Luuk24
-
Items
81 -
Registratiedatum
-
Laatst bezocht
Luuk24's prestaties
-
nee ik heb geen problemen meer
-
ComboFix 12-07-02.01 - User 02-07-2012 22:24:01.2.2 - x86 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.31.1043.18.2015.1083 [GMT 2:00] Gestart vanuit: c:\users\User\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\User\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\F4D55F17000083BB013D4B9D570F1C55 c:\programdata\F4D55F17000083BB013D4B9D570F1C55\F4D55F17000083BB013D4B9D570F1C55 c:\users\User\AppData\Roaming\Bohawo c:\users\User\AppData\Roaming\Bohawo\atumv.uvo . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-02 to 2012-07-02 )))))))))))))))))))))))))))))) . . 2012-07-02 20:30 . 2012-07-02 20:30 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-02 18:31 . 2012-07-02 18:31 -------- d-----w- c:\users\User\AppData\Roaming\AVG2012 2012-07-02 18:30 . 2012-07-02 18:30 -------- d-----w- c:\users\User\AppData\Local\AVG Secure Search 2012-07-02 18:29 . 2012-07-02 18:30 -------- d-----w- c:\programdata\AVG Secure Search 2012-07-02 18:29 . 2012-07-02 18:29 -------- d-----w- c:\program files\AVG Secure Search 2012-07-02 18:29 . 2012-07-02 18:29 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2012-07-02 18:27 . 2012-07-02 18:38 -------- d-----w- c:\programdata\AVG2012 2012-07-02 18:27 . 2012-07-02 18:33 -------- d-----w- c:\windows\system32\drivers\AVG 2012-07-02 18:27 . 2012-07-02 18:27 -------- d-----w- C:\$AVG 2012-07-02 18:25 . 2012-07-02 18:25 -------- d-----w- c:\program files\AVG 2012-07-02 18:22 . 2012-07-02 18:33 -------- d-----w- c:\programdata\MFAData 2012-07-02 18:22 . 2012-07-02 18:22 -------- d--h--w- c:\programdata\Common Files 2012-07-02 18:18 . 2012-07-02 20:31 -------- d-----w- c:\users\User\AppData\Local\temp 2012-07-01 09:29 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-30 17:00 . 2012-06-30 17:00 388096 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-30 17:00 . 2012-06-30 17:00 -------- d-----w- c:\program files\Trend Micro 2012-06-29 15:17 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{614B0820-2544-4DD5-B402-9620828A4CFC}\mpengine.dll 2012-06-21 15:13 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-21 15:13 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-21 15:13 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-21 15:13 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-21 15:13 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-21 15:13 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-21 15:13 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-21 15:12 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-21 15:12 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-20 18:40 . 2012-06-20 18:40 -------- d-----w- c:\windows\nl 2012-06-20 18:39 . 2012-03-08 16:32 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-06-20 18:31 . 2012-06-20 18:31 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\eb5cfd701cd4f1203\MeshBetaRemover.exe 2012-06-20 18:31 . 2012-06-20 18:31 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\eaeb86901cd4f1202\DSETUP.dll 2012-06-20 18:31 . 2012-06-20 18:31 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\eaeb86901cd4f1202\DXSETUP.exe 2012-06-20 18:31 . 2012-06-20 18:31 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\eaeb86901cd4f1202\dsetup32.dll 2012-06-14 16:47 . 2012-05-15 19:51 2045440 ----a-w- c:\windows\system32\win32k.sys 2012-06-14 16:47 . 2012-04-23 16:00 984064 ----a-w- c:\windows\system32\crypt32.dll 2012-06-14 16:47 . 2012-04-23 16:00 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-14 16:47 . 2012-04-23 16:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-14 16:46 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-12 17:58 . 2012-06-12 17:58 -------- d-----w- C:\Logitech® Webcam Software 2012-06-12 17:13 . 2012-06-12 17:14 -------- d-----w- c:\program files\Microsoft Security Client 2012-06-10 09:38 . 2012-06-10 09:38 -------- d-----w- c:\users\User\AppData\Roaming\Malwarebytes 2012-06-10 09:37 . 2012-06-10 09:37 -------- d-----w- c:\programdata\Malwarebytes 2012-06-10 09:37 . 2012-07-01 09:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-20 18:52 . 2012-04-11 15:26 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-20 18:52 . 2011-11-29 17:52 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-19 02:50 . 2012-04-19 02:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-07-02 18:29 2074208 ----a-w- c:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-02 2074208] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272] "atchk"="c:\program files\Intel\AMT\atchk.exe" [2008-05-25 408088] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-02-21 1183744] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-07-02 1107552] . c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1516363826-1503883839-2503960815-1000] "EnableNotificationsRef"=dword:00000001 . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - AVGIDSDRIVER *NewlyCreated* - AVGIDSFILTER *NewlyCreated* - AVGIDSSHIM *NewlyCreated* - AVGLDX86 *NewlyCreated* - AVGMFX86 *NewlyCreated* - AVGRKX86 *NewlyCreated* - AVGTDIX *NewlyCreated* - MBAMPROTECTOR . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-07-02 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 18:52] . 2012-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-05 14:01] . 2012-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-05 14:01] . 2012-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1516363826-1503883839-2503960815-1000Core.job - c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-30 12:01] . 2012-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1516363826-1503883839-2503960815-1000UA.job - c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-30 12:01] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://83.160.69.112/activex/AMC.cab . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-02 22:31 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-07-02 22:33:54 ComboFix-quarantined-files.txt 2012-07-02 20:33 ComboFix2.txt 2012-07-02 18:18 . Pre-Run: 25.799.172.096 bytes beschikbaar Post-Run: 25.891.930.112 bytes beschikbaar . - - End Of File - - 608FC792A00EF2FFD43D25772348B687
-
ComboFix 12-07-02.01 - User 02-07-2012 20:07:37.1.2 - x86 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.31.1043.18.2015.1074 [GMT 2:00] Gestart vanuit: c:\users\User\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\User\AppData\Local\Temp\{1395B199-BF3F-4A5F-B4D7-516FA76D0F5C}\fpb.tmp c:\users\User\AppData\Roaming\Anxuaq c:\users\User\AppData\Roaming\Anxuaq\toteb.ziy c:\users\User\AppData\Roaming\Ceah c:\users\User\AppData\Roaming\Ceah\qaike.exe c:\users\User\AppData\Roaming\Duop c:\users\User\AppData\Roaming\Duop\ivhia.exe c:\users\User\AppData\Roaming\Duutza c:\users\User\AppData\Roaming\Duutza\poeco.nir c:\users\User\AppData\Roaming\Erip c:\users\User\AppData\Roaming\Erip\lepui.eto c:\users\User\AppData\Roaming\Ewiz c:\users\User\AppData\Roaming\Ewiz\ihnoo.usi c:\users\User\AppData\Roaming\Iloc c:\users\User\AppData\Roaming\Iloc\omez.exe c:\users\User\AppData\Roaming\Mualok c:\users\User\AppData\Roaming\Mualok\yfih.exe c:\users\User\AppData\Roaming\Papoag c:\users\User\AppData\Roaming\Papoag\paus.exe c:\users\User\AppData\Roaming\Peese c:\users\User\AppData\Roaming\Peese\kazo.diq c:\users\User\AppData\Roaming\Poiwku c:\users\User\AppData\Roaming\Poiwku\raeg.exe c:\users\User\AppData\Roaming\Vykuv c:\users\User\AppData\Roaming\Vykuv\egud.ycu c:\users\User\AppData\Roaming\Woxeso c:\users\User\AppData\Roaming\Woxeso\kano.exe c:\users\User\AppData\Roaming\Ymyg c:\users\User\AppData\Roaming\Ymyg\reof.wio c:\users\User\AppData\Roaming\Yvse c:\users\User\AppData\Roaming\Yvse\ykke.bah c:\users\User\AppData\Roaming\Zyeh c:\users\User\AppData\Roaming\Zyeh\taofi.emy . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-02 to 2012-07-02 )))))))))))))))))))))))))))))) . . 2012-07-02 18:14 . 2012-07-02 18:14 -------- d-----w- c:\users\User\AppData\Local\temp 2012-07-02 18:14 . 2012-07-02 18:14 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-01 09:29 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-30 17:00 . 2012-06-30 17:00 388096 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-30 17:00 . 2012-06-30 17:00 -------- d-----w- c:\program files\Trend Micro 2012-06-29 15:17 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{614B0820-2544-4DD5-B402-9620828A4CFC}\mpengine.dll 2012-06-21 15:13 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-21 15:13 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-21 15:13 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-21 15:13 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-21 15:13 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-21 15:13 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-21 15:13 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-21 15:12 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-21 15:12 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-20 18:40 . 2012-06-20 18:40 -------- d-----w- c:\windows\nl 2012-06-20 18:39 . 2012-03-08 16:32 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-06-20 18:31 . 2012-06-20 18:31 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\eb5cfd701cd4f1203\MeshBetaRemover.exe 2012-06-20 18:31 . 2012-06-20 18:31 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\eaeb86901cd4f1202\DSETUP.dll 2012-06-20 18:31 . 2012-06-20 18:31 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\eaeb86901cd4f1202\DXSETUP.exe 2012-06-20 18:31 . 2012-06-20 18:31 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\eaeb86901cd4f1202\dsetup32.dll 2012-06-14 16:47 . 2012-05-15 19:51 2045440 ----a-w- c:\windows\system32\win32k.sys 2012-06-14 16:47 . 2012-04-23 16:00 984064 ----a-w- c:\windows\system32\crypt32.dll 2012-06-14 16:47 . 2012-04-23 16:00 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-14 16:47 . 2012-04-23 16:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-14 16:46 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-12 17:58 . 2012-06-12 17:58 -------- d-----w- C:\Logitech® Webcam Software 2012-06-12 17:13 . 2012-06-12 17:14 -------- d-----w- c:\program files\Microsoft Security Client 2012-06-10 09:38 . 2012-06-10 09:38 -------- d-----w- c:\users\User\AppData\Roaming\Malwarebytes 2012-06-10 09:37 . 2012-06-10 09:37 -------- d-----w- c:\programdata\Malwarebytes 2012-06-10 09:37 . 2012-07-01 09:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-08 18:43 . 2012-06-10 09:44 -------- d-----w- c:\programdata\F4D55F17000083BB013D4B9D570F1C55 2012-06-05 16:22 . 2012-06-05 16:22 -------- d-----w- c:\users\User\AppData\Roaming\Bohawo . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-20 18:52 . 2012-04-11 15:26 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-20 18:52 . 2011-11-29 17:52 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272] "atchk"="c:\program files\Intel\AMT\atchk.exe" [2008-05-25 408088] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-02-21 1183744] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1516363826-1503883839-2503960815-1000] "EnableNotificationsRef"=dword:00000001 . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MBAMPROTECTOR . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-07-02 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 18:52] . 2012-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-05 14:01] . 2012-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-05 14:01] . 2012-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1516363826-1503883839-2503960815-1000Core.job - c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-30 12:01] . 2012-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1516363826-1503883839-2503960815-1000UA.job - c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-30 12:01] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://83.160.69.112/activex/AMC.cab . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-02 20:14 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-07-02 20:18:00 ComboFix-quarantined-files.txt 2012-07-02 18:17 . Pre-Run: 21.202.010.112 bytes beschikbaar Post-Run: 25.180.110.848 bytes beschikbaar . - - End Of File - - B716183D962EE34517918BE0D85BAC39
-
Nee ik kom nu wel op de site van microsoft. Is mijn pc nu helemaal schoon?
-
MBAM: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.07.01.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 User :: PC_VAN_USER [administrator] 1-7-2012 11:30:35 mbam-log-2012-07-01 (11-30-35).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 199519 Verstreken tijd: 5 minuut/minuten, 22 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 1 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GOOGLEUPDATE.EXE (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Uwyvytub (Trojan.XBuild) -> Data: C:\Users\User\AppData\Roaming\Usuq\ygti.exe -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 3 C:\Users\User\AppData\Roaming\Usuq\ygti.exe (Trojan.XBuild) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\User\AppData\Local\Temp\tmpb702b542\nls.exe (Trojan.XBuild) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\User\AppData\Local\Temp\googleupdate.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) HiJackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:41:23, on 1-7-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Intel\AMT\atchk.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://83.160.69.112/activex/AMC.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE O23 - Service: Intel® Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe O23 - Service: Intel® Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: Intel® Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\AMT\UNS.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7356 bytes
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:01:35, on 30-6-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Intel\AMT\atchk.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\BitTorrent\BitTorrent.exe C:\Windows\system32\conime.exe C:\Program Files\Microsoft Silverlight\4.1.10329.0\agcp.exe C:\Users\User\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\***nchr.exe C:\Users\User\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Microsoft Silverlight\4.1.10329.0\agcp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKCU\..\Run: [4V4Y0E1E3UYA2G4AWOBCJSJHUXTN] C:\systemcan\2E4B3F48EAB.exe /q O4 - HKCU\..\Run: [uwyvytub] C:\Users\User\AppData\Roaming\Usuq\ygti.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [sigogoliqe] C:\Users\User\AppData\Roaming\Zyem\ytas.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://83.160.69.112/activex/AMC.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE O23 - Service: Intel® Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe O23 - Service: Intel® Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: Intel® Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\AMT\UNS.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8123 bytes
-
HiJackThis.msi komt bij mij in C:\Users\Users\downloads terecht. Als ik er daar met mijn rechter muisknop op klik kan ik het installeren, maar niet uitvoeren als administrator. Moet ik hier dan wel mee doorgaan? Ik heb nl. Windows Vista.
-
Ik heb Chrome geinstalleerd, maar daar heb ik hetzelfde probleem.
-
Ik heb Internet Explorer. Die andere 2 browsers heb ik niet.
-
Ik heb een probleempje. Ik kan gewooon surfen op het internet zonder enige problemen. Maar ik kan niet op de site van microsoft komen. Zo kan ik geen silverlight etc. downloaden. Hoe kan ik dit oplossen?
-
Ja volgens mij is het nu verwijderd. Ik heb alleen nog wel een zwart bureaublad. Hoe kan ik dat verhelpen?
-
Emsisoft Emergency Kit - Versie 2.0 Laatste Update: 11-6-2012 21:32:38 Scaninstellingen: Scantype: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\, D:\ Scan archieven: Aan ADS Scan: Aan Scan gestart: 11-6-2012 21:33:49 c:\users\user\appdata\roaming\microsoft\windows\start menu\programs\live security platinum\live security platinum.lnk Ontdekt: Trace.File.livesecurityplatinum!E1 C:\Windows\Installer\{947f7a9d-f512-5b63-1003-f03bb1a15740}\U\00000001.@ Ontdekt: Trojan.Win32.Small!E2 C:\Windows\Installer\{947f7a9d-f512-5b63-1003-f03bb1a15740}\U\80000000.@ Ontdekt: Trojan.Win32.Sirefef!E2 C:\Windows\Installer\{947f7a9d-f512-5b63-1003-f03bb1a15740}\U\800000cb.@ Ontdekt: Trojan.Win32.Agent.AMN!E1 C:\Users\User\AppData\Roaming\Zyem\ytas.exe Ontdekt: Trojan-PWS.Win32.Zbot!E2 C:\Users\User\AppData\Roaming\Ceah\qaike.exe Ontdekt: Trojan.SuspectCRC!E2 C:\Users\User\AppData\Roaming\Duop\ivhia.exe Ontdekt: Trojan-Ransom.Win32.Gimemo!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\238226c7-692b0e5c -> a\Data.class Ontdekt: Trojan.Java.Downloader!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\55d4af88-2ebbfd3e -> sa\sc.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\55d4af88-2ebbfd3e -> sa\er.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\55d4af88-2ebbfd3e -> sa\sa.class Ontdekt: Exploit.Java.CVE-2011-3544!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\19a86bba-1033cef2 -> ub.class Ontdekt: Exploit.Java.Blacole!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\19a86bba-1033cef2 -> cr.class Ontdekt: Java.Downloader.AZ!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\454d30ab-5bd91102 -> mbcuk\lgsaujulwmwuljgqvjnhwcm.class Ontdekt: JAVA.Agent!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\19a86bba-1033cef2 -> ud.class Ontdekt: Exploit.Java.CVE-2010!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\454d30ab-5bd91102 -> mbcuk\kuyslutvdtwsfgujpsuk.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\454d30ab-5bd91102 -> mbcuk\wraplflmdvm.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\454d30ab-5bd91102 -> mbcuk\qqpqgkljqvysvdved.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\454d30ab-5bd91102 -> mbcuk\tsrhkkkuvvyh.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\19a86bba-1033cef2 -> ua.class Ontdekt: Exploit.Java.CVE-2011-3544!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\2eb2d9d3-435b6a8e -> ltdypqfbvuppuhw\wcpnanseeeyjbbflhsmhbfu.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\Local\{947f7a9d-f512-5b63-1003-f03bb1a15740}\n Ontdekt: Trojan.Win32.Sirefef.AMN!E1 C:\Users\User\AppData\Local\Temp\jar_cache1243825035899559161.tmp -> ta\ta.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache1243825035899559161.tmp -> ta\tb.class Ontdekt: Exploit.Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache2356266413985540079.tmp -> Wgjio.class Ontdekt: JAVA.Agent!E2 C:\Users\User\AppData\Local\Temp\jar_cache2356266413985540079.tmp -> Pipix.class Ontdekt: JAVA.Agent!E2 C:\Users\User\AppData\Local\Temp\jar_cache3160167944646718662.tmp -> ltdypqfbvuppuhw\wcpnanseeeyjbbflhsmhbfu.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache5488922290925343109.tmp -> Pol.class Ontdekt: JAVA.Agent!E2 C:\Users\User\AppData\Local\Temp\jar_cache2356266413985540079.tmp -> Goo.class Ontdekt: Exploit.Java.CVE-2010-0840!E2 C:\Users\User\AppData\Local\Temp\jar_cache5488922290925343109.tmp -> Sikol.class Ontdekt: JAVA.Inject!E2 C:\Users\User\AppData\Local\Temp\jar_cache5488922290925343109.tmp -> Tesia$asgag.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache5488922290925343109.tmp -> Tesia$s.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache5488922290925343109.tmp -> Tesia$sasf.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache5488922290925343109.tmp -> Tesia.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache5488922290925343109.tmp -> Sen.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache2356266413985540079.tmp -> Sjyaw.class Ontdekt: JAVA.Agent!E2 C:\Users\User\AppData\Local\Temp\jar_cache1243825035899559161.tmp -> ta\M.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache889292385722908476.tmp -> news\comments.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache889292385722908476.tmp -> news\faq.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache889292385722908476.tmp -> news\live.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache889292385722908476.tmp -> news\tags.class Ontdekt: Java.CVE!E2 C:\Users\User\AppData\Local\Temp\tmp04391d5b.bat Ontdekt: Virus.BAT.Deleter!E2 C:\Users\User\AppData\Local\Temp\tmp7488e99a.bat Ontdekt: Virus.BAT.Deleter!E2 C:\Users\User\AppData\Local\Temp\tmp586371e9.bat Ontdekt: Virus.BAT.Deleter!E2 C:\Users\User\AppData\Local\Temp\tmpb05263fb.bat Ontdekt: Virus.BAT.Deleter!E2 C:\Users\User\AppData\Local\Temp\tmpc450dcec\nls.exe Ontdekt: Trojan-Spy.Win32.Zbot!E2 C:\systemcan\2E4B3F48EAB.exe Ontdekt: Win32.SuspectCrc!E2 Gescand 639846 Gevonden 47 Scan geëindigd: 11-6-2012 22:58:14 Scantijd: 1:24:25 C:\systemcan\2E4B3F48EAB.exe Verwijderd Win32.SuspectCrc!E2 C:\Users\User\AppData\Local\Temp\tmpc450dcec\nls.exe Verwijderd Trojan-Spy.Win32.Zbot!E2 C:\Users\User\AppData\Local\Temp\tmp04391d5b.bat Verwijderd Virus.BAT.Deleter!E2 C:\Users\User\AppData\Local\Temp\tmp7488e99a.bat Verwijderd Virus.BAT.Deleter!E2 C:\Users\User\AppData\Local\Temp\tmp586371e9.bat Verwijderd Virus.BAT.Deleter!E2 C:\Users\User\AppData\Local\Temp\tmpb05263fb.bat Verwijderd Virus.BAT.Deleter!E2 C:\Users\User\AppData\Local\Temp\jar_cache5488922290925343109.tmp -> Sikol.class Verwijderd JAVA.Inject!E2 C:\Users\User\AppData\Local\Temp\jar_cache2356266413985540079.tmp -> Goo.class Verwijderd Exploit.Java.CVE-2010-0840!E2 C:\Users\User\AppData\Local\Temp\jar_cache1243825035899559161.tmp -> ta\tb.class Verwijderd Exploit.Java.CVE!E2 C:\Users\User\AppData\Local\{947f7a9d-f512-5b63-1003-f03bb1a15740}\n Verwijderd Trojan.Win32.Sirefef.AMN!E1 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\19a86bba-1033cef2 -> ud.class Verwijderd Exploit.Java.CVE-2010!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\454d30ab-5bd91102 -> mbcuk\lgsaujulwmwuljgqvjnhwcm.class Verwijderd JAVA.Agent!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\55d4af88-2ebbfd3e -> sa\sa.class Verwijderd Exploit.Java.CVE-2011-3544!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\2eb2d9d3-435b6a8e -> ltdypqfbvuppuhw\wcpnanseeeyjbbflhsmhbfu.class Verwijderd Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache3160167944646718662.tmp -> ltdypqfbvuppuhw\wcpnanseeeyjbbflhsmhbfu.class Verwijderd Java.CVE!E2 C:\Users\User\AppData\Local\Temp\jar_cache889292385722908476.tmp -> news\comments.class Verwijderd Java.CVE!E2 C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\238226c7-692b0e5c -> a\Data.class Verwijderd Trojan.Java.Downloader!E2 C:\Users\User\AppData\Roaming\Duop\ivhia.exe Verwijderd Trojan-Ransom.Win32.Gimemo!E2 C:\Users\User\AppData\Roaming\Ceah\qaike.exe Verwijderd Trojan.SuspectCRC!E2 C:\Users\User\AppData\Roaming\Zyem\ytas.exe Verwijderd Trojan-PWS.Win32.Zbot!E2 C:\Windows\Installer\{947f7a9d-f512-5b63-1003-f03bb1a15740}\U\800000cb.@ Verwijderd Trojan.Win32.Agent.AMN!E1 C:\Windows\Installer\{947f7a9d-f512-5b63-1003-f03bb1a15740}\U\80000000.@ Verwijderd Trojan.Win32.Sirefef!E2 C:\Windows\Installer\{947f7a9d-f512-5b63-1003-f03bb1a15740}\U\00000001.@ Verwijderd Trojan.Win32.Small!E2 c:\users\user\appdata\roaming\microsoft\windows\start menu\programs\live security platinum\live security platinum.lnk Verwijderd Trace.File.livesecurityplatinum!E1 Verwijderd 24
-
moet ik dubbelklikken op start.exe of moet deze ook worden uitgevoerd als administrator?
-
20:39:54.0356 3868 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16 20:39:54.0558 3868 ============================================================ 20:39:54.0558 3868 Current date / time: 2012/06/11 20:39:54.0558 20:39:54.0558 3868 SystemInfo: 20:39:54.0558 3868 20:39:54.0558 3868 OS Version: 6.0.6002 ServicePack: 2.0 20:39:54.0558 3868 Product type: Workstation 20:39:54.0558 3868 ComputerName: PC_VAN_USER 20:39:54.0558 3868 UserName: User 20:39:54.0558 3868 Windows directory: C:\Windows 20:39:54.0558 3868 System windows directory: C:\Windows 20:39:54.0558 3868 Processor architecture: Intel x86 20:39:54.0558 3868 Number of processors: 2 20:39:54.0558 3868 Page size: 0x1000 20:39:54.0558 3868 Boot type: Normal boot 20:39:54.0558 3868 ============================================================ 20:39:55.0526 3868 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 20:39:55.0526 3868 ============================================================ 20:39:55.0526 3868 \Device\Harddisk0\DR0: 20:39:55.0526 3868 MBR partitions: 20:39:55.0526 3868 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x717732F 20:39:55.0526 3868 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x717736E, BlocksNum 0x1604D213 20:39:55.0526 3868 ============================================================ 20:39:55.0557 3868 C: <-> \Device\Harddisk0\DR0\Partition0 20:39:55.0572 3868 D: <-> \Device\Harddisk0\DR0\Partition1 20:39:55.0572 3868 ============================================================ 20:39:55.0572 3868 Initialize success 20:39:55.0572 3868 ============================================================ 20:40:03.0606 2332 ============================================================ 20:40:03.0606 2332 Scan started 20:40:03.0606 2332 Mode: Manual; 20:40:03.0606 2332 ============================================================ 20:40:04.0870 2332 Accelerometer (cc1f1d3d70dc13c2c281488d347d4415) C:\Windows\system32\DRIVERS\Accelerometer.sys 20:40:04.0870 2332 Accelerometer - ok 20:40:04.0901 2332 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 20:40:04.0901 2332 ACPI - ok 20:40:04.0964 2332 ADIHdAudAddService (fb9ece3f7b8a03e474e611031ad4cd23) C:\Windows\system32\drivers\ADIHdAud.sys 20:40:04.0979 2332 ADIHdAudAddService - ok 20:40:05.0057 2332 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe 20:40:05.0057 2332 Adobe LM Service - ok 20:40:05.0151 2332 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 20:40:05.0151 2332 AdobeFlashPlayerUpdateSvc - ok 20:40:05.0213 2332 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 20:40:05.0229 2332 adp94xx - ok 20:40:05.0260 2332 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 20:40:05.0260 2332 adpahci - ok 20:40:05.0291 2332 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 20:40:05.0291 2332 adpu160m - ok 20:40:05.0291 2332 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 20:40:05.0291 2332 adpu320 - ok 20:40:05.0354 2332 AEADIFilters (12d23758621b00b8d3134095ec3325fd) C:\Windows\system32\AEADISRV.EXE 20:40:05.0354 2332 AEADIFilters - ok 20:40:05.0385 2332 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll 20:40:05.0385 2332 AeLookupSvc - ok 20:40:05.0432 2332 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 20:40:05.0447 2332 AFD - ok 20:40:05.0478 2332 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 20:40:05.0478 2332 agp440 - ok 20:40:05.0510 2332 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 20:40:05.0510 2332 aic78xx - ok 20:40:05.0556 2332 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe 20:40:05.0556 2332 ALG - ok 20:40:05.0556 2332 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 20:40:05.0556 2332 aliide - ok 20:40:05.0556 2332 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 20:40:05.0556 2332 amdagp - ok 20:40:05.0572 2332 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 20:40:05.0572 2332 amdide - ok 20:40:05.0588 2332 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 20:40:05.0588 2332 AmdK7 - ok 20:40:05.0588 2332 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 20:40:05.0588 2332 AmdK8 - ok 20:40:05.0634 2332 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll 20:40:05.0634 2332 Appinfo - ok 20:40:05.0666 2332 AppMgmt (0fe769cae5855b53c90e23f85e7e89ff) C:\Windows\System32\appmgmts.dll 20:40:05.0666 2332 AppMgmt - ok 20:40:05.0697 2332 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 20:40:05.0697 2332 arc - ok 20:40:05.0728 2332 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 20:40:05.0728 2332 arcsas - ok 20:40:05.0775 2332 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 20:40:05.0775 2332 AsyncMac - ok 20:40:05.0806 2332 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 20:40:05.0806 2332 atapi - ok 20:40:05.0868 2332 atchksrv (f0bb742487725c342f280d64003d3e79) C:\Program Files\Intel\AMT\atchksrv.exe 20:40:05.0868 2332 atchksrv - ok 20:40:05.0946 2332 ATSWPDRV (69e65a2ce11619f0c868967ca9540b80) C:\Windows\system32\DRIVERS\ATSwpDrv.sys 20:40:05.0946 2332 ATSWPDRV - ok 20:40:05.0993 2332 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 20:40:05.0993 2332 AudioEndpointBuilder - ok 20:40:05.0993 2332 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 20:40:06.0009 2332 Audiosrv - ok 20:40:06.0071 2332 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 20:40:06.0071 2332 Beep - ok 20:40:06.0196 2332 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll 20:40:06.0196 2332 BITS - ok 20:40:06.0227 2332 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 20:40:06.0227 2332 blbdrive - ok 20:40:06.0243 2332 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 20:40:06.0243 2332 bowser - ok 20:40:06.0305 2332 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 20:40:06.0305 2332 BrFiltLo - ok 20:40:06.0321 2332 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 20:40:06.0321 2332 BrFiltUp - ok 20:40:06.0446 2332 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll 20:40:06.0446 2332 Browser - ok 20:40:06.0446 2332 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 20:40:06.0446 2332 Brserid - ok 20:40:06.0461 2332 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 20:40:06.0461 2332 BrSerWdm - ok 20:40:06.0461 2332 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 20:40:06.0461 2332 BrUsbMdm - ok 20:40:06.0477 2332 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 20:40:06.0477 2332 BrUsbSer - ok 20:40:06.0508 2332 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 20:40:06.0508 2332 BthEnum - ok 20:40:06.0508 2332 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 20:40:06.0508 2332 BTHMODEM - ok 20:40:06.0539 2332 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 20:40:06.0539 2332 BthPan - ok 20:40:06.0602 2332 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys 20:40:06.0602 2332 BTHPORT - ok 20:40:06.0648 2332 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll 20:40:06.0648 2332 BthServ - ok 20:40:06.0664 2332 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys 20:40:06.0664 2332 BTHUSB - ok 20:40:06.0680 2332 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 20:40:06.0680 2332 cdfs - ok 20:40:06.0726 2332 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 20:40:06.0726 2332 cdrom - ok 20:40:06.0726 2332 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 20:40:06.0726 2332 CertPropSvc - ok 20:40:06.0758 2332 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 20:40:06.0758 2332 circlass - ok 20:40:06.0789 2332 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 20:40:06.0789 2332 CLFS - ok 20:40:06.0867 2332 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:40:06.0867 2332 clr_optimization_v2.0.50727_32 - ok 20:40:06.0945 2332 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:40:06.0945 2332 clr_optimization_v4.0.30319_32 - ok 20:40:06.0992 2332 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 20:40:06.0992 2332 CmBatt - ok 20:40:07.0023 2332 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 20:40:07.0023 2332 cmdide - ok 20:40:07.0085 2332 Com4QLBEx (c7a0e61d5714ac20de52d4f66ec773b8) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe 20:40:07.0085 2332 Com4QLBEx - ok 20:40:07.0101 2332 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 20:40:07.0101 2332 Compbatt - ok 20:40:07.0101 2332 COMSysApp - ok 20:40:07.0101 2332 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 20:40:07.0101 2332 crcdisk - ok 20:40:07.0116 2332 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 20:40:07.0116 2332 Crusoe - ok 20:40:07.0163 2332 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll 20:40:07.0163 2332 CryptSvc - ok 20:40:07.0194 2332 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys 20:40:07.0210 2332 CSC - ok 20:40:07.0257 2332 CscService (0a2095f92f6ae4fe6484d911b0c21e95) C:\Windows\System32\cscsvc.dll 20:40:07.0272 2332 CscService - ok 20:40:07.0335 2332 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 20:40:07.0350 2332 DcomLaunch - ok 20:40:07.0428 2332 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 20:40:07.0428 2332 DfsC - ok 20:40:07.0600 2332 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe 20:40:07.0647 2332 DFSR - ok 20:40:07.0803 2332 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll 20:40:07.0803 2332 Dhcp - ok 20:40:07.0865 2332 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 20:40:07.0865 2332 disk - ok 20:40:07.0912 2332 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll 20:40:07.0912 2332 Dnscache - ok 20:40:07.0974 2332 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll 20:40:07.0974 2332 dot3svc - ok 20:40:08.0052 2332 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll 20:40:08.0052 2332 DPS - ok 20:40:08.0084 2332 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 20:40:08.0084 2332 drmkaud - ok 20:40:08.0162 2332 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 20:40:08.0162 2332 DXGKrnl - ok 20:40:08.0240 2332 e1express (2db565612e74e0c01780670270a6fd7f) C:\Windows\system32\DRIVERS\e1e6032.sys 20:40:08.0240 2332 e1express - ok 20:40:08.0271 2332 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 20:40:08.0271 2332 E1G60 - ok 20:40:08.0318 2332 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll 20:40:08.0318 2332 EapHost - ok 20:40:08.0380 2332 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 20:40:08.0380 2332 Ecache - ok 20:40:08.0442 2332 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 20:40:08.0442 2332 elxstor - ok 20:40:08.0505 2332 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll 20:40:08.0505 2332 EMDMgmt - ok 20:40:08.0536 2332 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 20:40:08.0536 2332 ErrDev - ok 20:40:08.0583 2332 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll 20:40:08.0583 2332 EventSystem - ok 20:40:08.0614 2332 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 20:40:08.0614 2332 exfat - ok 20:40:08.0661 2332 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 20:40:08.0661 2332 fastfat - ok 20:40:08.0708 2332 Fax (dfba0f60fa301e5b1bfb1403a93ee23e) C:\Windows\system32\fxssvc.exe 20:40:08.0708 2332 Fax - ok 20:40:08.0770 2332 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 20:40:08.0770 2332 fdc - ok 20:40:08.0786 2332 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll 20:40:08.0786 2332 fdPHost - ok 20:40:08.0786 2332 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll 20:40:08.0786 2332 FDResPub - ok 20:40:08.0801 2332 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 20:40:08.0801 2332 FileInfo - ok 20:40:08.0801 2332 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 20:40:08.0801 2332 Filetrace - ok 20:40:08.0801 2332 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 20:40:08.0801 2332 flpydisk - ok 20:40:08.0832 2332 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 20:40:08.0832 2332 FltMgr - ok 20:40:08.0895 2332 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll 20:40:08.0910 2332 FontCache - ok 20:40:08.0957 2332 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 20:40:08.0957 2332 FontCache3.0.0.0 - ok 20:40:08.0988 2332 fssfltr (bfaaa92861526bb0adcd01e964ab6609) C:\Windows\system32\DRIVERS\fssfltr.sys 20:40:08.0988 2332 fssfltr - ok 20:40:09.0191 2332 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 20:40:09.0222 2332 fsssvc - ok 20:40:09.0332 2332 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys 20:40:09.0332 2332 Fs_Rec - ok 20:40:09.0378 2332 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 20:40:09.0378 2332 gagp30kx - ok 20:40:09.0425 2332 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll 20:40:09.0441 2332 gpsvc - ok 20:40:09.0534 2332 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 20:40:09.0534 2332 gupdate - ok 20:40:09.0550 2332 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 20:40:09.0550 2332 gupdatem - ok 20:40:09.0581 2332 HBtnKey (93aee3434935fc2f805fefd8dc5ed1b4) C:\Windows\system32\DRIVERS\cpqbttn.sys 20:40:09.0581 2332 HBtnKey - ok 20:40:09.0628 2332 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 20:40:09.0628 2332 HdAudAddService - ok 20:40:09.0690 2332 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 20:40:09.0690 2332 HDAudBus - ok 20:40:09.0737 2332 HECI (982da8edc8e2680ba8e39dc1ad54a04e) C:\Windows\system32\DRIVERS\HECI.sys 20:40:09.0737 2332 HECI - ok 20:40:09.0753 2332 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 20:40:09.0753 2332 HidBth - ok 20:40:09.0768 2332 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 20:40:09.0768 2332 HidIr - ok 20:40:09.0800 2332 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll 20:40:09.0800 2332 hidserv - ok 20:40:09.0800 2332 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys 20:40:09.0800 2332 HidUsb - ok 20:40:09.0846 2332 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll 20:40:09.0846 2332 hkmsvc - ok 20:40:09.0846 2332 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 20:40:09.0846 2332 HpCISSs - ok 20:40:09.0878 2332 hpdskflt (4ef10b866c62abbeaf7511cdd05a19be) C:\Windows\system32\DRIVERS\hpdskflt.sys 20:40:09.0878 2332 hpdskflt - ok 20:40:09.0924 2332 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 20:40:09.0924 2332 HpqKbFiltr - ok 20:40:09.0987 2332 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 20:40:10.0002 2332 hpqwmiex - ok 20:40:10.0018 2332 hpsrv (c0beb56ed79b59b7b33d0aa6c38a0ba6) C:\Windows\system32\Hpservice.exe 20:40:10.0018 2332 hpsrv - ok 20:40:10.0065 2332 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 20:40:10.0065 2332 HSFHWAZL - ok 20:40:10.0158 2332 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys 20:40:10.0158 2332 HSF_DPV - ok 20:40:10.0190 2332 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys 20:40:10.0190 2332 HSXHWAZL - ok 20:40:10.0236 2332 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 20:40:10.0252 2332 HTTP - ok 20:40:10.0283 2332 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 20:40:10.0283 2332 i2omp - ok 20:40:10.0314 2332 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 20:40:10.0314 2332 i8042prt - ok 20:40:10.0346 2332 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 20:40:10.0346 2332 iaStorV - ok 20:40:10.0455 2332 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 20:40:10.0455 2332 idsvc - ok 20:40:10.0470 2332 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 20:40:10.0470 2332 iirsp - ok 20:40:10.0548 2332 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll 20:40:10.0548 2332 IKEEXT - ok 20:40:10.0580 2332 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 20:40:10.0580 2332 intelide - ok 20:40:10.0611 2332 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 20:40:10.0611 2332 intelppm - ok 20:40:10.0658 2332 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll 20:40:10.0658 2332 IPBusEnum - ok 20:40:10.0689 2332 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:40:10.0689 2332 IpFilterDriver - ok 20:40:10.0782 2332 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll 20:40:10.0782 2332 iphlpsvc - ok 20:40:10.0782 2332 IpInIp - ok 20:40:10.0798 2332 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 20:40:10.0798 2332 IPMIDRV - ok 20:40:10.0814 2332 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 20:40:10.0814 2332 IPNAT - ok 20:40:10.0829 2332 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 20:40:10.0829 2332 IRENUM - ok 20:40:10.0845 2332 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 20:40:10.0845 2332 isapnp - ok 20:40:10.0892 2332 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 20:40:10.0892 2332 iScsiPrt - ok 20:40:10.0892 2332 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 20:40:10.0892 2332 iteatapi - ok 20:40:10.0907 2332 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 20:40:10.0907 2332 iteraid - ok 20:40:10.0923 2332 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 20:40:10.0923 2332 kbdclass - ok 20:40:10.0954 2332 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 20:40:10.0954 2332 kbdhid - ok 20:40:10.0985 2332 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 20:40:10.0985 2332 KeyIso - ok 20:40:11.0032 2332 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys 20:40:11.0032 2332 KSecDD - ok 20:40:11.0079 2332 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll 20:40:11.0079 2332 KtmRm - ok 20:40:11.0126 2332 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll 20:40:11.0126 2332 LanmanServer - ok 20:40:11.0172 2332 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll 20:40:11.0172 2332 LanmanWorkstation - ok 20:40:11.0219 2332 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 20:40:11.0219 2332 lltdio - ok 20:40:11.0266 2332 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll 20:40:11.0266 2332 lltdsvc - ok 20:40:11.0297 2332 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll 20:40:11.0297 2332 lmhosts - ok 20:40:11.0360 2332 LMS (f58f73de40c85e5b132b4ab275a0f4b0) C:\Program Files\Intel\AMT\LMS.exe 20:40:11.0360 2332 LMS - ok 20:40:11.0391 2332 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 20:40:11.0391 2332 LSI_FC - ok 20:40:11.0406 2332 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 20:40:11.0406 2332 LSI_SAS - ok 20:40:11.0422 2332 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 20:40:11.0422 2332 LSI_SCSI - ok 20:40:11.0438 2332 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 20:40:11.0453 2332 luafv - ok 20:40:12.0030 2332 LVUVC (37e57c48af530df01cdd4e8a2ad77b51) C:\Windows\system32\DRIVERS\lvuvc.sys 20:40:12.0077 2332 LVUVC - ok 20:40:12.0218 2332 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys 20:40:12.0218 2332 MBAMProtector - ok 20:40:12.0311 2332 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 20:40:12.0327 2332 MBAMService - ok 20:40:12.0342 2332 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys 20:40:12.0342 2332 mdmxsdk - ok 20:40:12.0389 2332 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 20:40:12.0389 2332 megasas - ok 20:40:12.0436 2332 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 20:40:12.0452 2332 MegaSR - ok 20:40:12.0483 2332 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 20:40:12.0483 2332 MMCSS - ok 20:40:12.0498 2332 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 20:40:12.0498 2332 Modem - ok 20:40:12.0530 2332 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 20:40:12.0530 2332 monitor - ok 20:40:12.0530 2332 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 20:40:12.0530 2332 mouclass - ok 20:40:12.0545 2332 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys 20:40:12.0545 2332 mouhid - ok 20:40:12.0561 2332 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 20:40:12.0561 2332 MountMgr - ok 20:40:12.0592 2332 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 20:40:12.0592 2332 mpio - ok 20:40:12.0608 2332 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 20:40:12.0608 2332 mpsdrv - ok 20:40:12.0623 2332 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 20:40:12.0623 2332 Mraid35x - ok 20:40:12.0654 2332 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 20:40:12.0654 2332 MRxDAV - ok 20:40:12.0686 2332 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:40:12.0686 2332 mrxsmb - ok 20:40:12.0717 2332 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:40:12.0717 2332 mrxsmb10 - ok 20:40:12.0732 2332 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:40:12.0732 2332 mrxsmb20 - ok 20:40:12.0764 2332 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 20:40:12.0764 2332 msahci - ok 20:40:12.0779 2332 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 20:40:12.0779 2332 msdsm - ok 20:40:12.0810 2332 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe 20:40:12.0810 2332 MSDTC - ok 20:40:12.0826 2332 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 20:40:12.0826 2332 Msfs - ok 20:40:12.0857 2332 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 20:40:12.0857 2332 msisadrv - ok 20:40:12.0888 2332 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll 20:40:12.0888 2332 MSiSCSI - ok 20:40:12.0888 2332 msiserver - ok 20:40:12.0904 2332 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 20:40:12.0920 2332 MSKSSRV - ok 20:40:12.0920 2332 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 20:40:12.0920 2332 MSPCLOCK - ok 20:40:12.0935 2332 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 20:40:12.0935 2332 MSPQM - ok 20:40:12.0966 2332 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 20:40:12.0966 2332 MsRPC - ok 20:40:12.0982 2332 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 20:40:12.0982 2332 mssmbios - ok 20:40:12.0998 2332 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 20:40:12.0998 2332 MSTEE - ok 20:40:13.0013 2332 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 20:40:13.0013 2332 Mup - ok 20:40:13.0060 2332 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll 20:40:13.0060 2332 napagent - ok 20:40:13.0107 2332 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 20:40:13.0107 2332 NativeWifiP - ok 20:40:13.0169 2332 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 20:40:13.0169 2332 NDIS - ok 20:40:13.0200 2332 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 20:40:13.0200 2332 NdisTapi - ok 20:40:13.0216 2332 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 20:40:13.0216 2332 Ndisuio - ok 20:40:13.0247 2332 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 20:40:13.0247 2332 NdisWan - ok 20:40:13.0278 2332 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 20:40:13.0278 2332 NDProxy - ok 20:40:13.0278 2332 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 20:40:13.0278 2332 NetBIOS - ok 20:40:13.0294 2332 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 20:40:13.0310 2332 netbt - ok 20:40:13.0325 2332 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 20:40:13.0325 2332 Netlogon - ok 20:40:13.0372 2332 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll 20:40:13.0388 2332 Netman - ok 20:40:13.0419 2332 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll 20:40:13.0419 2332 netprofm - ok 20:40:13.0512 2332 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:40:13.0512 2332 NetTcpPortSharing - ok 20:40:14.0433 2332 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys 20:40:14.0526 2332 NETw5v32 - ok 20:40:14.0667 2332 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 20:40:14.0682 2332 nfrd960 - ok 20:40:14.0714 2332 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll 20:40:14.0714 2332 NlaSvc - ok 20:40:14.0745 2332 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 20:40:14.0745 2332 Npfs - ok 20:40:14.0760 2332 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll 20:40:14.0760 2332 nsi - ok 20:40:14.0776 2332 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 20:40:14.0776 2332 nsiproxy - ok 20:40:14.0854 2332 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 20:40:14.0885 2332 Ntfs - ok 20:40:14.0916 2332 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 20:40:14.0916 2332 ntrigdigi - ok 20:40:14.0932 2332 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 20:40:14.0932 2332 Null - ok 20:40:15.0431 2332 nvlddmkm (8f6858e9eab2b1bf81d113b2ed3b31c7) C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:40:15.0696 2332 nvlddmkm - ok 20:40:15.0837 2332 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 20:40:15.0837 2332 nvraid - ok 20:40:15.0837 2332 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 20:40:15.0837 2332 nvstor - ok 20:40:15.0884 2332 nvsvc (b89023301aced07b4e7e587f7228c06b) C:\Windows\system32\nvvsvc.exe 20:40:15.0884 2332 nvsvc - ok 20:40:15.0899 2332 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 20:40:15.0899 2332 nv_agp - ok 20:40:15.0899 2332 NwlnkFlt - ok 20:40:15.0915 2332 NwlnkFwd - ok 20:40:15.0930 2332 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 20:40:15.0930 2332 ohci1394 - ok 20:40:16.0008 2332 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 20:40:16.0040 2332 p2pimsvc - ok 20:40:16.0055 2332 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 20:40:16.0071 2332 p2psvc - ok 20:40:16.0118 2332 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys 20:40:16.0118 2332 Parport - ok 20:40:16.0149 2332 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys 20:40:16.0149 2332 partmgr - ok 20:40:16.0164 2332 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys 20:40:16.0164 2332 Parvdm - ok 20:40:16.0196 2332 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll 20:40:16.0196 2332 PcaSvc - ok 20:40:16.0242 2332 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 20:40:16.0242 2332 pci - ok 20:40:16.0289 2332 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 20:40:16.0289 2332 pciide - ok 20:40:16.0336 2332 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys 20:40:16.0336 2332 pcmcia - ok 20:40:16.0414 2332 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 20:40:16.0445 2332 PEAUTH - ok 20:40:16.0679 2332 PEVSystemStart (f042ee4c8d66248d9b86dcf52abae416) C:\32788R22FWJFW\pev.3XE 20:40:16.0679 2332 PEVSystemStart - ok 20:40:16.0788 2332 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll 20:40:16.0835 2332 pla - ok 20:40:16.0976 2332 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll 20:40:16.0991 2332 PlugPlay - ok 20:40:17.0038 2332 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 20:40:17.0054 2332 PNRPAutoReg - ok 20:40:17.0054 2332 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 20:40:17.0054 2332 PNRPsvc - ok 20:40:17.0116 2332 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll 20:40:17.0116 2332 PolicyAgent - ok 20:40:17.0194 2332 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 20:40:17.0194 2332 PptpMiniport - ok 20:40:17.0225 2332 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 20:40:17.0225 2332 Processor - ok 20:40:17.0256 2332 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll 20:40:17.0256 2332 ProfSvc - ok 20:40:17.0288 2332 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 20:40:17.0288 2332 ProtectedStorage - ok 20:40:17.0319 2332 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 20:40:17.0319 2332 PSched - ok 20:40:17.0397 2332 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 20:40:17.0397 2332 ql2300 - ok 20:40:17.0428 2332 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 20:40:17.0428 2332 ql40xx - ok 20:40:17.0475 2332 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll 20:40:17.0490 2332 QWAVE - ok 20:40:17.0522 2332 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 20:40:17.0522 2332 QWAVEdrv - ok 20:40:17.0537 2332 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 20:40:17.0537 2332 RasAcd - ok 20:40:17.0553 2332 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll 20:40:17.0553 2332 RasAuto - ok 20:40:17.0600 2332 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:40:17.0600 2332 Rasl2tp - ok 20:40:17.0646 2332 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll 20:40:17.0646 2332 RasMan - ok 20:40:17.0678 2332 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 20:40:17.0678 2332 RasPppoe - ok 20:40:17.0678 2332 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 20:40:17.0678 2332 RasSstp - ok 20:40:17.0709 2332 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 20:40:17.0724 2332 rdbss - ok 20:40:17.0740 2332 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:40:17.0740 2332 RDPCDD - ok 20:40:17.0787 2332 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys 20:40:17.0787 2332 rdpdr - ok 20:40:17.0787 2332 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 20:40:17.0787 2332 RDPENCDD - ok 20:40:17.0834 2332 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys 20:40:17.0834 2332 RDPWD - ok 20:40:17.0865 2332 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll 20:40:17.0865 2332 RemoteAccess - ok 20:40:17.0896 2332 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll 20:40:17.0896 2332 RemoteRegistry - ok 20:40:17.0927 2332 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 20:40:17.0927 2332 RFCOMM - ok 20:40:17.0958 2332 RICOH SmartCard Reader (470fc46e2989f6606043c1c5365b15fd) C:\Windows\system32\DRIVERS\rismc32.sys 20:40:17.0958 2332 RICOH SmartCard Reader - ok 20:40:18.0005 2332 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys 20:40:18.0005 2332 rimmptsk - ok 20:40:18.0021 2332 rismc32 (470fc46e2989f6606043c1c5365b15fd) C:\Windows\system32\DRIVERS\rismc32.sys 20:40:18.0021 2332 rismc32 - ok 20:40:18.0036 2332 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe 20:40:18.0036 2332 RpcLocator - ok 20:40:18.0099 2332 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 20:40:18.0099 2332 RpcSs - ok 20:40:18.0130 2332 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 20:40:18.0130 2332 rspndr - ok 20:40:18.0146 2332 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 20:40:18.0146 2332 SamSs - ok 20:40:18.0177 2332 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 20:40:18.0177 2332 sbp2port - ok 20:40:18.0192 2332 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll 20:40:18.0192 2332 SCardSvr - ok 20:40:18.0270 2332 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll 20:40:18.0270 2332 Schedule - ok 20:40:18.0302 2332 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 20:40:18.0302 2332 SCPolicySvc - ok 20:40:18.0333 2332 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 20:40:18.0333 2332 sdbus - ok 20:40:18.0380 2332 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll 20:40:18.0380 2332 SDRSVC - ok 20:40:18.0395 2332 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 20:40:18.0395 2332 secdrv - ok 20:40:18.0411 2332 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll 20:40:18.0411 2332 seclogon - ok 20:40:18.0411 2332 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll 20:40:18.0426 2332 SENS - ok 20:40:18.0442 2332 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys 20:40:18.0442 2332 Serenum - ok 20:40:18.0473 2332 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys 20:40:18.0473 2332 Serial - ok 20:40:18.0489 2332 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 20:40:18.0489 2332 sermouse - ok 20:40:18.0504 2332 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll 20:40:18.0504 2332 SessionEnv - ok 20:40:18.0504 2332 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 20:40:18.0504 2332 sffdisk - ok 20:40:18.0504 2332 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 20:40:18.0504 2332 sffp_mmc - ok 20:40:18.0520 2332 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 20:40:18.0520 2332 sffp_sd - ok 20:40:18.0536 2332 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 20:40:18.0536 2332 sfloppy - ok 20:40:18.0582 2332 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll 20:40:18.0598 2332 ShellHWDetection - ok 20:40:18.0598 2332 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 20:40:18.0598 2332 sisagp - ok 20:40:18.0598 2332 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 20:40:18.0598 2332 SiSRaid2 - ok 20:40:18.0629 2332 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 20:40:18.0629 2332 SiSRaid4 - ok 20:40:18.0816 2332 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe 20:40:18.0832 2332 slsvc - ok 20:40:18.0941 2332 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll 20:40:18.0941 2332 SLUINotify - ok 20:40:18.0957 2332 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 20:40:18.0972 2332 Smb - ok 20:40:19.0004 2332 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe 20:40:19.0004 2332 SNMPTRAP - ok 20:40:19.0035 2332 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 20:40:19.0035 2332 spldr - ok 20:40:19.0066 2332 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe 20:40:19.0066 2332 Spooler - ok 20:40:19.0113 2332 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 20:40:19.0144 2332 srv - ok 20:40:19.0191 2332 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 20:40:19.0191 2332 srv2 - ok 20:40:19.0222 2332 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 20:40:19.0222 2332 srvnet - ok 20:40:19.0238 2332 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll 20:40:19.0253 2332 SSDPSRV - ok 20:40:19.0284 2332 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll 20:40:19.0300 2332 SstpSvc - ok 20:40:19.0347 2332 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll 20:40:19.0347 2332 stisvc - ok 20:40:19.0378 2332 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 20:40:19.0378 2332 swenum - ok 20:40:19.0425 2332 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll 20:40:19.0425 2332 swprv - ok 20:40:19.0456 2332 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 20:40:19.0456 2332 Symc8xx - ok 20:40:19.0472 2332 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 20:40:19.0472 2332 Sym_hi - ok 20:40:19.0472 2332 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 20:40:19.0472 2332 Sym_u3 - ok 20:40:19.0581 2332 SynTP (0e8676fb3bb95aa40fdf7a4a31018c8b) C:\Windows\system32\DRIVERS\SynTP.sys 20:40:19.0612 2332 SynTP - ok 20:40:19.0706 2332 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll 20:40:19.0721 2332 SysMain - ok 20:40:19.0752 2332 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll 20:40:19.0752 2332 TabletInputService - ok 20:40:19.0784 2332 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll 20:40:19.0784 2332 TapiSrv - ok 20:40:19.0815 2332 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll 20:40:19.0815 2332 TBS - ok 20:40:19.0924 2332 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys 20:40:19.0940 2332 Tcpip - ok 20:40:19.0940 2332 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys 20:40:19.0955 2332 Tcpip6 - ok 20:40:19.0986 2332 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 20:40:19.0986 2332 tcpipreg - ok 20:40:20.0018 2332 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 20:40:20.0018 2332 TDPIPE - ok 20:40:20.0033 2332 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 20:40:20.0033 2332 TDTCP - ok 20:40:20.0064 2332 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 20:40:20.0064 2332 tdx - ok 20:40:20.0096 2332 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 20:40:20.0096 2332 TermDD - ok 20:40:20.0142 2332 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll 20:40:20.0158 2332 TermService - ok 20:40:20.0205 2332 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll 20:40:20.0205 2332 Themes - ok 20:40:20.0236 2332 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 20:40:20.0236 2332 THREADORDER - ok 20:40:20.0283 2332 TPM (cb258c2f726f1be73c507022be33ebb3) C:\Windows\system32\drivers\tpm.sys 20:40:20.0283 2332 TPM - ok 20:40:20.0314 2332 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll 20:40:20.0314 2332 TrkWks - ok 20:40:20.0361 2332 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe 20:40:20.0361 2332 TrustedInstaller - ok 20:40:20.0408 2332 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:40:20.0408 2332 tssecsrv - ok 20:40:20.0423 2332 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 20:40:20.0423 2332 tunmp - ok 20:40:20.0454 2332 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 20:40:20.0454 2332 tunnel - ok 20:40:20.0486 2332 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 20:40:20.0486 2332 uagp35 - ok 20:40:20.0517 2332 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 20:40:20.0517 2332 udfs - ok 20:40:20.0564 2332 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe 20:40:20.0579 2332 UI0Detect - ok 20:40:20.0595 2332 UIUSys - ok 20:40:20.0626 2332 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 20:40:20.0626 2332 uliagpkx - ok 20:40:20.0657 2332 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 20:40:20.0657 2332 uliahci - ok 20:40:20.0657 2332 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 20:40:20.0657 2332 UlSata - ok 20:40:20.0688 2332 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 20:40:20.0688 2332 ulsata2 - ok 20:40:20.0704 2332 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 20:40:20.0704 2332 umbus - ok 20:40:20.0751 2332 UmRdpService (8a66360f38f81e960e2367b428cbd5d9) C:\Windows\System32\umrdp.dll 20:40:20.0766 2332 UmRdpService - ok 20:40:20.0876 2332 UMVPFSrv (927754abf077aeb5504be4e0f2c60c1b) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 20:40:20.0891 2332 UMVPFSrv - ok 20:40:21.0000 2332 UNS (74cd456c408a6343a759a57efd6d1bce) C:\Program Files\Intel\AMT\UNS.exe 20:40:21.0016 2332 UNS - ok 20:40:21.0141 2332 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll 20:40:21.0141 2332 upnphost - ok 20:40:21.0203 2332 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys 20:40:21.0203 2332 usbaudio - ok 20:40:21.0219 2332 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 20:40:21.0219 2332 usbccgp - ok 20:40:21.0250 2332 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 20:40:21.0250 2332 usbcir - ok 20:40:21.0297 2332 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 20:40:21.0297 2332 usbehci - ok 20:40:21.0328 2332 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 20:40:21.0328 2332 usbhub - ok 20:40:21.0344 2332 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 20:40:21.0344 2332 usbohci - ok 20:40:21.0359 2332 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 20:40:21.0359 2332 usbprint - ok 20:40:21.0375 2332 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:40:21.0375 2332 USBSTOR - ok 20:40:21.0390 2332 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 20:40:21.0390 2332 usbuhci - ok 20:40:21.0437 2332 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 20:40:21.0437 2332 usbvideo - ok 20:40:21.0468 2332 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll 20:40:21.0468 2332 UxSms - ok 20:40:21.0531 2332 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe 20:40:21.0546 2332 vds - ok 20:40:21.0593 2332 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 20:40:21.0593 2332 vga - ok 20:40:21.0609 2332 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 20:40:21.0624 2332 VgaSave - ok 20:40:21.0624 2332 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 20:40:21.0624 2332 viaagp - ok 20:40:21.0656 2332 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 20:40:21.0656 2332 ViaC7 - ok 20:40:21.0656 2332 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 20:40:21.0656 2332 viaide - ok 20:40:21.0671 2332 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 20:40:21.0671 2332 volmgr - ok 20:40:21.0718 2332 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 20:40:21.0718 2332 volmgrx - ok 20:40:21.0765 2332 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 20:40:21.0765 2332 volsnap - ok 20:40:21.0780 2332 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 20:40:21.0780 2332 vsmraid - ok 20:40:21.0858 2332 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe 20:40:21.0858 2332 VSS - ok 20:40:21.0890 2332 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll 20:40:21.0890 2332 W32Time - ok 20:40:21.0952 2332 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 20:40:21.0952 2332 WacomPen - ok 20:40:21.0968 2332 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 20:40:21.0968 2332 Wanarp - ok 20:40:21.0983 2332 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 20:40:21.0983 2332 Wanarpv6 - ok 20:40:22.0030 2332 wbengine (20b23332885dfb93fe0185362ee811e9) C:\Windows\system32\wbengine.exe 20:40:22.0046 2332 wbengine - ok 20:40:22.0077 2332 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll 20:40:22.0092 2332 wcncsvc - ok 20:40:22.0124 2332 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll 20:40:22.0139 2332 WcsPlugInService - ok 20:40:22.0202 2332 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 20:40:22.0202 2332 Wd - ok 20:40:22.0248 2332 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 20:40:22.0264 2332 Wdf01000 - ok 20:40:22.0280 2332 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 20:40:22.0280 2332 WdiServiceHost - ok 20:40:22.0280 2332 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 20:40:22.0280 2332 WdiSystemHost - ok 20:40:22.0311 2332 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll 20:40:22.0311 2332 WebClient - ok 20:40:22.0358 2332 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll 20:40:22.0358 2332 Wecsvc - ok 20:40:22.0389 2332 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll 20:40:22.0389 2332 wercplsupport - ok 20:40:22.0420 2332 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll 20:40:22.0420 2332 WerSvc - ok 20:40:22.0482 2332 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys 20:40:22.0482 2332 winachsf - ok 20:40:22.0592 2332 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll 20:40:22.0607 2332 WinDefend - ok 20:40:22.0607 2332 WinHttpAutoProxySvc - ok 20:40:22.0685 2332 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll 20:40:22.0685 2332 Winmgmt - ok 20:40:22.0794 2332 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll 20:40:22.0826 2332 WinRM - ok 20:40:22.0904 2332 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll 20:40:22.0904 2332 Wlansvc - ok 20:40:22.0997 2332 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 20:40:22.0997 2332 wlcrasvc - ok 20:40:23.0122 2332 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 20:40:23.0153 2332 wlidsvc - ok 20:40:23.0278 2332 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 20:40:23.0278 2332 WmiAcpi - ok 20:40:23.0372 2332 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe 20:40:23.0372 2332 wmiApSrv - ok 20:40:23.0496 2332 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe 20:40:23.0496 2332 WMPNetworkSvc - ok 20:40:23.0528 2332 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll 20:40:23.0528 2332 WPDBusEnum - ok 20:40:23.0590 2332 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 20:40:23.0590 2332 WpdUsb - ok 20:40:23.0715 2332 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 20:40:23.0746 2332 WPFFontCache_v0400 - ok 20:40:23.0793 2332 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 20:40:23.0793 2332 ws2ifsl - ok 20:40:23.0808 2332 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll 20:40:23.0824 2332 wscsvc - ok 20:40:23.0824 2332 WSearch - ok 20:40:23.0964 2332 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll 20:40:24.0011 2332 wuauserv - ok 20:40:24.0152 2332 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:40:24.0152 2332 WUDFRd - ok 20:40:24.0183 2332 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll 20:40:24.0183 2332 wudfsvc - ok 20:40:24.0214 2332 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys 20:40:24.0214 2332 XAudio - ok 20:40:24.0245 2332 XAudioService (15a317674a08df26be65164d959e9203) C:\Windows\system32\DRIVERS\xaudio.exe 20:40:24.0245 2332 XAudioService - ok 20:40:24.0261 2332 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 20:40:24.0588 2332 \Device\Harddisk0\DR0 - ok 20:40:24.0604 2332 Boot (0x1200) (b4899a0add5a61dbbdbb3727af3f8f9b) \Device\Harddisk0\DR0\Partition0 20:40:24.0604 2332 \Device\Harddisk0\DR0\Partition0 - ok 20:40:24.0620 2332 Boot (0x1200) (689740d47731c676ed5d9f947570edf2) \Device\Harddisk0\DR0\Partition1 20:40:24.0620 2332 \Device\Harddisk0\DR0\Partition1 - ok 20:40:24.0620 2332 ============================================================ 20:40:24.0620 2332 Scan finished 20:40:24.0620 2332 ============================================================ 20:40:24.0635 2220 Detected object count: 0 20:40:24.0635 2220 Actual detected object count: 0
-
Ik heb dit laatste geprobeerd. Nu staat er in mijn C-partitie een bestand met de naam ComboFix (met een pictogram van een computer). Als ik hier op klik dubbelklik kom ik de map "computer". Een logje staat er nog steeds niet in. PS: ik krijg af en toe een melding van MBAM dat er iets is gevonden en dat het in de quarantainelijst wordt geplaatst. Moet ik hier nog iets mee doen?
