - ok 18:03:25.0696 0x1ab0 [ BC7F11FDCAC38CD397BC308107C71066 ] \Device\Harddisk0\DR0\Partition2 18:03:25.0696 0x1ab0 \Device\Harddisk0\DR0\Partition2 - ok 18:03:25.0696 0x1ab0 ============================================================ 18:03:25.0696 0x1ab0 Scan finished 18:03:25.0696 0x1ab0 ============================================================ 18:03:25.0712 0x1ca0 Detected object count: 3 18:03:25.0712 0x1ca0 Actual detected object count: 3 18:04:21.0997 0x1ca0 LaCieDesktopManagerService ( UnsignedFile.Multi.Generic ) - skipped by user 18:04:21.0997 0x1ca0 LaCieDesktopManagerService ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:04:21.0997 0x1ca0 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:04:22.0012 0x1ca0 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:04:22.0012 0x1ca0 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:04:22.0012 0x1ca0 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:04:27.0457 0x0db8 ============================================================ 18:04:27.0457 0x0db8 Scan started 18:04:27.0457 0x0db8 Mode: Manual; SigCheck; TDLFS; 18:04:27.0457 0x0db8 ============================================================ 18:04:27.0628 0x0db8 ================ Scan system memory ======================== 18:04:27.0628 0x0db8 System memory - ok 18:04:27.0628 0x0db8 ================ Scan services ============================= 18:04:27.0940 0x0db8 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 18:04:27.0987 0x0db8 1394ohci - ok 18:04:28.0034 0x0db8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 18:04:28.0065 0x0db8 ACPI - ok 18:04:28.0112 0x0db8 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 18:04:28.0128 0x0db8 AcpiPmi - ok 18:04:28.0237 0x0db8 [ 34400005DE52842C4D6D4EE978B4D7CE ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe 18:04:28.0268 0x0db8 AdobeActiveFileMonitor8.0 - ok 18:04:28.0377 0x0db8 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 18:04:28.0408 0x0db8 AdobeFlashPlayerUpdateSvc - ok 18:04:28.0455 0x0db8 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 18:04:28.0486 0x0db8 adp94xx - ok 18:04:28.0502 0x0db8 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 18:04:28.0518 0x0db8 adpahci - ok 18:04:28.0549 0x0db8 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 18:04:28.0564 0x0db8 adpu320 - ok 18:04:28.0596 0x0db8 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:04:28.0627 0x0db8 AeLookupSvc - ok 18:04:28.0674 0x0db8 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 18:04:28.0689 0x0db8 AFD - ok 18:04:28.0736 0x0db8 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 18:04:28.0767 0x0db8 agp440 - ok 18:04:28.0783 0x0db8 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 18:04:28.0798 0x0db8 ALG - ok 18:04:28.0814 0x0db8 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 18:04:28.0830 0x0db8 aliide - ok 18:04:28.0845 0x0db8 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 18:04:28.0845 0x0db8 amdide - ok 18:04:28.0876 0x0db8 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 18:04:28.0876 0x0db8 AmdK8 - ok 18:04:28.0892 0x0db8 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 18:04:28.0908 0x0db8 AmdPPM - ok 18:04:28.0954 0x0db8 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 18:04:28.0970 0x0db8 amdsata - ok 18:04:28.0986 0x0db8 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 18:04:29.0001 0x0db8 amdsbs - ok 18:04:29.0048 0x0db8 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 18:04:29.0064 0x0db8 amdxata - ok 18:04:29.0064 0x0db8 androidusb - ok 18:04:29.0142 0x0db8 [ 812A055CF0774160B7FBA37F8637451D ] APNMCP C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe 18:04:29.0157 0x0db8 APNMCP - ok 18:04:29.0204 0x0db8 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 18:04:29.0251 0x0db8 AppID - ok 18:04:29.0251 0x0db8 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 18:04:29.0298 0x0db8 AppIDSvc - ok 18:04:29.0344 0x0db8 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 18:04:29.0391 0x0db8 Appinfo - ok 18:04:29.0485 0x0db8 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:04:29.0516 0x0db8 Apple Mobile Device - ok 18:04:29.0547 0x0db8 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 18:04:29.0547 0x0db8 arc - ok 18:04:29.0563 0x0db8 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 18:04:29.0578 0x0db8 arcsas - ok 18:04:29.0610 0x0db8 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:04:29.0672 0x0db8 AsyncMac - ok 18:04:29.0703 0x0db8 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 18:04:29.0719 0x0db8 atapi - ok 18:04:29.0766 0x0db8 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:04:29.0844 0x0db8 AudioEndpointBuilder - ok 18:04:29.0875 0x0db8 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 18:04:29.0922 0x0db8 AudioSrv - ok 18:04:29.0937 0x0db8 AVFSFilter - ok 18:04:30.0093 0x0db8 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe 18:04:30.0156 0x0db8 AVGIDSAgent - ok 18:04:30.0202 0x0db8 [ 241C32E942869FD1351CC5864976C3AC ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys 18:04:30.0202 0x0db8 AVGIDSDriver - ok 18:04:30.0249 0x0db8 [ C8D9EEACF266512C1FA52E2ECF5AD944 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys 18:04:30.0265 0x0db8 AVGIDSHA - ok 18:04:30.0312 0x0db8 [ FACD18A89FDEBC35C85CAF762B294BE2 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys 18:04:30.0343 0x0db8 Avgldx64 - ok 18:04:30.0390 0x0db8 [ 29FCDEAC6086FB7E55344B51E35D99CE ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys 18:04:30.0405 0x0db8 Avgloga - ok 18:04:30.0436 0x0db8 [ 85053293DCDE19829E8691A9E9E8A6FF ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys 18:04:30.0452 0x0db8 Avgmfx64 - ok 18:04:30.0483 0x0db8 [ 0638096A30B7081DAACB8DCC39BD16EF ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys 18:04:30.0514 0x0db8 Avgrkx64 - ok 18:04:30.0561 0x0db8 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys 18:04:30.0577 0x0db8 Avgtdia - ok 18:04:30.0639 0x0db8 [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe 18:04:30.0639 0x0db8 avgwd - ok 18:04:30.0686 0x0db8 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 18:04:30.0702 0x0db8 AxInstSV - ok 18:04:30.0733 0x0db8 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 18:04:30.0748 0x0db8 b06bdrv - ok 18:04:30.0764 0x0db8 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 18:04:30.0780 0x0db8 b57nd60a - ok 18:04:30.0811 0x0db8 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 18:04:30.0826 0x0db8 BDESVC - ok 18:04:30.0858 0x0db8 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 18:04:30.0889 0x0db8 Beep - ok 18:04:30.0936 0x0db8 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 18:04:30.0998 0x0db8 BFE - ok 18:04:31.0029 0x0db8 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 18:04:31.0029 0x0db8 blbdrive - ok 18:04:31.0123 0x0db8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 18:04:31.0154 0x0db8 Bonjour Service - ok 18:04:31.0185 0x0db8 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:04:31.0185 0x0db8 bowser - ok 18:04:31.0201 0x0db8 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 18:04:31.0216 0x0db8 BrFiltLo - ok 18:04:31.0232 0x0db8 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 18:04:31.0248 0x0db8 BrFiltUp - ok 18:04:31.0279 0x0db8 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 18:04:31.0310 0x0db8 BridgeMP - ok 18:04:31.0357 0x0db8 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll 18:04:31.0404 0x0db8 Browser - ok 18:04:31.0419 0x0db8 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 18:04:31.0450 0x0db8 Brserid - ok 18:04:31.0466 0x0db8 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 18:04:31.0482 0x0db8 BrSerWdm - ok 18:04:31.0497 0x0db8 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 18:04:31.0513 0x0db8 BrUsbMdm - ok 18:04:31.0528 0x0db8 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 18:04:31.0544 0x0db8 BrUsbSer - ok 18:04:31.0560 0x0db8 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 18:04:31.0575 0x0db8 BTHMODEM - ok 18:04:31.0591 0x0db8 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 18:04:31.0622 0x0db8 bthserv - ok 18:04:31.0638 0x0db8 catchme - ok 18:04:31.0684 0x0db8 [ 500D11B4DC045AF6EB7EC4D4F0F5CF08 ] cbfs3 C:\Windows\system32\drivers\cbfs3.sys 18:04:31.0716 0x0db8 cbfs3 - ok 18:04:31.0731 0x0db8 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:04:31.0778 0x0db8 cdfs - ok 18:04:31.0825 0x0db8 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 18:04:31.0840 0x0db8 cdrom - ok 18:04:31.0887 0x0db8 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 18:04:31.0934 0x0db8 CertPropSvc - ok 18:04:31.0934 0x0db8 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 18:04:31.0950 0x0db8 circlass - ok 18:04:31.0965 0x0db8 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 18:04:31.0981 0x0db8 CLFS - ok 18:04:32.0074 0x0db8 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:04:32.0090 0x0db8 clr_optimization_v2.0.50727_32 - ok 18:04:32.0121 0x0db8 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:04:32.0137 0x0db8 clr_optimization_v2.0.50727_64 - ok 18:04:32.0199 0x0db8 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:04:32.0215 0x0db8 clr_optimization_v4.0.30319_32 - ok 18:04:32.0262 0x0db8 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:04:32.0277 0x0db8 clr_optimization_v4.0.30319_64 - ok 18:04:32.0293 0x0db8 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 18:04:32.0308 0x0db8 CmBatt - ok 18:04:32.0324 0x0db8 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:04:32.0340 0x0db8 cmdide - ok 18:04:32.0371 0x0db8 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 18:04:32.0386 0x0db8 CNG - ok 18:04:32.0402 0x0db8 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 18:04:32.0418 0x0db8 Compbatt - ok 18:04:32.0464 0x0db8 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 18:04:32.0496 0x0db8 CompositeBus - ok 18:04:32.0496 0x0db8 COMSysApp - ok 18:04:32.0511 0x0db8 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 18:04:32.0527 0x0db8 crcdisk - ok 18:04:32.0558 0x0db8 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:04:32.0574 0x0db8 CryptSvc - ok 18:04:32.0636 0x0db8 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:04:32.0683 0x0db8 DcomLaunch - ok 18:04:32.0714 0x0db8 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 18:04:32.0761 0x0db8 defragsvc - ok 18:04:32.0808 0x0db8 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 18:04:32.0854 0x0db8 DfsC - ok 18:04:32.0901 0x0db8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 18:04:32.0964 0x0db8 Dhcp - ok 18:04:32.0979 0x0db8 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 18:04:33.0026 0x0db8 discache - ok 18:04:33.0042 0x0db8 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 18:04:33.0057 0x0db8 Disk - ok 18:04:33.0088 0x0db8 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:04:33.0104 0x0db8 Dnscache - ok 18:04:33.0151 0x0db8 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 18:04:33.0198 0x0db8 dot3svc - ok 18:04:33.0244 0x0db8 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 18:04:33.0307 0x0db8 DPS - ok 18:04:33.0322 0x0db8 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:04:33.0322 0x0db8 drmkaud - ok 18:04:33.0416 0x0db8 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe 18:04:33.0447 0x0db8 DsiWMIService - ok 18:04:33.0510 0x0db8 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:04:33.0556 0x0db8 DXGKrnl - ok 18:04:33.0588 0x0db8 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 18:04:33.0634 0x0db8 EapHost - ok 18:04:33.0728 0x0db8 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 18:04:33.0822 0x0db8 ebdrv - ok 18:04:33.0853 0x0db8 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 18:04:33.0868 0x0db8 EFS - ok 18:04:33.0946 0x0db8 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:04:33.0978 0x0db8 ehRecvr - ok 18:04:34.0009 0x0db8 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 18:04:34.0024 0x0db8 ehSched - ok 18:04:34.0056 0x0db8 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 18:04:34.0071 0x0db8 elxstor - ok 18:04:34.0149 0x0db8 [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe 18:04:34.0180 0x0db8 ePowerSvc - ok 18:04:34.0212 0x0db8 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 18:04:34.0227 0x0db8 ErrDev - ok 18:04:34.0243 0x0db8 [ 0975BF32399A24117E317B5BF1D5D0AA ] ETD C:\Windows\system32\DRIVERS\ETD.sys 18:04:34.0258 0x0db8 ETD - ok 18:04:34.0274 0x0db8 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 18:04:34.0321 0x0db8 EventSystem - ok 18:04:34.0336 0x0db8 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 18:04:34.0383 0x0db8 exfat - ok 18:04:34.0414 0x0db8 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:04:34.0461 0x0db8 fastfat - ok 18:04:34.0508 0x0db8 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 18:04:34.0539 0x0db8 Fax - ok 18:04:34.0570 0x0db8 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 18:04:34.0586 0x0db8 fdc - ok 18:04:34.0602 0x0db8 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 18:04:34.0633 0x0db8 fdPHost - ok 18:04:34.0648 0x0db8 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 18:04:34.0695 0x0db8 FDResPub - ok 18:04:34.0711 0x0db8 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:04:34.0726 0x0db8 FileInfo - ok 18:04:34.0742 0x0db8 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:04:34.0773 0x0db8 Filetrace - ok 18:04:34.0820 0x0db8 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 18:04:34.0836 0x0db8 FLEXnet Licensing Service - ok 18:04:34.0851 0x0db8 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 18:04:34.0867 0x0db8 flpydisk - ok 18:04:34.0914 0x0db8 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:04:34.0945 0x0db8 FltMgr - ok 18:04:35.0007 0x0db8 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 18:04:35.0070 0x0db8 FontCache - ok 18:04:35.0148 0x0db8 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:04:35.0163 0x0db8 FontCache3.0.0.0 - ok 18:04:35.0179 0x0db8 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 18:04:35.0194 0x0db8 FsDepends - ok 18:04:35.0226 0x0db8 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 18:04:35.0241 0x0db8 fssfltr - ok 18:04:35.0350 0x0db8 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 18:04:35.0397 0x0db8 fsssvc - ok 18:04:35.0444 0x0db8 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:04:35.0475 0x0db8 Fs_Rec - ok 18:04:35.0506 0x0db8 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 18:04:35.0538 0x0db8 fvevol - ok 18:04:35.0553 0x0db8 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 18:04:35.0553 0x0db8 gagp30kx - ok 18:04:35.0647 0x0db8 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe 18:04:35.0662 0x0db8 GameConsoleService - ok 18:04:35.0709 0x0db8 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 18:04:35.0725 0x0db8 GEARAspiWDM - ok 18:04:35.0787 0x0db8 [ C591513CBE63957F7D39CEEABE372BA0 ] GenieTimelineService C:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe 18:04:35.0803 0x0db8 GenieTimelineService - ok 18:04:35.0865 0x0db8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 18:04:35.0928 0x0db8 gpsvc - ok 18:04:35.0990 0x0db8 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe 18:04:36.0006 0x0db8 GREGService - ok 18:04:36.0052 0x0db8 [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys 18:04:36.0052 0x0db8 grmnusb - ok 18:04:36.0084 0x0db8 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:04:36.0099 0x0db8 gupdate - ok 18:04:36.0115 0x0db8 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:04:36.0130 0x0db8 gupdatem - ok 18:04:36.0130 0x0db8 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 18:04:36.0146 0x0db8 gusvc - ok 18:04:36.0177 0x0db8 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 18:04:36.0193 0x0db8 hcw85cir - ok 18:04:36.0240 0x0db8 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:04:36.0255 0x0db8 HdAudAddService - ok 18:04:36.0302 0x0db8 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 18:04:36.0333 0x0db8 HDAudBus - ok 18:04:36.0364 0x0db8 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 18:04:36.0380 0x0db8 HECIx64 - ok 18:04:36.0396 0x0db8 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 18:04:36.0411 0x0db8 HidBatt - ok 18:04:36.0427 0x0db8 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 18:04:36.0442 0x0db8 HidBth - ok 18:04:36.0458 0x0db8 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 18:04:36.0474 0x0db8 HidIr - ok 18:04:36.0505 0x0db8 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 18:04:36.0552 0x0db8 hidserv - ok 18:04:36.0552 0x0db8 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 18:04:36.0567 0x0db8 HidUsb - ok 18:04:36.0614 0x0db8 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 18:04:36.0676 0x0db8 hkmsvc - ok 18:04:36.0723 0x0db8 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 18:04:36.0754 0x0db8 HomeGroupListener - ok 18:04:36.0801 0x0db8 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 18:04:36.0817 0x0db8 HomeGroupProvider - ok 18:04:36.0832 0x0db8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 18:04:36.0848 0x0db8 HpSAMD - ok 18:04:36.0895 0x0db8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:04:36.0942 0x0db8 HTTP - ok 18:04:37.0004 0x0db8 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 18:04:37.0004 0x0db8 hwpolicy - ok 18:04:37.0051 0x0db8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 18:04:37.0066 0x0db8 i8042prt - ok 18:04:37.0082 0x0db8 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 18:04:37.0098 0x0db8 iaStor - ok 18:04:37.0160 0x0db8 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 18:04:37.0176 0x0db8 IAStorDataMgrSvc - ok 18:04:37.0207 0x0db8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 18:04:37.0222 0x0db8 iaStorV - ok 18:04:37.0269 0x0db8 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:04:37.0300 0x0db8 idsvc - ok 18:04:37.0534 0x0db8 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 18:04:37.0706 0x0db8 igfx - ok 18:04:37.0722 0x0db8 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 18:04:37.0722 0x0db8 iirsp - ok 18:04:37.0753 0x0db8 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 18:04:37.0800 0x0db8 IKEEXT - ok 18:04:37.0846 0x0db8 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys 18:04:37.0846 0x0db8 Impcd - ok 18:04:37.0924 0x0db8 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 18:04:37.0971 0x0db8 IntcAzAudAddService - ok 18:04:38.0002 0x0db8 [ 03C74719D48056A1078F3A51CEB76BAA ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 18:04:38.0002 0x0db8 IntcDAud - ok 18:04:38.0034 0x0db8 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 18:04:38.0049 0x0db8 intelide - ok 18:04:38.0065 0x0db8 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 18:04:38.0080 0x0db8 intelppm - ok 18:04:38.0112 0x0db8 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:04:38.0158 0x0db8 IPBusEnum - ok 18:04:38.0190 0x0db8 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:04:38.0252 0x0db8 IpFilterDriver - ok 18:04:38.0299 0x0db8 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 18:04:38.0377 0x0db8 iphlpsvc - ok 18:04:38.0408 0x0db8 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 18:04:38.0424 0x0db8 IPMIDRV - ok 18:04:38.0439 0x0db8 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 18:04:38.0486 0x0db8 IPNAT - ok 18:04:38.0548 0x0db8 [ 78486992AC657AE5065C4A2135838570 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 18:04:38.0564 0x0db8 iPod Service - ok 18:04:38.0580 0x0db8 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 18:04:38.0611 0x0db8 IRENUM - ok 18:04:38.0642 0x0db8 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:04:38.0658 0x0db8 isapnp - ok 18:04:38.0704 0x0db8 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 18:04:38.0736 0x0db8 iScsiPrt - ok 18:04:38.0798 0x0db8 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys 18:04:38.0829 0x0db8 k57nd60a - ok 18:04:38.0845 0x0db8 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 18:04:38.0845 0x0db8 kbdclass - ok 18:04:38.0876 0x0db8 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 18:04:38.0876 0x0db8 kbdhid - ok 18:04:38.0892 0x0db8 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 18:04:38.0892 0x0db8 KeyIso - ok 18:04:38.0923 0x0db8 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:04:38.0938 0x0db8 KSecDD - ok 18:04:38.0954 0x0db8 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 18:04:38.0970 0x0db8 KSecPkg - ok 18:04:38.0985 0x0db8 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 18:04:39.0016 0x0db8 ksthunk - ok 18:04:39.0048 0x0db8 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 18:04:39.0094 0x0db8 KtmRm - ok 18:04:39.0204 0x0db8 [ AE7318E309AAB3B7A836BA75A7F3D7C6 ] LaCieDesktopManagerService C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe 18:04:39.0250 0x0db8 LaCieDesktopManagerService ( UnsignedFile.Multi.Generic ) - warning 18:04:39.0250 0x0db8 LaCieDesktopManagerService - detected UnsignedFile.Multi.Generic (1) 18:04:39.0266 0x0db8 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 18:04:39.0313 0x0db8 LanmanServer - ok 18:04:39.0360 0x0db8 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:04:39.0406 0x0db8 LanmanWorkstation - ok 18:04:39.0422 0x0db8 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:04:39.0469 0x0db8 lltdio - ok 18:04:39.0500 0x0db8 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:04:39.0547 0x0db8 lltdsvc - ok 18:04:39.0562 0x0db8 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:04:39.0609 0x0db8 lmhosts - ok 18:04:39.0609 0x0db8 lmimirr - ok 18:04:39.0672 0x0db8 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 18:04:39.0687 0x0db8 LMS - ok 18:04:39.0718 0x0db8 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 18:04:39.0718 0x0db8 LSI_FC - ok 18:04:39.0750 0x0db8 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 18:04:39.0750 0x0db8 LSI_SAS - ok 18:04:39.0765 0x0db8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 18:04:39.0781 0x0db8 LSI_SAS2 - ok 18:04:39.0796 0x0db8 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 18:04:39.0812 0x0db8 LSI_SCSI - ok 18:04:39.0828 0x0db8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 18:04:39.0859 0x0db8 luafv - ok 18:04:39.0906 0x0db8 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 18:04:39.0906 0x0db8 MBAMProtector - ok 18:04:39.0968 0x0db8 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 18:04:39.0999 0x0db8 MBAMScheduler - ok 18:04:40.0030 0x0db8 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 18:04:40.0062 0x0db8 MBAMService - ok 18:04:40.0124 0x0db8 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:04:40.0155 0x0db8 Mcx2Svc - ok 18:04:40.0171 0x0db8 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 18:04:40.0186 0x0db8 megasas - ok 18:04:40.0202 0x0db8 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 18:04:40.0218 0x0db8 MegaSR - ok 18:04:40.0296 0x0db8 Microsoft SharePoint Workspace Audit Service - ok 18:04:40.0358 0x0db8 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 18:04:40.0405 0x0db8 MMCSS - ok 18:04:40.0436 0x0db8 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 18:04:40.0467 0x0db8 Modem - ok 18:04:40.0483 0x0db8 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:04:40.0498 0x0db8 monitor - ok 18:04:40.0545 0x0db8 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 18:04:40.0561 0x0db8 mouclass - ok 18:04:40.0576 0x0db8 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 18:04:40.0592 0x0db8 mouhid - ok 18:04:40.0639 0x0db8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 18:04:40.0670 0x0db8 mountmgr - ok 18:04:40.0717 0x0db8 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 18:04:40.0732 0x0db8 MozillaMaintenance - ok 18:04:40.0764 0x0db8 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 18:04:40.0795 0x0db8 mpio - ok 18:04:40.0810 0x0db8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:04:40.0873 0x0db8 mpsdrv - ok 18:04:40.0920 0x0db8 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 18:04:40.0966 0x0db8 MpsSvc - ok 18:04:41.0013 0x0db8 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:04:41.0044 0x0db8 MRxDAV - ok 18:04:41.0076 0x0db8 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:04:41.0091 0x0db8 mrxsmb - ok 18:04:41.0122 0x0db8 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:04:41.0154 0x0db8 mrxsmb10 - ok 18:04:41.0169 0x0db8 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:04:41.0200 0x0db8 mrxsmb20 - ok 18:04:41.0216 0x0db8 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 18:04:41.0232 0x0db8 msahci - ok 18:04:41.0232 0x0db8 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:04:41.0247 0x0db8 msdsm - ok 18:04:41.0263 0x0db8 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 18:04:41.0278 0x0db8 MSDTC - ok 18:04:41.0310 0x0db8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:04:41.0341 0x0db8 Msfs - ok 18:04:41.0356 0x0db8 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 18:04:41.0388 0x0db8 mshidkmdf - ok 18:04:41.0434 0x0db8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:04:41.0450 0x0db8 msisadrv - ok 18:04:41.0481 0x0db8 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:04:41.0512 0x0db8 MSiSCSI - ok 18:04:41.0528 0x0db8 msiserver - ok 18:04:41.0575 0x0db8 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:04:41.0622 0x0db8 MSKSSRV - ok 18:04:41.0637 0x0db8 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:04:41.0668 0x0db8 MSPCLOCK - ok 18:04:41.0684 0x0db8 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:04:41.0715 0x0db8 MSPQM - ok 18:04:41.0778 0x0db8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:04:41.0793 0x0db8 MsRPC - ok 18:04:41.0809 0x0db8 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 18:04:41.0824 0x0db8 mssmbios - ok 18:04:41.0840 0x0db8 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:04:41.0871 0x0db8 MSTEE - ok 18:04:41.0902 0x0db8 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 18:04:41.0918 0x0db8 MTConfig - ok 18:04:41.0918 0x0db8 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 18:04:41.0934 0x0db8 Mup - ok 18:04:41.0980 0x0db8 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 18:04:42.0074 0x0db8 napagent - ok 18:04:42.0090 0x0db8 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:04:42.0121 0x0db8 NativeWifiP - ok 18:04:42.0136 0x0db8 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys 18:04:42.0152 0x0db8 NDIS - ok 18:04:42.0168 0x0db8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 18:04:42.0214 0x0db8 NdisCap - ok 18:04:42.0214 0x0db8 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:04:42.0261 0x0db8 NdisTapi - ok 18:04:42.0308 0x0db8 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:04:42.0339 0x0db8 Ndisuio - ok 18:04:42.0370 0x0db8 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:04:42.0433 0x0db8 NdisWan - ok 18:04:42.0464 0x0db8 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:04:42.0511 0x0db8 NDProxy - ok 18:04:42.0589 0x0db8 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 18:04:42.0636 0x0db8 Nero BackItUp Scheduler 4.0 - ok 18:04:42.0651 0x0db8 [ 1AB24A3DF1A458FA517364CBD69CCDF6 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 18:04:42.0651 0x0db8 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:04:42.0651 0x0db8 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:04:42.0667 0x0db8 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:04:42.0714 0x0db8 NetBIOS - ok 18:04:42.0760 0x0db8 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 18:04:42.0807 0x0db8 NetBT - ok 18:04:42.0823 0x0db8 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 18:04:42.0838 0x0db8 Netlogon - ok 18:04:42.0870 0x0db8 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 18:04:42.0916 0x0db8 Netman - ok 18:04:42.0932 0x0db8 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 18:04:42.0979 0x0db8 netprofm - ok 18:04:43.0010 0x0db8 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:04:43.0026 0x0db8 NetTcpPortSharing - ok 18:04:43.0041 0x0db8 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 18:04:43.0057 0x0db8 nfrd960 - ok 18:04:43.0104 0x0db8 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 18:04:43.0135 0x0db8 NlaSvc - ok 18:04:43.0166 0x0db8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:04:43.0197 0x0db8 Npfs - ok 18:04:43.0228 0x0db8 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 18:04:43.0260 0x0db8 nsi - ok 18:04:43.0275 0x0db8 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:04:43.0306 0x0db8 nsiproxy - ok 18:04:43.0369 0x0db8 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:04:43.0400 0x0db8 Ntfs - ok 18:04:43.0462 0x0db8 [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe 18:04:43.0478 0x0db8 NTI IScheduleSvc - ok 18:04:43.0494 0x0db8 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys 18:04:43.0494 0x0db8 NTIDrvr - ok 18:04:43.0525 0x0db8 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 18:04:43.0572 0x0db8 Null - ok 18:04:43.0618 0x0db8 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:04:43.0634 0x0db8 nvraid - ok 18:04:43.0650 0x0db8 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:04:43.0665 0x0db8 nvstor - ok 18:04:43.0712 0x0db8 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:04:43.0743 0x0db8 nv_agp - ok 18:04:43.0774 0x0db8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 18:04:43.0790 0x0db8 ohci1394 - ok 18:04:43.0868 0x0db8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:04:43.0884 0x0db8 ose - ok 18:04:44.0055 0x0db8 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 18:04:44.0133 0x0db8 osppsvc - ok 18:04:44.0180 0x0db8 [ DAF5D6B1696D42140839CD557336EFC8 ] OXSDIDRV_x64 C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys 18:04:44.0196 0x0db8 OXSDIDRV_x64 - ok 18:04:44.0227 0x0db8 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 18:04:44.0242 0x0db8 p2pimsvc - ok 18:04:44.0258 0x0db8 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 18:04:44.0274 0x0db8 p2psvc - ok 18:04:44.0289 0x0db8 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 18:04:44.0305 0x0db8 Parport - ok 18:04:44.0352 0x0db8 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:04:44.0367 0x0db8 partmgr - ok 18:04:44.0383 0x0db8 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 18:04:44.0398 0x0db8 PcaSvc - ok 18:04:44.0414 0x0db8 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 18:04:44.0430 0x0db8 pci - ok 18:04:44.0461 0x0db8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 18:04:44.0461 0x0db8 pciide - ok 18:04:44.0492 0x0db8 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 18:04:44.0508 0x0db8 pcmcia - ok 18:04:44.0508 0x0db8 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 18:04:44.0523 0x0db8 pcw - ok 18:04:44.0554 0x0db8 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:04:44.0617 0x0db8 PEAUTH - ok 18:04:44.0726 0x0db8 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 18:04:44.0757 0x0db8 PerfHost - ok 18:04:44.0773 0x0db8 pfc - ok 18:04:44.0851 0x0db8 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 18:04:44.0929 0x0db8 pla - ok 18:04:44.0976 0x0db8 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:04:45.0022 0x0db8 PlugPlay - ok 18:04:45.0054 0x0db8 [ 17A0A09C8C1CA72BBFB3D9E3B0A5E018 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 18:04:45.0069 0x0db8 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:04:45.0069 0x0db8 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:04:45.0069 0x0db8 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 18:04:45.0085 0x0db8 PNRPAutoReg - ok 18:04:45.0100 0x0db8 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 18:04:45.0116 0x0db8 PNRPsvc - ok 18:04:45.0163 0x0db8 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:04:45.0210 0x0db8 PolicyAgent - ok 18:04:45.0256 0x0db8 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 18:04:45.0303 0x0db8 Power - ok 18:04:45.0350 0x0db8 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:04:45.0381 0x0db8 PptpMiniport - ok 18:04:45.0412 0x0db8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 18:04:45.0444 0x0db8 Processor - ok 18:04:45.0490 0x0db8 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 18:04:45.0506 0x0db8 ProfSvc - ok 18:04:45.0522 0x0db8 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 18:04:45.0537 0x0db8 ProtectedStorage - ok 18:04:45.0568 0x0db8 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 18:04:45.0646 0x0db8 Psched - ok 18:04:45.0646 0x0db8 PxHelp20 - ok 18:04:45.0678 0x0db8 [ FBF4DB6D53585437E41A113300002A2B ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 18:04:45.0693 0x0db8 PxHlpa64 - ok 18:04:45.0724 0x0db8 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 18:04:45.0756 0x0db8 ql2300 - ok 18:04:45.0771 0x0db8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 18:04:45.0787 0x0db8 ql40xx - ok 18:04:45.0818 0x0db8 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 18:04:45.0834 0x0db8 QWAVE - ok 18:04:45.0849 0x0db8 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:04:45.0865 0x0db8 QWAVEdrv - ok 18:04:45.0912 0x0db8 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 18:04:45.0943 0x0db8 RapiMgr - ok 18:04:45.0958 0x0db8 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:04:45.0990 0x0db8 RasAcd - ok 18:04:46.0021 0x0db8 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 18:04:46.0052 0x0db8 RasAgileVpn - ok 18:04:46.0068 0x0db8 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 18:04:46.0099 0x0db8 RasAuto - ok 18:04:46.0146 0x0db8 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:04:46.0192 0x0db8 Rasl2tp - ok 18:04:46.0239 0x0db8 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 18:04:46.0302 0x0db8 RasMan - ok 18:04:46.0317 0x0db8 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:04:46.0348 0x0db8 RasPppoe - ok 18:04:46.0380 0x0db8 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:04:46.0411 0x0db8 RasSstp - ok 18:04:46.0458 0x0db8 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:04:46.0504 0x0db8 rdbss - ok 18:04:46.0536 0x0db8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 18:04:46.0551 0x0db8 rdpbus - ok 18:04:46.0551 0x0db8 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:04:46.0598 0x0db8 RDPCDD - ok 18:04:46.0614 0x0db8 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:04:46.0645 0x0db8 RDPENCDD - ok 18:04:46.0660 0x0db8 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 18:04:46.0707 0x0db8 RDPREFMP - ok 18:04:46.0754 0x0db8 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:04:46.0785 0x0db8 RDPWD - ok 18:04:46.0832 0x0db8 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 18:04:46.0863 0x0db8 rdyboost - ok 18:04:46.0894 0x0db8 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 18:04:46.0941 0x0db8 RemoteAccess - ok 18:04:46.0941 0x0db8 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:04:46.0988 0x0db8 RemoteRegistry - ok 18:04:47.0004 0x0db8 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 18:04:47.0050 0x0db8 RpcEptMapper - ok 18:04:47.0097 0x0db8 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 18:04:47.0097 0x0db8 RpcLocator - ok 18:04:47.0160 0x0db8 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 18:04:47.0238 0x0db8 RpcSs - ok 18:04:47.0238 0x0db8 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:04:47.0284 0x0db8 rspndr - ok 18:04:47.0316 0x0db8 [ 763AE0C6D9DF4C24B7E2C26036A8188A ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 18:04:47.0331 0x0db8 RSUSBSTOR - ok 18:04:47.0378 0x0db8 [ 183C4139EC67E7506927DE5EAD28CAAE ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys 18:04:47.0409 0x0db8 rtl8192se - ok 18:04:47.0425 0x0db8 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 18:04:47.0440 0x0db8 SamSs - ok 18:04:47.0487 0x0db8 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:04:47.0487 0x0db8 sbp2port - ok 18:04:47.0518 0x0db8 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:04:47.0550 0x0db8 SCardSvr - ok 18:04:47.0581 0x0db8 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 18:04:47.0628 0x0db8 scfilter - ok 18:04:47.0706 0x0db8 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 18:04:47.0784 0x0db8 Schedule - ok 18:04:47.0830 0x0db8 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 18:04:47.0893 0x0db8 SCPolicySvc - ok 18:04:47.0940 0x0db8 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:04:47.0955 0x0db8 SDRSVC - ok 18:04:47.0971 0x0db8 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:04:48.0002 0x0db8 secdrv - ok 18:04:48.0049 0x0db8 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 18:04:48.0080 0x0db8 seclogon - ok 18:04:48.0096 0x0db8 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 18:04:48.0142 0x0db8 SENS - ok 18:04:48.0142 0x0db8 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 18:04:48.0158 0x0db8 SensrSvc - ok 18:04:48.0174 0x0db8 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 18:04:48.0189 0x0db8 Serenum - ok 18:04:48.0205 0x0db8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 18:04:48.0220 0x0db8 Serial - ok 18:04:48.0252 0x0db8 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 18:04:48.0267 0x0db8 sermouse - ok 18:04:48.0314 0x0db8 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 18:04:48.0361 0x0db8 SessionEnv - ok 18:04:48.0392 0x0db8 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 18:04:48.0408 0x0db8 sffdisk - ok 18:04:48.0423 0x0db8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:04:48.0439 0x0db8 sffp_mmc - ok 18:04:48.0439 0x0db8 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 18:04:48.0470 0x0db8 sffp_sd - ok 18:04:48.0486 0x0db8 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 18:04:48.0501 0x0db8 sfloppy - ok 18:04:48.0532 0x0db8 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 18:04:48.0579 0x0db8 SharedAccess - ok 18:04:48.0626 0x0db8 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:04:48.0688 0x0db8 ShellHWDetection - ok 18:04:48.0704 0x0db8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 18:04:48.0720 0x0db8 SiSRaid2 - ok 18:04:48.0735 0x0db8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 18:04:48.0751 0x0db8 SiSRaid4 - ok 18:04:48.0766 0x0db8 [ D335450B591CA26F421D7F975399DDC3 ] SMARTMouseFilterx64 C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys 18:04:48.0782 0x0db8 SMARTMouseFilterx64 - ok 18:04:48.0798 0x0db8 [ CE70BFC09969B480627D0ED8DD7B3943 ] SMARTVHidMiniVistaAmd64 C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys 18:04:48.0798 0x0db8 SMARTVHidMiniVistaAmd64 - ok 18:04:48.0813 0x0db8 [ 9EB228E604FA70636E5A3C7C2A2FE304 ] SMARTVTabletPCx64 C:\Windows\system32\DRIVERS\SMARTVTabletPCx64.sys 18:04:48.0829 0x0db8 SMARTVTabletPCx64 - ok 18:04:48.0860 0x0db8 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:04:48.0891 0x0db8 Smb - ok 18:04:48.0907 0x0db8 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:04:48.0922 0x0db8 SNMPTRAP - ok 18:04:48.0922 0x0db8 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 18:04:48.0938 0x0db8 spldr - ok 18:04:48.0985 0x0db8 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe 18:04:49.0047 0x0db8 Spooler - ok 18:04:49.0172 0x0db8 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 18:04:49.0266 0x0db8 sppsvc - ok 18:04:49.0281 0x0db8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 18:04:49.0328 0x0db8 sppuinotify - ok 18:04:49.0359 0x0db8 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 18:04:49.0375 0x0db8 srv - ok 18:04:49.0390 0x0db8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:04:49.0406 0x0db8 srv2 - ok 18:04:49.0422 0x0db8 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:04:49.0437 0x0db8 srvnet - ok 18:04:49.0453 0x0db8 ssadbus - ok 18:04:49.0453 0x0db8 ssadmdfl - ok 18:04:49.0453 0x0db8 ssadmdm - ok 18:04:49.0468 0x0db8 ssadserd - ok 18:04:49.0500 0x0db8 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:04:49.0562 0x0db8 SSDPSRV - ok 18:04:49.0578 0x0db8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:04:49.0609 0x0db8 SstpSvc - ok 18:04:49.0624 0x0db8 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 18:04:49.0640 0x0db8 stexstor - ok 18:04:49.0702 0x0db8 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 18:04:49.0749 0x0db8 stisvc - ok 18:04:49.0780 0x0db8 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 18:04:49.0780 0x0db8 swenum - ok 18:04:49.0812 0x0db8 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 18:04:49.0874 0x0db8 swprv - ok 18:04:49.0968 0x0db8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 18:04:50.0014 0x0db8 SysMain - ok 18:04:50.0077 0x0db8 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:04:50.0092 0x0db8 TabletInputService - ok 18:04:50.0139 0x0db8 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 18:04:50.0202 0x0db8 TapiSrv - ok 18:04:50.0217 0x0db8 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 18:04:50.0248 0x0db8 TBS - ok 18:04:50.0342 0x0db8 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:04:50.0389 0x0db8 Tcpip - ok 18:04:50.0420 0x0db8 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 18:04:50.0467 0x0db8 TCPIP6 - ok 18:04:50.0514 0x0db8 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:04:50.0545 0x0db8 tcpipreg - ok 18:04:50.0576 0x0db8 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:04:50.0592 0x0db8 TDPIPE - ok 18:04:50.0607 0x0db8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:04:50.0623 0x0db8 TDTCP - ok 18:04:50.0654 0x0db8 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:04:50.0685 0x0db8 tdx - ok 18:04:50.0872 0x0db8 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe 18:04:50.0935 0x0db8 TeamViewer8 - ok 18:04:50.0950 0x0db8 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 18:04:50.0966 0x0db8 TermDD - ok 18:04:51.0028 0x0db8 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 18:04:51.0091 0x0db8 TermService - ok 18:04:51.0106 0x0db8 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 18:04:51.0122 0x0db8 Themes - ok 18:04:51.0169 0x0db8 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 18:04:51.0200 0x0db8 THREADORDER - ok 18:04:51.0216 0x0db8 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 18:04:51.0262 0x0db8 TrkWks - ok 18:04:51.0325 0x0db8 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:04:51.0387 0x0db8 TrustedInstaller - ok 18:04:51.0434 0x0db8 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:04:51.0481 0x0db8 tssecsrv - ok 18:04:51.0528 0x0db8 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 18:04:51.0559 0x0db8 TsUsbFlt - ok 18:04:51.0606 0x0db8 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:04:51.0652 0x0db8 tunnel - ok 18:04:51.0668 0x0db8 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 18:04:51.0684 0x0db8 uagp35 - ok 18:04:51.0699 0x0db8 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys 18:04:51.0715 0x0db8 UBHelper - ok 18:04:51.0762 0x0db8 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:04:51.0824 0x0db8 udfs - ok 18:04:51.0855 0x0db8 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:04:51.0871 0x0db8 UI0Detect - ok 18:04:51.0886 0x0db8 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:04:51.0902 0x0db8 uliagpkx - ok 18:04:51.0949 0x0db8 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 18:04:51.0949 0x0db8 umbus - ok 18:04:51.0980 0x0db8 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 18:04:51.0980 0x0db8 UmPass - ok 18:04:52.0089 0x0db8 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 18:04:52.0120 0x0db8 UNS - ok 18:04:52.0167 0x0db8 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe 18:04:52.0183 0x0db8 Updater Service - ok 18:04:52.0198 0x0db8 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 18:04:52.0245 0x0db8 upnphost - ok 18:04:52.0276 0x0db8 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 18:04:52.0292 0x0db8 USBAAPL64 - ok 18:04:52.0339 0x0db8 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 18:04:52.0386 0x0db8 usbaudio - ok 18:04:52.0401 0x0db8 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 18:04:52.0432 0x0db8 usbccgp - ok 18:04:52.0464 0x0db8 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:04:52.0510 0x0db8 usbcir - ok 18:04:52.0542 0x0db8 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 18:04:52.0557 0x0db8 usbehci - ok 18:04:52.0573 0x0db8 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:04:52.0588 0x0db8 usbhub - ok 18:04:52.0604 0x0db8 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 18:04:52.0620 0x0db8 usbohci - ok 18:04:52.0635 0x0db8 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 18:04:52.0651 0x0db8 usbprint - ok 18:04:52.0666 0x0db8 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:04:52.0682 0x0db8 USBSTOR - ok 18:04:52.0698 0x0db8 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 18:04:52.0713 0x0db8 usbuhci - ok 18:04:52.0729 0x0db8 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 18:04:52.0744 0x0db8 usbvideo - ok 18:04:52.0791 0x0db8 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys 18:04:52.0807 0x0db8 usb_rndisx - ok 18:04:52.0807 0x0db8 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 18:04:52.0854 0x0db8 UxSms - ok 18:04:52.0869 0x0db8 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 18:04:52.0885 0x0db8 VaultSvc - ok 18:04:52.0932 0x0db8 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 18:04:52.0947 0x0db8 vdrvroot - ok 18:04:52.0978 0x0db8 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 18:04:53.0056 0x0db8 vds - ok 18:04:53.0088 0x0db8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:04:53.0103 0x0db8 vga - ok 18:04:53.0119 0x0db8 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 18:04:53.0166 0x0db8 VgaSave - ok 18:04:53.0181 0x0db8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 18:04:53.0197 0x0db8 vhdmp - ok 18:04:53.0212 0x0db8 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 18:04:53.0228 0x0db8 viaide - ok 18:04:53.0275 0x0db8 [ 622FCF264119F7DF127BE353F796B319 ] VideoDownloadConverter_4zService C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe 18:04:53.0290 0x0db8 VideoDownloadConverter_4zService - ok 18:04:53.0337 0x0db8 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:04:53.0337 0x0db8 volmgr - ok 18:04:53.0400 0x0db8 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:04:53.0400 0x0db8 volmgrx - ok 18:04:53.0431 0x0db8 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:04:53.0446 0x0db8 volsnap - ok 18:04:53.0478 0x0db8 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 18:04:53.0493 0x0db8 vsmraid - ok 18:04:53.0556 0x0db8 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 18:04:53.0618 0x0db8 VSS - ok 18:04:53.0649 0x0db8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 18:04:53.0665 0x0db8 vwifibus - ok 18:04:53.0696 0x0db8 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 18:04:53.0743 0x0db8 vwififlt - ok 18:04:53.0743 0x0db8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 18:04:53.0758 0x0db8 vwifimp - ok 18:04:53.0790 0x0db8 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 18:04:53.0836 0x0db8 W32Time - ok 18:04:53.0868 0x0db8 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 18:04:53.0883 0x0db8 WacomPen - ok 18:04:53.0914 0x0db8 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 18:04:53.0961 0x0db8 WANARP - ok 18:04:53.0961 0x0db8 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:04:54.0008 0x0db8 Wanarpv6 - ok 18:04:54.0086 0x0db8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 18:04:54.0102 0x0db8 WatAdminSvc - ok 18:04:54.0180 0x0db8 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 18:04:54.0226 0x0db8 wbengine - ok 18:04:54.0258 0x0db8 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 18:04:54.0289 0x0db8 WbioSrvc - ok 18:04:54.0320 0x0db8 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 18:04:54.0336 0x0db8 WcesComm - ok 18:04:54.0382 0x0db8 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:04:54.0414 0x0db8 wcncsvc - ok 18:04:54.0429 0x0db8 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:04:54.0445 0x0db8 WcsPlugInService - ok 18:04:54.0460 0x0db8 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 18:04:54.0476 0x0db8 Wd - ok 18:04:54.0507 0x0db8 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:04:54.0523 0x0db8 Wdf01000 - ok 18:04:54.0538 0x0db8 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:04:54.0554 0x0db8 WdiServiceHost - ok 18:04:54.0554 0x0db8 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:04:54.0585 0x0db8 WdiSystemHost - ok 18:04:54.0632 0x0db8 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 18:04:54.0648 0x0db8 WebClient - ok 18:04:54.0663 0x0db8 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:04:54.0710 0x0db8 Wecsvc - ok 18:04:54.0726 0x0db8 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:04:54.0772 0x0db8 wercplsupport - ok 18:04:54.0788 0x0db8 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 18:04:54.0835 0x0db8 WerSvc - ok 18:04:54.0835 0x0db8 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 18:04:54.0882 0x0db8 WfpLwf - ok 18:04:54.0897 0x0db8 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 18:04:54.0913 0x0db8 WIMMount - ok 18:04:54.0944 0x0db8 WinDefend - ok 18:04:54.0944 0x0db8 WinHttpAutoProxySvc - ok 18:04:55.0006 0x0db8 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:04:55.0069 0x0db8 Winmgmt - ok 18:04:55.0162 0x0db8 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 18:04:55.0240 0x0db8 WinRM - ok 18:04:55.0287 0x0db8 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 18:04:55.0334 0x0db8 WinUsb - ok 18:04:55.0350 0x0db8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 18:04:55.0381 0x0db8 Wlansvc - ok 18:04:55.0428 0x0db8 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 18:04:55.0443 0x0db8 wlcrasvc - ok 18:04:55.0553 0x0db8 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:04:55.0600 0x0db8 wlidsvc - ok 18:04:55.0647 0x0db8 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 18:04:55.0663 0x0db8 WmiAcpi - ok 18:04:55.0694 0x0db8 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:04:55.0710 0x0db8 wmiApSrv - ok 18:04:55.0725 0x0db8 WMPNetworkSvc - ok 18:04:55.0741 0x0db8 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:04:55.0756 0x0db8 WPCSvc - ok 18:04:55.0788 0x0db8 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:04:55.0803 0x0db8 WPDBusEnum - ok 18:04:55.0850 0x0db8 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:04:55.0897 0x0db8 ws2ifsl - ok 18:04:55.0912 0x0db8 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 18:04:55.0928 0x0db8 wscsvc - ok 18:04:55.0944 0x0db8 WSearch - ok 18:04:56.0022 0x0db8 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 18:04:56.0084 0x0db8 wuauserv - ok 18:04:56.0100 0x0db8 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 18:04:56.0146 0x0db8 WudfPf - ok 18:04:56.0178 0x0db8 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:04:56.0256 0x0db8 WUDFRd - ok 18:04:56.0302 0x0db8 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:04:56.0349 0x0db8 wudfsvc - ok 18:04:56.0365 0x0db8 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 18:04:56.0380 0x0db8 WwanSvc - ok 18:04:56.0396 0x0db8 ================ Scan global =============================== 18:04:56.0427 0x0db8 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 18:04:56.0474 0x0db8 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 18:04:56.0474 0x0db8 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 18:04:56.0490 0x0db8 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 18:04:56.0536 0x0db8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 18:04:56.0536 0x0db8 [Global] - ok 18:04:56.0536 0x0db8 ================ Scan MBR ================================== 18:04:56.0568 0x0db8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 18:04:57.0036 0x0db8 \Device\Harddisk0\DR0 - ok 18:04:57.0051 0x0db8 ================ Scan VBR ================================== 18:04:57.0051 0x0db8 [ BE0975FAB15E31B7907EAECC17732A27 ] \Device\Harddisk0\DR0\Partition1 18:04:57.0051 0x0db8 \Device\Harddisk0\DR0\Partition1 - ok 18:04:57.0082 0x0db8 [ BC7F11FDCAC38CD397BC308107C71066 ] \Device\Harddisk0\DR0\Partition2 18:04:57.0082 0x0db8 \Device\Harddisk0\DR0\Partition2 - ok 18:04:57.0082 0x0db8 ============================================================ 18:04:57.0082 0x0db8 Scan finished 18:04:57.0082 0x0db8 ============================================================ 18:04:57.0098 0x05e4 Detected object count: 3 18:04:57.0098 0x05e4 Actual detected object count: 3 18:06:12.0337 0x05e4 C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe - copied to quarantine 18:06:12.0352 0x05e4 HKLM\SYSTEM\ControlSet001\services\LaCieDesktopManagerService - will be deleted on reboot 18:06:12.0368 0x05e4 HKLM\SYSTEM\ControlSet002\services\LaCieDesktopManagerService - will be deleted on reboot 18:06:12.0586 0x05e4 C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe - will be deleted on reboot 18:06:12.0586 0x05e4 LaCieDesktopManagerService ( UnsignedFile.Multi.Generic ) - User select action: Delete 18:06:12.0633 0x05e4 C:\Windows\system32\HPZinw12.dll - copied to quarantine 18:06:12.0633 0x05e4 HKLM\SYSTEM\ControlSet001\services\Net Driver HPZ12 - will be deleted on reboot 18:06:12.0649 0x05e4 HKLM\SYSTEM\ControlSet002\services\Net Driver HPZ12 - will be deleted on reboot 18:06:12.0664 0x05e4 C:\Windows\system32\HPZinw12.dll - will be deleted on reboot 18:06:12.0664 0x05e4 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Delete 18:06:12.0680 0x05e4 C:\Windows\system32\HPZipm12.dll - copied to quarantine 18:06:12.0680 0x05e4 HKLM\SYSTEM\ControlSet001\services\Pml Driver HPZ12 - will be deleted on reboot 18:06:12.0680 0x05e4 HKLM\SYSTEM\ControlSet002\services\Pml Driver HPZ12 - will be deleted on reboot 18:06:12.0696 0x05e4 C:\Windows\system32\HPZipm12.dll - will be deleted on reboot 18:06:12.0696 0x05e4 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Delete 18:06:20.0574 0x116c Deinitialize success 2e logbestand ... 18:09:12.0982 0x10dc TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29 18:09:14.0994 0x10dc ============================================================ 18:09:14.0994 0x10dc Current date / time: 2013/09/10 18:09:14.0994 18:09:14.0994 0x10dc SystemInfo: 18:09:14.0994 0x10dc 18:09:14.0994 0x10dc OS Version: 6.1.7601 ServicePack: 1.0 18:09:14.0994 0x10dc Product type: Workstation 18:09:14.0994 0x10dc ComputerName: LAPTOPDIETER 18:09:17.0350 0x10dc UserName: Dieter 18:09:17.0350 0x10dc Windows directory: C:\Windows 18:09:17.0350 0x10dc System windows directory: C:\Windows 18:09:17.0350 0x10dc Running under WOW64 18:09:17.0350 0x10dc Processor architecture: Intel x64 18:09:17.0350 0x10dc Number of processors: 4 18:09:17.0350 0x10dc Page size: 0x1000 18:09:17.0350 0x10dc Boot type: Normal boot 18:09:17.0350 0x10dc ============================================================ 18:09:17.0350 0x10dc BG loaded 18:09:18.0380 0x10dc Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:09:18.0395 0x10dc ============================================================ 18:09:18.0395 0x10dc \Device\Harddisk0\DR0: 18:09:18.0395 0x10dc MBR partitions: 18:09:18.0395 0x10dc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000 18:09:18.0395 0x10dc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800 18:09:18.0395 0x10dc ============================================================ 18:09:18.0520 0x10dc C: <-> \Device\Harddisk0\DR0\Partition2 18:09:18.0520 0x10dc ============================================================ 18:09:18.0520 0x10dc Initialize success 18:09:18.0520 0x10dc ============================================================ 18:09:24.0573 0x10cc Deinitialize success -
W32 Blaster Worm
dieter9080 reageerde op dieter9080's topic in Archief Bestrijding malware & virussen
Tot nu toe gelukt. Logbestand Malware hieronder Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.09.10.07 Windows 7 Service Pack 1 x64 NTFS (Veilige modus/netwerkmogelijkheden) Internet Explorer 9.0.8112.16421 Dieter :: LAPTOPDIETER [administrator] 10/09/2013 17:03:57 mbam-log-2013-09-10 (17-03-57).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 250600 Verstreken tijd: 12 minuut/minuten, 41 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 1 HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 1 HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0I1K1K2T1N1Q1OzztFyC -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 12 C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\OpenCandy\47126FA1B8284971A3FD987D4E89FDD5 (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\OpenCandy\736343D889DC4D6387951C541785D629 (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\OpenCandy\A57B43ADBCA640EDB1188C04EFD8045E (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\OpenCandy\F6762615175847A693F3DA6E5170D7F2 (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\OpenCandy\FA617AA718D240C5A7286415E6761F22 (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\OpenCandy\OpenCandy_736343D889DC4D6387951C541785D629 (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 20 C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\meprotection.exe (Trojan.FakeAV) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Local\Temp\BF21.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Local\Temp\CA87.tmp (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\firefox.exe (Rootkit.Dropper) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\winlogon.exe (Trojan.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\OpenCandy\47126FA1B8284971A3FD987D4E89FDD5\TuneUpUtilities2013_2200258_nl-NL.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\OpenCandy\736343D889DC4D6387951C541785D629\TuneUpUtilities2012_nl-NL_1002229.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\OpenCandy\A57B43ADBCA640EDB1188C04EFD8045E\TuneUpUtilities2013_2200258_nl-NL.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\OpenCandy\FA617AA718D240C5A7286415E6761F22\5656.ico (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\OpenCandy\FA617AA718D240C5A7286415E6761F22\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Dieter\AppData\Roaming\OpenCandy\FA617AA718D240C5A7286415E6761F22\OCBrowserHelper_1.0.6.125.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) -
Hey daar, ik heb een W32 Blaster Worm ontvangen. kan iemand me helpen om deze te verwijderen? Heb opgestart in veilige modus en Ik heb Hijackthis al laten lopen en plaats de log hieronder. Alvast bedankt!! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:51:41, on 10/09/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Safe mode with network support Running processes: C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = CARE - Login Page R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing) O2 - BHO: MP3 Rocket Toolbar BHO - {4D503352-5636-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MP3RV6\Passport.dll" (file missing) O2 - BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing) O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: MP3 Rocket Toolbar - {4D503352-5636-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MP3RV6\Passport.dll" (file missing) O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [NeroCheck] C:\Windows\SysWOW64\\NeroCheck.exe O4 - HKLM\..\Run: [sMART Board Service] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Genie TimeLine Tray] C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Dieter\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [LaCie Desktop Manager Startup] "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe" O4 - HKCU\..\Run: [internet Security] C:\Users\Dieter\AppData\Roaming\meprotection.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Dieter\AppData\Local\Google\Desktop\Install\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38}\???\???\???\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38}\GoogleUpdate.exe" > O4 - Startup: Dropbox.lnk = C:\Users\Dieter\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: iMindMap6 Preloader.lnk = C:\Users\Dieter\.thinkbuzan\imindmap6\preload\iMindMap6_Preloader.exe O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing) O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie-Soft - C:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LaCieDesktopManagerService - Unknown owner - C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 17521 bytes
-
Microsoft Outlook start niet meer op.
dieter9080 reageerde op dieter9080's topic in Archief Microsoft Office
Hey Clarkie, super hulp. probleem opgelost. Bedankt! -
Hallo allen, Sinds deze morgen kan ik Microsoft Outlook niet meer opstarten. Ik krijg steeds de melding dat er fouten aangetroffen zijn inn het bestand .... ( zie bijlage) Kunnen jullie me verder helpen om Outlook opnieuw open te krijgen. Ik werk met windows 7 en office 2010. Alvast bedankt! Dieter - - - Updated - - - Hallo allen, Sinds deze morgen kan ik Microsoft Outlook niet meer opstarten. Ik krijg steeds de melding dat er fouten aangetroffen zijn inn het bestand .... ( zie bijlage) Kunnen jullie me verder helpen om Outlook opnieuw open te krijgen. Ik werk met windows 7 en office 2010. Alvast bedankt! Dieter
-
Xerox Work center XK50ck installeren met windows 7
dieter9080 plaatste een topic in Archief Hardware algemeen
Beste, ik heb een Xerox Work center XK50ck in mijnbezit, maar kan deze niet installeren met de bijgeleverde cd-rom. Deze ondersteunt windows 7 niet meer. Kunnen jullie me verder helpen om deze printer/scanner toch geïnstalleerd te krijgen ? Deze is op dit moment aangesloten op een NAS server in huis. Hartelijk dank! -
Beste kape, alles lijkt nu ok te zijn. Geen meldingen meer bij AVG en ik kan mijn GSM opnieuw synchroniseren. fantastisch bedankt voor de hulp !!!!
-
Beste, onderstaand het logbestand van Combofix. Alvast erg bedankt! ComboFix 12-08-08.03 - Dieter 09/08/2012 10:33:34.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.2807.1514 [GMT 2:00] Gestart vanuit: c:\users\Dieter\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Dieter\AppData\Local\assembly\tmp c:\users\Dieter\AppData\Local\Temp\bad4021e-8b96-4726-a482-7caebf5bc001\CliSecureRT.dll c:\windows\assembly\GAC_32\Desktop.ini c:\windows\assembly\GAC_64\Desktop.ini c:\windows\Installer\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38}\@ c:\windows\Installer\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38}\L\00000004.@ c:\windows\Installer\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38}\L\00000008.@ c:\windows\Installer\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38}\U\00000004.@ c:\windows\Installer\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38}\U\00000008.@ c:\windows\Installer\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38}\U\000000cb.@ c:\windows\Installer\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38}\U\80000000.@ c:\windows\Installer\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38}\U\80000032.@ c:\windows\Installer\{a0b67cf0-6d1f-4ee4-b99e-517d77b99f38}\U\80000064.@ c:\windows\security\Database\tmp.edb c:\windows\SysWow64\muzapp.exe . Besmet exemplaar van c:\windows\system32\services.exe werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - c:\32788r22fwjfw\HarddiskVolumeShadowCopy1_!Windows!System32!services.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-09 to 2012-08-09 )))))))))))))))))))))))))))))) . . 2012-08-09 08:47 . 2012-08-09 08:47 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-08 16:01 . 2012-08-08 16:01 388096 ----a-r- c:\users\Dieter\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-08-08 16:01 . 2012-08-08 16:01 -------- d-----w- c:\program files (x86)\Trend Micro 2012-08-08 13:17 . 2012-08-08 13:17 -------- d-----w- c:\users\Dieter\AppData\Roaming\Malwarebytes 2012-08-08 13:17 . 2012-08-08 13:17 -------- d-----w- c:\programdata\Malwarebytes 2012-08-08 10:52 . 2012-08-08 11:22 -------- d-----w- c:\programdata\clp 2012-08-08 10:52 . 2012-08-08 10:52 -------- d-----w- c:\users\Dieter\AppData\Roaming\Fighters 2012-08-08 10:52 . 2012-08-08 10:52 -------- d-----w- c:\programdata\Common Toolkit Suite 2012-08-08 10:50 . 2012-08-08 11:27 -------- d-----w- c:\programdata\Fighters 2012-07-22 10:01 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-22 07:48 . 2012-06-02 11:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-07-21 15:18 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-07-21 15:07 . 2012-07-21 15:07 -------- d-----w- c:\programdata\McAfee . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-03 10:37 . 2012-04-14 16:59 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-03 10:37 . 2011-05-20 06:21 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-22 07:50 . 2011-02-01 07:38 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-06-02 22:19 . 2012-06-21 05:40 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 05:40 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-21 05:40 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 05:40 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 05:40 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-21 05:40 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-21 05:40 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-21 05:40 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-21 05:40 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-05-22 13:47 . 2012-05-22 08:51 405176 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll 2003-03-21 12:45 . 2011-11-08 17:20 250544 ----a-w- c:\program files (x86)\Common Files\keyhelp.ocx . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-07-10 09:43 2074208 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-10 2074208] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-15 39408] "KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-12-27 937360] "KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-12-27 21392] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696] "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2010-05-26 1545568] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "NeroCheck"="c:\windows\SysWOW64\\NeroCheck.exe" [2001-07-09 155648] "SMART Board Service"="c:\program files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" [2011-07-13 1761136] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-07-10 1107552] "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-12-27 3508624] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776] . c:\users\Dieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ MP3 Rocket (Minimized).lnk - c:\program files (x86)\MP3 Rocket\MP3Rocket.exe [2012-5-9 175104] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-15 136176] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x] R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-15 136176] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 129976] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 246376] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-21 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-04 5160568] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104] S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-06-11 868896] S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-06-28 255744] S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-17 2358656] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920] S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-28 243232] S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-07-10 935008] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-05-21 1108000] S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys [2011-07-13 13168] S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [2011-07-13 16368] S3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys [2011-07-13 24944] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . Inhoud van de 'Gedeelde Taken' map . 2012-08-09 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 10:37] . 2012-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-15 18:39] . 2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-15 18:39] . 2012-08-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2019540163-143549655-3842846006-1000Core.job - c:\users\Dieter\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-24 09:54] . 2012-08-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2019540163-143549655-3842846006-1000UA.job - c:\users\Dieter\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-24 09:54] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-10 206208] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552] "Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-06-11 861216] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Bijkomende Scan ------- . uStart Page = hxxp://app.zorgkompas.be/care/ uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://packardbell.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\Dieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm IE: Free YouTube to MP3 Converter - c:\users\Dieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.2.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll FF - ProfilePath - c:\users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\n37i9m6g.default\ . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2012-08-09 11:03:35 - machine werd herstart ComboFix-quarantined-files.txt 2012-08-09 09:03 . Pre-Run: 196.660.019.200 bytes beschikbaar Post-Run: 197.001.277.440 bytes beschikbaar . - - End Of File - - B32EE9551CD5477B43F34C90C25E058F
-
Onderstaand het logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:24:12, on 8/08/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Windows\PLFSetI.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe C:\Program Files (x86)\Java\jre6\bin\javaw.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Packardbell | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = CARE - Login Page R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Packardbell | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Packardbell | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Babylon Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [NeroCheck] C:\Windows\SysWOW64\\NeroCheck.exe O4 - HKLM\..\Run: [sMART Board Service] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Dieter\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: MP3 Rocket (Minimized).lnk = C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Dieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Dieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16760 bytes
-
Hallo, Ik heb sinds kort een trojaans paard Dropper.Generic_c.MMI op mijn laptop. daardoor kan ik ook mijn gsm niet meer synchroniseren. Via AVG heb ik deze ontdekt, maar kan ik niet verwijderen ( staat op de witte lijst) Ik kan enkel negeren. Wie kan me helpen om dit in orde te krijgen? Alvast bedankt!
