Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirects, shows no search results or does not open page


  • Please log in to reply
11 replies to this topic

#1 HoloX

HoloX

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:00 AM

Posted 05 February 2013 - 05:10 PM

Hi all,

I'm really desperate, so hopefully someone has the answer for me. The problem began with Google that redirected to some weird (search) sites. So I ran every Spyware/malware/virus there is on the net (almost..) and not even one did found anything. Also ran rootkit tdsskiller but nothing. After all the tries there are some things changed:

It does not redirect anymore but:

- In chrome, google often does not show results, not after pressing enter or pushing the searchglass. Nothing. It keeps saying that Google Dynamics is not available. Even when I put settings to 'Always use Google dynamics searching'. It changes back automatically.

- In chrome google I can't open Ad links and sometimes no links out of the results. Nothing shows up when I click it, just blank white page.

- I had the same issues in IE, but it seems to work fine actually now.. not sure for how long.

- I can't run Microsoft Security Essentials and I cannot enable Windows Security Center. Although I did run this in Safe mode, did not found anything.

So after all the scans and programs I run, I tried Combofix but nothing changed. I will run it again for the log if someone needs it.

Please help me, thanks in advance.

Edited by hamluis, 05 February 2013 - 05:50 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:00 AM

Posted 05 February 2013 - 05:18 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 HoloX

HoloX
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:00 AM

Posted 06 February 2013 - 07:01 AM

Alright, tried these things you said. TDSSKiller worked and I've got the logfile. aswMBR crashed in normal mode AND in Safe mode with networking. Eset online stopped two times when it was downloading the virus definitions, it said 'No proxy found' or something like that. The third time it ran normally.

The TDSSkiller log:

09:43:39.0743 5836 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:43:39.0946 5836 ============================================================
09:43:39.0946 5836 Current date / time: 2013/02/06 09:43:39.0946
09:43:39.0946 5836 SystemInfo:
09:43:39.0946 5836
09:43:39.0946 5836 OS Version: 6.1.7601 ServicePack: 1.0
09:43:39.0946 5836 Product type: Workstation
09:43:39.0946 5836 ComputerName: SIMONE-PC
09:43:39.0946 5836 UserName: Simone
09:43:39.0946 5836 Windows directory: C:\Windows
09:43:39.0946 5836 System windows directory: C:\Windows
09:43:39.0946 5836 Running under WOW64
09:43:39.0946 5836 Processor architecture: Intel x64
09:43:39.0946 5836 Number of processors: 4
09:43:39.0946 5836 Page size: 0x1000
09:43:39.0946 5836 Boot type: Normal boot
09:43:39.0946 5836 ============================================================
09:43:42.0941 5836 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:43:42.0941 5836 ============================================================
09:43:42.0941 5836 \Device\Harddisk0\DR0:
09:43:42.0941 5836 MBR partitions:
09:43:42.0941 5836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDE7B000
09:43:42.0941 5836 ============================================================
09:43:42.0957 5836 C: <-> \Device\Harddisk0\DR0\Partition1
09:43:42.0957 5836 ============================================================
09:43:42.0957 5836 Initialize success
09:43:42.0957 5836 ============================================================
09:43:48.0074 6044 ============================================================
09:43:48.0074 6044 Scan started
09:43:48.0074 6044 Mode: Manual;
09:43:48.0074 6044 ============================================================
09:43:49.0556 6044 ================ Scan system memory ========================
09:43:49.0556 6044 System memory - ok
09:43:49.0556 6044 ================ Scan services =============================
09:43:49.0712 6044 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:43:49.0712 6044 1394ohci - ok
09:43:49.0727 6044 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:43:49.0743 6044 ACPI - ok
09:43:49.0774 6044 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:43:49.0774 6044 AcpiPmi - ok
09:43:49.0805 6044 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:43:49.0805 6044 AdobeARMservice - ok
09:43:49.0852 6044 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:43:49.0868 6044 AdobeFlashPlayerUpdateSvc - ok
09:43:49.0883 6044 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:43:49.0899 6044 adp94xx - ok
09:43:49.0915 6044 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:43:49.0930 6044 adpahci - ok
09:43:49.0946 6044 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:43:49.0946 6044 adpu320 - ok
09:43:49.0961 6044 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:43:49.0961 6044 AeLookupSvc - ok
09:43:49.0993 6044 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:43:49.0993 6044 AFD - ok
09:43:50.0008 6044 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:43:50.0008 6044 agp440 - ok
09:43:50.0024 6044 [ 16F6F6B7903B913AB41AB848C8BB5658 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
09:43:50.0024 6044 AiCharger - ok
09:43:50.0039 6044 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:43:50.0039 6044 ALG - ok
09:43:50.0039 6044 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:43:50.0055 6044 aliide - ok
09:43:50.0055 6044 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:43:50.0055 6044 amdide - ok
09:43:50.0071 6044 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:43:50.0071 6044 AmdK8 - ok
09:43:50.0086 6044 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:43:50.0086 6044 AmdPPM - ok
09:43:50.0102 6044 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:43:50.0102 6044 amdsata - ok
09:43:50.0117 6044 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:43:50.0117 6044 amdsbs - ok
09:43:50.0133 6044 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:43:50.0133 6044 amdxata - ok
09:43:50.0149 6044 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
09:43:50.0149 6044 AppHostSvc - ok
09:43:50.0164 6044 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:43:50.0164 6044 AppID - ok
09:43:50.0180 6044 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:43:50.0180 6044 AppIDSvc - ok
09:43:50.0195 6044 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:43:50.0195 6044 Appinfo - ok
09:43:50.0211 6044 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:43:50.0211 6044 arc - ok
09:43:50.0227 6044 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:43:50.0227 6044 arcsas - ok
09:43:50.0242 6044 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
09:43:50.0242 6044 ASLDRService - ok
09:43:50.0242 6044 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
09:43:50.0258 6044 ASMMAP64 - ok
09:43:50.0305 6044 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:43:50.0305 6044 aspnet_state - ok
09:43:50.0305 6044 [ C7F7FA07C719A43ADBA5674F27893278 ] assd C:\Windows\system32\drivers\assd.sys
09:43:50.0336 6044 assd - ok
09:43:50.0351 6044 [ 8165C8825C726A7D5EFDF863A2D1C28F ] ASUS InstantOn C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
09:43:50.0351 6044 ASUS InstantOn - ok
09:43:50.0351 6044 [ CBF4C9263F35A9E80E4AD5CBBAE6049C ] AsusVBus C:\Windows\system32\DRIVERS\AsusVBus.sys
09:43:50.0367 6044 AsusVBus - ok
09:43:50.0367 6044 [ C951F6F1D909E1AAD7160D9EE860A3F1 ] AsusVTouch C:\Windows\system32\DRIVERS\AsusVTouch.sys
09:43:50.0367 6044 AsusVTouch - ok
09:43:50.0383 6044 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:43:50.0383 6044 AsyncMac - ok
09:43:50.0398 6044 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:43:50.0398 6044 atapi - ok
09:43:50.0414 6044 [ 185F180536188C1A4ED605234721A5B9 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
09:43:50.0414 6044 AthBTPort - ok
09:43:50.0429 6044 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
09:43:50.0429 6044 Atheros Bt&Wlan Coex Agent - ok
09:43:50.0445 6044 [ 944D401B4DB9C64E78E9EDB6690F7368 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
09:43:50.0445 6044 AtherosSvc - ok
09:43:50.0492 6044 [ 7D0398396727195CC73D703001D3CFF4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:43:50.0570 6044 athr - ok
09:43:50.0585 6044 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
09:43:50.0585 6044 ATKGFNEXSrv - ok
09:43:50.0585 6044 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
09:43:50.0585 6044 ATKWMIACPIIO - ok
09:43:50.0617 6044 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:43:50.0632 6044 AudioEndpointBuilder - ok
09:43:50.0648 6044 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:43:50.0663 6044 AudioSrv - ok
09:43:50.0663 6044 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:43:50.0679 6044 AxInstSV - ok
09:43:50.0695 6044 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:43:50.0695 6044 b06bdrv - ok
09:43:50.0710 6044 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:43:50.0726 6044 b57nd60a - ok
09:43:50.0741 6044 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:43:50.0741 6044 BDESVC - ok
09:43:50.0741 6044 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:43:50.0757 6044 Beep - ok
09:43:50.0773 6044 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:43:50.0788 6044 BFE - ok
09:43:50.0804 6044 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:43:50.0819 6044 BITS - ok
09:43:50.0835 6044 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:43:50.0835 6044 blbdrive - ok
09:43:50.0835 6044 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:43:50.0851 6044 bowser - ok
09:43:50.0851 6044 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:43:50.0851 6044 BrFiltLo - ok
09:43:50.0866 6044 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:43:50.0866 6044 BrFiltUp - ok
09:43:50.0866 6044 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:43:50.0882 6044 BridgeMP - ok
09:43:50.0882 6044 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:43:50.0882 6044 Browser - ok
09:43:50.0897 6044 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:43:50.0913 6044 Brserid - ok
09:43:50.0913 6044 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:43:50.0929 6044 BrSerWdm - ok
09:43:50.0929 6044 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:43:50.0929 6044 BrUsbMdm - ok
09:43:50.0944 6044 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:43:50.0944 6044 BrUsbSer - ok
09:43:50.0960 6044 [ D74A81CCF0372C955862692B7AF272C9 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
09:43:50.0960 6044 BTATH_A2DP - ok
09:43:50.0975 6044 [ 3118072D09DAA1961A9F6549A4E8433A ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
09:43:50.0975 6044 btath_avdt - ok
09:43:50.0991 6044 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
09:43:50.0991 6044 BTATH_BUS - ok
09:43:51.0007 6044 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
09:43:51.0007 6044 BTATH_HCRP - ok
09:43:51.0007 6044 [ 8008D892A2BDA67EEFBE25E14EB5DC83 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
09:43:51.0022 6044 BTATH_LWFLT - ok
09:43:51.0022 6044 [ 58535686697E5E82EC3A87938AC3DA54 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
09:43:51.0038 6044 BTATH_RCP - ok
09:43:51.0053 6044 [ 3DF6C4913A683C76F29F376EE814221E ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
09:43:51.0069 6044 BtFilter - ok
09:43:51.0085 6044 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:43:51.0085 6044 BthEnum - ok
09:43:51.0085 6044 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:43:51.0085 6044 BTHMODEM - ok
09:43:51.0100 6044 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:43:51.0100 6044 BthPan - ok
09:43:51.0131 6044 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
09:43:51.0147 6044 BTHPORT - ok
09:43:51.0163 6044 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:43:51.0163 6044 bthserv - ok
09:43:51.0178 6044 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
09:43:51.0178 6044 BTHUSB - ok
09:43:51.0194 6044 catchme - ok
09:43:51.0194 6044 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:43:51.0194 6044 cdfs - ok
09:43:51.0209 6044 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:43:51.0209 6044 cdrom - ok
09:43:51.0225 6044 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:43:51.0225 6044 CertPropSvc - ok
09:43:51.0241 6044 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:43:51.0241 6044 circlass - ok
09:43:51.0256 6044 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:43:51.0256 6044 CLFS - ok
09:43:51.0272 6044 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:43:51.0272 6044 clr_optimization_v2.0.50727_32 - ok
09:43:51.0287 6044 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:43:51.0287 6044 clr_optimization_v2.0.50727_64 - ok
09:43:51.0303 6044 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:43:51.0319 6044 clr_optimization_v4.0.30319_32 - ok
09:43:51.0319 6044 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:43:51.0319 6044 clr_optimization_v4.0.30319_64 - ok
09:43:51.0334 6044 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:43:51.0334 6044 CmBatt - ok
09:43:51.0350 6044 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:43:51.0350 6044 cmdide - ok
09:43:51.0365 6044 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:43:51.0365 6044 CNG - ok
09:43:51.0381 6044 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:43:51.0381 6044 Compbatt - ok
09:43:51.0397 6044 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:43:51.0397 6044 CompositeBus - ok
09:43:51.0397 6044 COMSysApp - ok
09:43:51.0412 6044 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:43:51.0412 6044 crcdisk - ok
09:43:51.0428 6044 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:43:51.0428 6044 CryptSvc - ok
09:43:51.0443 6044 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:43:51.0459 6044 DcomLaunch - ok
09:43:51.0475 6044 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:43:51.0475 6044 defragsvc - ok
09:43:51.0490 6044 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:43:51.0490 6044 DfsC - ok
09:43:51.0506 6044 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:43:51.0521 6044 Dhcp - ok
09:43:51.0521 6044 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:43:51.0521 6044 discache - ok
09:43:51.0537 6044 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:43:51.0537 6044 Disk - ok
09:43:51.0553 6044 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:43:51.0553 6044 Dnscache - ok
09:43:51.0568 6044 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:43:51.0568 6044 dot3svc - ok
09:43:51.0584 6044 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
09:43:51.0584 6044 Dot4 - ok
09:43:51.0599 6044 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:43:51.0599 6044 Dot4Print - ok
09:43:51.0599 6044 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
09:43:51.0599 6044 dot4usb - ok
09:43:51.0615 6044 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:43:51.0615 6044 DPS - ok
09:43:51.0631 6044 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:43:51.0631 6044 drmkaud - ok
09:43:51.0646 6044 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:43:51.0646 6044 dtsoftbus01 - ok
09:43:51.0677 6044 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:43:51.0693 6044 DXGKrnl - ok
09:43:51.0693 6044 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:43:51.0709 6044 EapHost - ok
09:43:51.0755 6044 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:43:51.0802 6044 ebdrv - ok
09:43:51.0818 6044 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:43:51.0818 6044 EFS - ok
09:43:51.0911 6044 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:43:51.0927 6044 ehRecvr - ok
09:43:51.0927 6044 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:43:51.0927 6044 ehSched - ok
09:43:51.0958 6044 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:43:51.0974 6044 elxstor - ok
09:43:51.0974 6044 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:43:51.0974 6044 ErrDev - ok
09:43:51.0989 6044 [ 0AB0BF50DD61BF0CA16CF739622A424F ] ETD C:\Windows\system32\DRIVERS\ETD.sys
09:43:52.0005 6044 ETD - ok
09:43:52.0021 6044 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:43:52.0021 6044 EventSystem - ok
09:43:52.0036 6044 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:43:52.0052 6044 exfat - ok
09:43:52.0052 6044 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:43:52.0067 6044 fastfat - ok
09:43:52.0083 6044 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:43:52.0099 6044 Fax - ok
09:43:52.0099 6044 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:43:52.0114 6044 fdc - ok
09:43:52.0114 6044 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:43:52.0114 6044 fdPHost - ok
09:43:52.0130 6044 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:43:52.0130 6044 FDResPub - ok
09:43:52.0145 6044 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:43:52.0145 6044 FileInfo - ok
09:43:52.0161 6044 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:43:52.0161 6044 Filetrace - ok
09:43:52.0177 6044 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:43:52.0177 6044 flpydisk - ok
09:43:52.0192 6044 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:43:52.0192 6044 FltMgr - ok
09:43:52.0208 6044 [ D1F3B32C69AE1366C62D23C8D2B66C74 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
09:43:52.0223 6044 FLxHCIc - ok
09:43:52.0223 6044 [ 8FA683D2F75B1DC1A68FE7C1B05A1A39 ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
09:43:52.0223 6044 FLxHCIh - ok
09:43:52.0255 6044 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:43:52.0286 6044 FontCache - ok
09:43:52.0286 6044 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:43:52.0286 6044 FontCache3.0.0.0 - ok
09:43:52.0301 6044 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:43:52.0301 6044 FsDepends - ok
09:43:52.0317 6044 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:43:52.0317 6044 Fs_Rec - ok
09:43:52.0317 6044 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:43:52.0333 6044 fvevol - ok
09:43:52.0333 6044 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:43:52.0348 6044 gagp30kx - ok
09:43:52.0364 6044 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:43:52.0379 6044 gpsvc - ok
09:43:52.0395 6044 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:43:52.0395 6044 gupdate - ok
09:43:52.0395 6044 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:43:52.0395 6044 gupdatem - ok
09:43:52.0411 6044 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:43:52.0411 6044 hcw85cir - ok
09:43:52.0426 6044 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:43:52.0442 6044 HdAudAddService - ok
09:43:52.0442 6044 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:43:52.0442 6044 HDAudBus - ok
09:43:52.0457 6044 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:43:52.0457 6044 HidBatt - ok
09:43:52.0473 6044 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:43:52.0473 6044 HidBth - ok
09:43:52.0489 6044 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:43:52.0489 6044 HidIr - ok
09:43:52.0489 6044 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
09:43:52.0489 6044 hidserv - ok
09:43:52.0504 6044 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:43:52.0504 6044 HidUsb - ok
09:43:52.0520 6044 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:43:52.0520 6044 hkmsvc - ok
09:43:52.0535 6044 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:43:52.0535 6044 HomeGroupListener - ok
09:43:52.0551 6044 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:43:52.0567 6044 HomeGroupProvider - ok
09:43:52.0582 6044 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:43:52.0582 6044 HpSAMD - ok
09:43:52.0613 6044 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
09:43:52.0613 6044 HPSLPSVC - ok
09:43:52.0645 6044 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:43:52.0660 6044 HTTP - ok
09:43:52.0660 6044 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:43:52.0660 6044 hwpolicy - ok
09:43:52.0676 6044 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:43:52.0676 6044 i8042prt - ok
09:43:52.0691 6044 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:43:52.0707 6044 iaStor - ok
09:43:52.0723 6044 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:43:52.0738 6044 iaStorV - ok
09:43:52.0754 6044 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:43:52.0769 6044 idsvc - ok
09:43:52.0972 6044 [ 0089B53F1BEFD34B7D8CA4AB021335FA ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:43:53.0144 6044 igfx - ok
09:43:53.0175 6044 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:43:53.0175 6044 iirsp - ok
09:43:53.0206 6044 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:43:53.0222 6044 IKEEXT - ok
09:43:53.0284 6044 [ E7E0E8F2F44BCB48143FBBA70106D8C1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:43:53.0331 6044 IntcAzAudAddService - ok
09:43:53.0347 6044 [ AE594CC17C33AC146739494615E14851 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
09:43:53.0347 6044 IntcDAud - ok
09:43:53.0362 6044 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:43:53.0362 6044 intelide - ok
09:43:53.0362 6044 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:43:53.0362 6044 intelppm - ok
09:43:53.0378 6044 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:43:53.0378 6044 IPBusEnum - ok
09:43:53.0393 6044 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:43:53.0393 6044 IpFilterDriver - ok
09:43:53.0409 6044 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:43:53.0425 6044 iphlpsvc - ok
09:43:53.0440 6044 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:43:53.0440 6044 IPMIDRV - ok
09:43:53.0440 6044 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:43:53.0456 6044 IPNAT - ok
09:43:53.0456 6044 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:43:53.0456 6044 IRENUM - ok
09:43:53.0456 6044 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:43:53.0471 6044 isapnp - ok
09:43:53.0471 6044 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:43:53.0487 6044 iScsiPrt - ok
09:43:53.0487 6044 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:43:53.0487 6044 kbdclass - ok
09:43:53.0503 6044 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:43:53.0503 6044 kbdhid - ok
09:43:53.0518 6044 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
09:43:53.0518 6044 kbfiltr - ok
09:43:53.0518 6044 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:43:53.0518 6044 KeyIso - ok
09:43:53.0534 6044 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:43:53.0534 6044 KSecDD - ok
09:43:53.0534 6044 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:43:53.0549 6044 KSecPkg - ok
09:43:53.0549 6044 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:43:53.0549 6044 ksthunk - ok
09:43:53.0565 6044 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:43:53.0581 6044 KtmRm - ok
09:43:53.0581 6044 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
09:43:53.0581 6044 L1C - ok
09:43:53.0596 6044 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
09:43:53.0612 6044 LanmanServer - ok
09:43:53.0612 6044 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:43:53.0627 6044 LanmanWorkstation - ok
09:43:53.0627 6044 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:43:53.0643 6044 lltdio - ok
09:43:53.0643 6044 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:43:53.0659 6044 lltdsvc - ok
09:43:53.0659 6044 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:43:53.0674 6044 lmhosts - ok
09:43:53.0690 6044 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:43:53.0690 6044 LMS - ok
09:43:53.0705 6044 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:43:53.0705 6044 LSI_FC - ok
09:43:53.0705 6044 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:43:53.0721 6044 LSI_SAS - ok
09:43:53.0721 6044 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:43:53.0721 6044 LSI_SAS2 - ok
09:43:53.0737 6044 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:43:53.0752 6044 LSI_SCSI - ok
09:43:53.0752 6044 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:43:53.0752 6044 luafv - ok
09:43:53.0768 6044 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:43:53.0768 6044 Mcx2Svc - ok
09:43:53.0783 6044 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:43:53.0783 6044 megasas - ok
09:43:53.0799 6044 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:43:53.0815 6044 MegaSR - ok
09:43:53.0815 6044 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:43:53.0815 6044 MEIx64 - ok
09:43:53.0830 6044 Microsoft SharePoint Workspace Audit Service - ok
09:43:53.0846 6044 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:43:53.0846 6044 MMCSS - ok
09:43:53.0861 6044 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:43:53.0861 6044 Modem - ok
09:43:53.0861 6044 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:43:53.0877 6044 monitor - ok
09:43:53.0877 6044 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:43:53.0877 6044 mouclass - ok
09:43:53.0893 6044 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:43:53.0893 6044 mouhid - ok
09:43:53.0908 6044 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:43:53.0908 6044 mountmgr - ok
09:43:53.0924 6044 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:43:53.0924 6044 MpFilter - ok
09:43:53.0939 6044 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:43:53.0939 6044 mpio - ok
09:43:53.0955 6044 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:43:53.0955 6044 mpsdrv - ok
09:43:53.0986 6044 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:43:54.0002 6044 MpsSvc - ok
09:43:54.0017 6044 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:43:54.0033 6044 MRxDAV - ok
09:43:54.0033 6044 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:43:54.0049 6044 mrxsmb - ok
09:43:54.0064 6044 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:43:54.0064 6044 mrxsmb10 - ok
09:43:54.0080 6044 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:43:54.0080 6044 mrxsmb20 - ok
09:43:54.0095 6044 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:43:54.0095 6044 msahci - ok
09:43:54.0095 6044 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:43:54.0111 6044 msdsm - ok
09:43:54.0111 6044 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:43:54.0127 6044 MSDTC - ok
09:43:54.0142 6044 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:43:54.0142 6044 Msfs - ok
09:43:54.0158 6044 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:43:54.0158 6044 mshidkmdf - ok
09:43:54.0158 6044 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:43:54.0158 6044 msisadrv - ok
09:43:54.0173 6044 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:43:54.0189 6044 MSiSCSI - ok
09:43:54.0189 6044 msiserver - ok
09:43:54.0205 6044 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:43:54.0205 6044 MSKSSRV - ok
09:43:54.0220 6044 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:43:54.0220 6044 MsMpSvc - ok
09:43:54.0220 6044 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:43:54.0236 6044 MSPCLOCK - ok
09:43:54.0236 6044 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:43:54.0236 6044 MSPQM - ok
09:43:54.0251 6044 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:43:54.0267 6044 MsRPC - ok
09:43:54.0283 6044 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:43:54.0283 6044 mssmbios - ok
09:43:54.0283 6044 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:43:54.0283 6044 MSTEE - ok
09:43:54.0298 6044 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:43:54.0298 6044 MTConfig - ok
09:43:54.0314 6044 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:43:54.0314 6044 Mup - ok
09:43:54.0345 6044 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:43:54.0361 6044 napagent - ok
09:43:54.0376 6044 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:43:54.0392 6044 NativeWifiP - ok
09:43:54.0423 6044 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:43:54.0439 6044 NDIS - ok
09:43:54.0454 6044 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:43:54.0454 6044 NdisCap - ok
09:43:54.0470 6044 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:43:54.0470 6044 NdisTapi - ok
09:43:54.0485 6044 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:43:54.0485 6044 Ndisuio - ok
09:43:54.0501 6044 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:43:54.0501 6044 NdisWan - ok
09:43:54.0517 6044 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:43:54.0517 6044 NDProxy - ok
09:43:54.0532 6044 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:43:54.0532 6044 Net Driver HPZ12 - ok
09:43:54.0548 6044 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:43:54.0548 6044 NetBIOS - ok
09:43:54.0563 6044 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:43:54.0563 6044 NetBT - ok
09:43:54.0579 6044 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:43:54.0579 6044 Netlogon - ok
09:43:54.0595 6044 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:43:54.0610 6044 Netman - ok
09:43:54.0610 6044 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:43:54.0626 6044 NetMsmqActivator - ok
09:43:54.0626 6044 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:43:54.0641 6044 NetPipeActivator - ok
09:43:54.0657 6044 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:43:54.0673 6044 netprofm - ok
09:43:54.0688 6044 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:43:54.0688 6044 NetTcpActivator - ok
09:43:54.0704 6044 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:43:54.0704 6044 NetTcpPortSharing - ok
09:43:54.0719 6044 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:43:54.0719 6044 nfrd960 - ok
09:43:54.0735 6044 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:43:54.0735 6044 NisDrv - ok
09:43:54.0751 6044 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
09:43:54.0751 6044 NisSrv - ok
09:43:54.0782 6044 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:43:54.0782 6044 NlaSvc - ok
09:43:54.0797 6044 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:43:54.0797 6044 Npfs - ok
09:43:54.0813 6044 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:43:54.0953 6044 nsi - ok
09:43:54.0969 6044 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:43:54.0969 6044 nsiproxy - ok
09:43:55.0016 6044 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:43:55.0047 6044 Ntfs - ok
09:43:55.0047 6044 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:43:55.0063 6044 Null - ok
09:43:55.0063 6044 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:43:55.0078 6044 nvraid - ok
09:43:55.0078 6044 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:43:55.0094 6044 nvstor - ok
09:43:55.0109 6044 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:43:55.0109 6044 nv_agp - ok
09:43:55.0109 6044 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:43:55.0125 6044 ohci1394 - ok
09:43:55.0125 6044 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:43:55.0141 6044 ose - ok
09:43:55.0250 6044 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:43:55.0328 6044 osppsvc - ok
09:43:55.0343 6044 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:43:55.0359 6044 p2pimsvc - ok
09:43:55.0375 6044 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:43:55.0390 6044 p2psvc - ok
09:43:55.0406 6044 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:43:55.0406 6044 Parport - ok
09:43:55.0421 6044 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:43:55.0421 6044 partmgr - ok
09:43:55.0437 6044 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:43:55.0453 6044 PcaSvc - ok
09:43:55.0468 6044 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:43:55.0468 6044 pci - ok
09:43:55.0484 6044 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:43:55.0484 6044 pciide - ok
09:43:55.0499 6044 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:43:55.0499 6044 pcmcia - ok
09:43:55.0515 6044 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:43:55.0515 6044 pcw - ok
09:43:55.0531 6044 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:43:55.0546 6044 PEAUTH - ok
09:43:55.0593 6044 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:43:55.0593 6044 PerfHost - ok
09:43:55.0655 6044 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:43:55.0687 6044 pla - ok
09:43:55.0702 6044 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:43:55.0718 6044 PlugPlay - ok
09:43:55.0718 6044 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:43:55.0733 6044 Pml Driver HPZ12 - ok
09:43:55.0733 6044 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:43:55.0733 6044 PNRPAutoReg - ok
09:43:55.0749 6044 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:43:55.0765 6044 PNRPsvc - ok
09:43:55.0780 6044 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:43:55.0796 6044 PolicyAgent - ok
09:43:55.0811 6044 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:43:55.0811 6044 Power - ok
09:43:55.0827 6044 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:43:55.0827 6044 PptpMiniport - ok
09:43:55.0843 6044 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:43:55.0843 6044 Processor - ok
09:43:55.0858 6044 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:43:55.0858 6044 ProfSvc - ok
09:43:55.0874 6044 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:43:55.0874 6044 ProtectedStorage - ok
09:43:55.0889 6044 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:43:55.0889 6044 Psched - ok
09:43:55.0921 6044 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:43:55.0952 6044 ql2300 - ok
09:43:55.0952 6044 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:43:55.0967 6044 ql40xx - ok
09:43:55.0983 6044 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:43:55.0983 6044 QWAVE - ok
09:43:55.0999 6044 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:43:55.0999 6044 QWAVEdrv - ok
09:43:55.0999 6044 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:43:56.0014 6044 RasAcd - ok
09:43:56.0014 6044 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:43:56.0014 6044 RasAgileVpn - ok
09:43:56.0030 6044 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:43:56.0030 6044 RasAuto - ok
09:43:56.0045 6044 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:43:56.0045 6044 Rasl2tp - ok
09:43:56.0061 6044 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:43:56.0061 6044 RasMan - ok
09:43:56.0077 6044 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:43:56.0077 6044 RasPppoe - ok
09:43:56.0092 6044 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:43:56.0092 6044 RasSstp - ok
09:43:56.0108 6044 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:43:56.0108 6044 rdbss - ok
09:43:56.0123 6044 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
09:43:56.0123 6044 rdpbus - ok
09:43:56.0123 6044 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:43:56.0123 6044 RDPCDD - ok
09:43:56.0139 6044 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:43:56.0139 6044 RDPENCDD - ok
09:43:56.0155 6044 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:43:56.0155 6044 RDPREFMP - ok
09:43:56.0170 6044 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:43:56.0170 6044 RDPWD - ok
09:43:56.0186 6044 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:43:56.0186 6044 rdyboost - ok
09:43:56.0186 6044 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:43:56.0201 6044 RemoteAccess - ok
09:43:56.0201 6044 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:43:56.0217 6044 RemoteRegistry - ok
09:43:56.0217 6044 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
09:43:56.0248 6044 Revoflt - ok
09:43:56.0248 6044 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:43:56.0264 6044 RFCOMM - ok
09:43:56.0264 6044 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:43:56.0264 6044 RpcEptMapper - ok
09:43:56.0279 6044 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:43:56.0279 6044 RpcLocator - ok
09:43:56.0295 6044 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:43:56.0311 6044 RpcSs - ok
09:43:56.0311 6044 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:43:56.0326 6044 rspndr - ok
09:43:56.0342 6044 [ CE0A1D8A59410E698140821E4E69DA0D ] RSUSBVSTOR C:\Windows\system32\Drivers\RtsUVStor.sys
09:43:56.0342 6044 RSUSBVSTOR - ok
09:43:56.0888 6044 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:43:56.0888 6044 SamSs - ok
09:43:57.0434 6044 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:43:57.0434 6044 sbp2port - ok
09:43:57.0449 6044 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:43:57.0995 6044 SCardSvr - ok
09:43:58.0011 6044 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:43:58.0011 6044 scfilter - ok
09:43:58.0042 6044 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:43:58.0058 6044 Schedule - ok
09:43:58.0073 6044 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:43:58.0073 6044 SCPolicySvc - ok
09:43:58.0089 6044 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:43:58.0089 6044 SDRSVC - ok
09:43:58.0089 6044 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:43:58.0105 6044 secdrv - ok
09:43:58.0105 6044 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:43:58.0105 6044 seclogon - ok
09:43:58.0120 6044 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
09:43:58.0120 6044 SENS - ok
09:43:58.0136 6044 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:43:58.0136 6044 SensrSvc - ok
09:43:58.0151 6044 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:43:58.0151 6044 Serenum - ok
09:43:58.0151 6044 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
09:43:58.0167 6044 Serial - ok
09:43:58.0167 6044 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:43:58.0167 6044 sermouse - ok
09:43:58.0198 6044 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:43:58.0198 6044 SessionEnv - ok
09:43:58.0214 6044 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:43:58.0214 6044 sffdisk - ok
09:43:58.0214 6044 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:43:58.0229 6044 sffp_mmc - ok
09:43:58.0229 6044 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:43:58.0229 6044 sffp_sd - ok
09:43:58.0245 6044 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:43:58.0245 6044 sfloppy - ok
09:43:58.0261 6044 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:43:58.0276 6044 SharedAccess - ok
09:43:58.0292 6044 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:43:58.0292 6044 ShellHWDetection - ok
09:43:58.0307 6044 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
09:43:58.0307 6044 SiSGbeLH - ok
09:43:58.0323 6044 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:43:58.0323 6044 SiSRaid2 - ok
09:43:58.0339 6044 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:43:58.0339 6044 SiSRaid4 - ok
09:43:58.0354 6044 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:43:58.0354 6044 SkypeUpdate - ok
09:43:58.0370 6044 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:43:58.0370 6044 Smb - ok
09:43:58.0401 6044 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:43:58.0401 6044 SNMPTRAP - ok
09:43:58.0417 6044 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:43:58.0417 6044 spldr - ok
09:43:58.0432 6044 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:43:58.0448 6044 Spooler - ok
09:43:58.0526 6044 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:43:58.0573 6044 sppsvc - ok
09:43:58.0573 6044 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:43:58.0588 6044 sppuinotify - ok
09:43:58.0588 6044 [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:43:58.0604 6044 SQLWriter - ok
09:43:58.0619 6044 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:43:58.0619 6044 srv - ok
09:43:58.0635 6044 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:43:58.0651 6044 srv2 - ok
09:43:58.0666 6044 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:43:58.0666 6044 srvnet - ok
09:43:58.0682 6044 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:43:58.0682 6044 SSDPSRV - ok
09:43:58.0697 6044 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:43:58.0697 6044 SstpSvc - ok
09:43:58.0713 6044 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:43:58.0713 6044 stexstor - ok
09:43:58.0729 6044 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
09:43:58.0729 6044 StillCam - ok
09:43:58.0744 6044 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:43:58.0760 6044 stisvc - ok
09:43:58.0775 6044 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:43:58.0775 6044 swenum - ok
09:43:58.0791 6044 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:43:58.0807 6044 swprv - ok
09:43:58.0838 6044 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:43:58.0869 6044 SysMain - ok
09:43:58.0869 6044 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:43:58.0885 6044 TabletInputService - ok
09:43:58.0900 6044 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:43:58.0900 6044 TapiSrv - ok
09:43:58.0916 6044 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:43:58.0916 6044 TBS - ok
09:43:58.0963 6044 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:43:58.0994 6044 Tcpip - ok
09:43:59.0041 6044 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:43:59.0056 6044 TCPIP6 - ok
09:43:59.0072 6044 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:43:59.0072 6044 tcpipreg - ok
09:43:59.0087 6044 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:43:59.0087 6044 TDPIPE - ok
09:43:59.0103 6044 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:43:59.0103 6044 TDTCP - ok
09:43:59.0119 6044 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:43:59.0119 6044 tdx - ok
09:43:59.0119 6044 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:43:59.0119 6044 TermDD - ok
09:43:59.0150 6044 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:43:59.0181 6044 TermService - ok
09:43:59.0181 6044 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:43:59.0181 6044 Themes - ok
09:43:59.0197 6044 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:43:59.0197 6044 THREADORDER - ok
09:43:59.0212 6044 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
09:43:59.0212 6044 TPM - ok
09:43:59.0212 6044 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:43:59.0228 6044 TrkWks - ok
09:43:59.0228 6044 [ 9BF9E809FBB2D5D0403B32B15ABE5F30 ] TrojanKillerDriver C:\Windows\system32\DRIVERS\gtkdrv.sys
09:43:59.0243 6044 TrojanKillerDriver - ok
09:43:59.0259 6044 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:43:59.0259 6044 TrustedInstaller - ok
09:43:59.0275 6044 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:43:59.0275 6044 tssecsrv - ok
09:43:59.0290 6044 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:43:59.0290 6044 TsUsbFlt - ok
09:43:59.0290 6044 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:43:59.0290 6044 TsUsbGD - ok
09:43:59.0306 6044 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:43:59.0306 6044 tunnel - ok
09:43:59.0321 6044 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
09:43:59.0337 6044 TurboB - ok
09:43:59.0353 6044 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:43:59.0399 6044 TurboBoost - ok
09:43:59.0399 6044 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:43:59.0399 6044 uagp35 - ok
09:43:59.0415 6044 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:43:59.0431 6044 udfs - ok
09:43:59.0431 6044 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:43:59.0446 6044 UI0Detect - ok
09:43:59.0446 6044 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:43:59.0446 6044 uliagpkx - ok
09:43:59.0462 6044 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:43:59.0462 6044 umbus - ok
09:43:59.0477 6044 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:43:59.0477 6044 UmPass - ok
09:43:59.0524 6044 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:43:59.0555 6044 UNS - ok
09:43:59.0571 6044 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:43:59.0587 6044 upnphost - ok
09:43:59.0587 6044 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:43:59.0602 6044 usbccgp - ok
09:43:59.0602 6044 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:43:59.0618 6044 usbcir - ok
09:43:59.0618 6044 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:43:59.0618 6044 usbehci - ok
09:43:59.0633 6044 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:43:59.0649 6044 usbhub - ok
09:43:59.0649 6044 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:43:59.0665 6044 usbohci - ok
09:43:59.0665 6044 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:43:59.0665 6044 usbprint - ok
09:43:59.0680 6044 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:43:59.0680 6044 usbscan - ok
09:43:59.0696 6044 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:43:59.0696 6044 USBSTOR - ok
09:43:59.0696 6044 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:43:59.0711 6044 usbuhci - ok
09:43:59.0711 6044 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:43:59.0727 6044 usbvideo - ok
09:43:59.0727 6044 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:43:59.0743 6044 UxSms - ok
09:43:59.0743 6044 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:43:59.0758 6044 VaultSvc - ok
09:43:59.0758 6044 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:43:59.0758 6044 vdrvroot - ok
09:43:59.0774 6044 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:43:59.0789 6044 vds - ok
09:43:59.0805 6044 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:43:59.0805 6044 vga - ok
09:43:59.0805 6044 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:43:59.0805 6044 VgaSave - ok
09:43:59.0821 6044 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:43:59.0821 6044 vhdmp - ok
09:43:59.0836 6044 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:43:59.0836 6044 viaide - ok
09:43:59.0852 6044 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:43:59.0852 6044 volmgr - ok
09:43:59.0867 6044 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:43:59.0867 6044 volmgrx - ok
09:43:59.0883 6044 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:43:59.0899 6044 volsnap - ok
09:43:59.0899 6044 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:43:59.0914 6044 vsmraid - ok
09:43:59.0945 6044 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:44:00.0008 6044 VSS - ok
09:44:00.0023 6044 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:44:00.0023 6044 vwifibus - ok
09:44:00.0023 6044 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:44:00.0039 6044 vwififlt - ok
09:44:00.0039 6044 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:44:00.0039 6044 vwifimp - ok
09:44:00.0055 6044 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:44:00.0070 6044 W32Time - ok
09:44:00.0086 6044 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
09:44:00.0101 6044 W3SVC - ok
09:44:00.0101 6044 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:44:00.0117 6044 WacomPen - ok
09:44:00.0117 6044 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:44:00.0117 6044 WANARP - ok
09:44:00.0133 6044 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:44:00.0133 6044 Wanarpv6 - ok
09:44:00.0148 6044 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
09:44:00.0164 6044 WAS - ok
09:44:00.0195 6044 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:44:00.0211 6044 WatAdminSvc - ok
09:44:00.0242 6044 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:44:00.0273 6044 wbengine - ok
09:44:00.0289 6044 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:44:00.0289 6044 WbioSrvc - ok
09:44:00.0304 6044 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:44:00.0320 6044 wcncsvc - ok
09:44:00.0320 6044 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:44:00.0335 6044 WcsPlugInService - ok
09:44:00.0335 6044 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:44:00.0335 6044 Wd - ok
09:44:00.0367 6044 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:44:00.0382 6044 Wdf01000 - ok
09:44:00.0382 6044 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:44:00.0398 6044 WdiServiceHost - ok
09:44:00.0398 6044 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:44:00.0398 6044 WdiSystemHost - ok
09:44:00.0413 6044 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:44:00.0429 6044 WebClient - ok
09:44:00.0445 6044 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:44:00.0445 6044 Wecsvc - ok
09:44:00.0460 6044 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:44:00.0460 6044 wercplsupport - ok
09:44:00.0476 6044 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:44:00.0476 6044 WerSvc - ok
09:44:00.0491 6044 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:44:00.0491 6044 WfpLwf - ok
09:44:00.0507 6044 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:44:00.0507 6044 WimFltr - ok
09:44:00.0507 6044 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:44:00.0523 6044 WIMMount - ok
09:44:00.0585 6044 WinDefend - ok
09:44:00.0616 6044 WinHttpAutoProxySvc - ok
09:44:00.0632 6044 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:44:00.0632 6044 Winmgmt - ok
09:44:00.0679 6044 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:44:00.0710 6044 WinRM - ok
09:44:00.0725 6044 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:44:00.0741 6044 WinUsb - ok
09:44:00.0757 6044 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:44:00.0772 6044 Wlansvc - ok
09:44:00.0788 6044 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:44:00.0788 6044 wlcrasvc - ok
09:44:00.0835 6044 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:44:00.0866 6044 wlidsvc - ok
09:44:00.0866 6044 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:44:00.0881 6044 WmiAcpi - ok
09:44:00.0897 6044 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:44:00.0897 6044 wmiApSrv - ok
09:44:00.0913 6044 WMPNetworkSvc - ok
09:44:00.0913 6044 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:44:00.0928 6044 WPCSvc - ok
09:44:00.0928 6044 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:44:00.0944 6044 WPDBusEnum - ok
09:44:00.0944 6044 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:44:00.0944 6044 ws2ifsl - ok
09:44:00.0959 6044 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
09:44:00.0959 6044 wscsvc - ok
09:44:00.0975 6044 WSearch - ok
09:44:01.0022 6044 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:44:01.0069 6044 wuauserv - ok
09:44:01.0069 6044 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:44:01.0084 6044 WudfPf - ok
09:44:01.0084 6044 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:44:01.0100 6044 WUDFRd - ok
09:44:01.0100 6044 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:44:01.0115 6044 wudfsvc - ok
09:44:01.0131 6044 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:44:01.0131 6044 WwanSvc - ok
09:44:01.0147 6044 ================ Scan global ===============================
09:44:01.0162 6044 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:44:01.0178 6044 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
09:44:01.0178 6044 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
09:44:01.0209 6044 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:44:01.0225 6044 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:44:01.0240 6044 [Global] - ok
09:44:01.0240 6044 ================ Scan MBR ==================================
09:44:01.0240 6044 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:44:01.0552 6044 \Device\Harddisk0\DR0 - ok
09:44:01.0552 6044 ================ Scan VBR ==================================
09:44:01.0568 6044 [ BBF076793E8DD661C79AFBDF3EEEBA41 ] \Device\Harddisk0\DR0\Partition1
09:44:01.0568 6044 \Device\Harddisk0\DR0\Partition1 - ok
09:44:01.0568 6044 ============================================================
09:44:01.0568 6044 Scan finished
09:44:01.0568 6044 ============================================================
09:44:01.0599 6036 Detected object count: 0
09:44:01.0599 6036 Actual detected object count: 0
09:45:08.0820 5832 Deinitialize success


The ESET Online did not found any threats and there was no button List of found threats.

Thanks for your help

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:00 AM

Posted 06 February 2013 - 07:08 AM

Please try to run ESET scan in safemode with networking

All these scans should be run in normal mode

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 HoloX

HoloX
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:00 AM

Posted 06 February 2013 - 10:27 AM

Okay, run all the scans. After I did this, chrome looked to work good. But after a restart it was the same back again..

The logfiles:




Malware bytes:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Databaseversie: v2013.02.06.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Simone :: SIMONE-PC [administrator]

6-2-2013 14:32:33
mbam-log-2013-02-06 (14-32-33).txt

Scan type: Volledige scan (C:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 420163
Verstreken tijd: 47 minuut/minuten, 56 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)

___________________________________________________________


Minitoolbox:

MiniToolBox by Farbar Version:10-01-2013
Ran by Simone (administrator) on 06-02-2013 at 15:23:38
Running from "C:\Users\Simone\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP-configuratie

De DNS-omzettingscache is leeggemaakt.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR9485WB-EG Wireless Network Adapter = Draadloze netwerkverbinding (Connected)
Microsoft Virtual WiFi Miniport Adapter = Draadloze netwerkverbinding 2 (Media disconnected)


# ----------------------------------
# IPv4-configuratie
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# Einde van IPv4-configuratie



Windows IP-configuratie

Hostnaam . . . . . . . . . . . . : Simone-PC
Primair DNS-achtervoegsel . . . . :
Knooppunttype . . . . . . . . . . : hybride
IP-routering ingeschakeld . . . . : nee
WINS-proxy ingeschakeld . . . . . : nee

Draadloos LAN-adapter voor Draadloze netwerkverbinding 2:

Mediumstatus. . . . . . . . . . . : medium ontkoppeld
Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Fysiek adres. . . . . . . . . . . : B6-DB-C9-00-15-3B
DHCP ingeschakeld . . . . . . . . : ja
Autom. configuratie ingeschakeld : ja

Draadloos LAN-adapter voor Draadloze netwerkverbinding:

Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Atheros AR9485WB-EG Wireless Network Adapter
Fysiek adres. . . . . . . . . . . : 94-DB-C9-00-15-3B
DHCP ingeschakeld . . . . . . . . : ja
Autom. configuratie ingeschakeld : ja
Link-local IPv6-adres . . . . . . : fe80::b53b:70b2:c928:ab5f%11(voorkeur)
IPv4-adres. . . . . . . . . . . . : 192.168.1.101(voorkeur)
Subnetmasker. . . . . . . . . . . : 255.255.255.0
Lease verkregen . . . . . . . . . : woensdag 6 februari 2013 14:23:43
Lease verlopen. . . . . . . . . . : donderdag 7 februari 2013 14:23:42
Standaardgateway. . . . . . . . . : 192.168.1.1
DHCP-server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 294968265
DHCPv6-client DUID. . . . . . . . : 00-01-00-01-16-F9-16-5A-94-DB-C9-00-15-3B
DNS-servers . . . . . . . . . . . : 192.168.1.1
192.168.1.1
NetBIOS via TCPIP . . . . . . . . : ingeschakeld

Tunnel-adapter voor isatap.{090DD886-E7D8-4089-8009-95868BF1D5DD}:

Mediumstatus. . . . . . . . . . . : medium ontkoppeld
Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter
Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP ingeschakeld . . . . . . . . : nee
Autom. configuratie ingeschakeld : ja

Tunnel-adapter voor Teredo Tunneling Pseudo-Interface:

Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP ingeschakeld . . . . . . . . : nee
Autom. configuratie ingeschakeld : ja
IPv6-adres. . . . . . . . . . . . : 2001:0:5ef5:79fb:2057:2dea:3f57:fe9a(voorkeur)
Link-local IPv6-adres . . . . . . : fe80::2057:2dea:3f57:fe9a%14(voorkeur)
Standaardgateway. . . . . . . . . : ::
NetBIOS via TCPIP . . . . . . . . : uitgeschakeld
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

Naam: google.com
Addresses: 2a00:1450:400c:c03::8b
173.194.66.138
173.194.66.113
173.194.66.102
173.194.66.101
173.194.66.139
173.194.66.100


Pingen naar google.com [173.194.66.138] met 32 bytes aan gegevens:
Antwoord van 173.194.66.138: bytes=32 tijd=32 ms TTL=47
Antwoord van 173.194.66.138: bytes=32 tijd=31 ms TTL=47

Ping-statistieken voor 173.194.66.138:
Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
(0% verlies).

De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
Minimum = 31ms, Maximum = 32ms, Gemiddelde = 31ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
Naam: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24


Pingen naar yahoo.com [206.190.36.45] met 32 bytes aan gegevens:
Antwoord van 206.190.36.45: bytes=32 tijd=234 ms TTL=47
Antwoord van 206.190.36.45: bytes=32 tijd=261 ms TTL=47

Ping-statistieken voor 206.190.36.45:
Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
(0% verlies).

De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
Minimum = 234ms, Maximum = 261ms, Gemiddelde = 247ms

Pingen naar 127.0.0.1 met 32 bytes aan gegevens:
Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128
Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128

Ping-statistieken voor 127.0.0.1:
Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
(0% verlies).

De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
Minimum = 0ms, Maximum = 0ms, Gemiddelde = 0ms
===========================================================================
Interfacelijst
15...b6 db c9 00 15 3b ......Microsoft Virtual WiFi Miniport Adapter
11...94 db c9 00 15 3b ......Atheros AR9485WB-EG Wireless Network Adapter
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 routetabel
===========================================================================
Actieve routes:
Netwerkadres Netmasker Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 281
192.168.1.101 255.255.255.255 On-link 192.168.1.101 281
192.168.1.255 255.255.255.255 On-link 192.168.1.101 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 281
===========================================================================
Permanente routes:
Geen

IPv6 routetabel
===========================================================================
Actieve routes:
Indien metrische netwerkbestemming Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:5ef5:79fb:2057:2dea:3f57:fe9a/128
On-link
11 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::2057:2dea:3f57:fe9a/128
On-link
11 281 fe80::b53b:70b2:c928:ab5f/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Permanente routes:
Geen
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/06/2013 02:24:37 PM) (Source: SideBySide) (User: )
Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2013 01:47:23 PM) (Source: SideBySide) (User: )
Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2013 01:46:48 PM) (Source: SideBySide) (User: )
Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2013 01:46:18 PM) (Source: SideBySide) (User: )
Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2013 01:34:13 PM) (Source: SideBySide) (User: )
Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2013 01:09:21 PM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: aswMBR.exe, versie: 0.9.9.1707, tijdstempel: 0x509be8bf
Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel: 0x4ec49b8f
Uitzonderingscode: 0xc0000005
Foutoffset: 0x0002e3be
Id van proces met fout: 0x1a4c
Starttijd van toepassing met fout: 0xaswMBR.exe0
Pad naar toepassing met fout: aswMBR.exe1
Pad naar module met fout: aswMBR.exe2
Rapport-id: aswMBR.exe3

Error: (02/06/2013 00:59:02 PM) (Source: SideBySide) (User: )
Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2013 00:59:02 PM) (Source: SideBySide) (User: )
Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2013 11:13:25 AM) (Source: SideBySide) (User: )
Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2013 11:13:25 AM) (Source: SideBySide) (User: )
Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/06/2013 02:23:57 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: Er is een fout opgetreden bij een poging het local hosts-bestand te lezen.

Error: (02/06/2013 02:23:52 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: Er is een fout opgetreden bij een poging het local hosts-bestand te lezen.

Error: (02/06/2013 02:23:51 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: Er is een fout opgetreden bij een poging het local hosts-bestand te lezen.

Error: (02/06/2013 02:23:51 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: Er is een fout opgetreden bij een poging het local hosts-bestand te lezen.

Error: (02/06/2013 02:23:50 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: Er is een fout opgetreden bij een poging het local hosts-bestand te lezen.

Error: (02/06/2013 02:23:45 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: Er is een fout opgetreden bij een poging het local hosts-bestand te lezen.

Error: (02/06/2013 02:23:43 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: Er is een fout opgetreden bij een poging het local hosts-bestand te lezen.

Error: (02/06/2013 02:23:40 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: Er is een fout opgetreden bij een poging het local hosts-bestand te lezen.

Error: (02/06/2013 02:18:18 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: Er is een fout opgetreden bij een poging het local hosts-bestand te lezen.

Error: (02/06/2013 01:46:39 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: Er is een fout opgetreden bij een poging het local hosts-bestand te lezen.


Microsoft Office Sessions:
=========================
Error: (02/06/2013 02:24:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Simone\Desktop\esetsmartinstaller_enu (1).exe

Error: (02/06/2013 01:47:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Simone\Desktop\esetsmartinstaller_enu (1).exe

Error: (02/06/2013 01:46:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Simone\Downloads\esetsmartinstaller_enu.exe

Error: (02/06/2013 01:46:18 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Simone\Desktop\esetsmartinstaller_enu (1).exe

Error: (02/06/2013 01:34:13 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Simone\Downloads\esetsmartinstaller_enu.exe

Error: (02/06/2013 01:09:21 PM) (Source: Application Error)(User: )
Description: aswMBR.exe0.9.9.1707509be8bfntdll.dll6.1.7601.177254ec49b8fc00000050002e3be1a4c01ce0461b48f97bdC:\Users\Simone\Desktop\aswMBR.exeC:\Windows\SysWOW64\ntdll.dll09800476-7056-11e2-b63e-87bac0f68f31

Error: (02/06/2013 00:59:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Simone\Desktop\esetsmartinstaller_enu (1).exe

Error: (02/06/2013 00:59:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Simone\Desktop\esetsmartinstaller_enu (1).exe

Error: (02/06/2013 11:13:25 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Simone\Desktop\esetsmartinstaller_enu (1).exe

Error: (02/06/2013 11:13:25 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Simone\Desktop\esetsmartinstaller_enu (1).exe


CodeIntegrity Errors:
===================================
Date: 2013-01-07 16:38:41.509
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume1\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

Date: 2013-01-07 16:38:41.322
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume1\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


=========================== Installed Programs ============================

??? ActiveX ?? Windows Live Mesh ???? ??????? ??????? (Version: 15.4.5722.2)
???? ??? Windows Live (Version: 15.4.3502.0922)
???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ??????? (Version: 15.4.5722.2)
?????? ??????? ?? Windows Live (Version: 15.4.3502.0922)
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ??????????? (Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (Version: 15.4.5722.2)
???????? ?????????? Windows Live (Version: 15.4.3502.0922)
?????????? Windows Live (Version: 15.4.3502.0922)
64 Bit HP CIO Components Installer (Version: 6.2.2)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Help Manager (Version: 4.0.244)
Adobe Illustrator CS6 (Version: 16.0)
Adobe Reader XI (11.0.01) - Nederlands (Version: 11.0.01)
Albelli Fotoboeken
ASUS AI Recovery (Version: 1.0.19)
ASUS FaceLogon (Version: 1.0.0013)
ASUS LifeFrame3 (Version: 3.0.28)
ASUS Live Update (Version: 3.1.0)
ASUS Power4Gear Hybrid (Version: 1.1.50)
ASUS PWR Option (Version: 1.0.9)
ASUS Secure Delete (Version: 1.00.0009)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0037)
ASUS USB Charger Plus (Version: 2.0.6)
ASUS Virtual Touch (Version: 1.0.9)
ASUS WebStorage (Version: 3.0.108.222)
AsusScr_ZENBOOK_31 (Version: 1.0.0003)
ATK Package (Version: 1.0.0014)
aWARemote Server version 2.2.1 (Version: 2.2.1)
AX88772B Windows 7 Drivers (Version: 1.0.1.1)
Bluetooth Win7 Suite (64) (Version: 7.4.0.90)
CCleaner (Version: 3.26)
Citrix ICA Web Client
Citrix XenApp Web Plugin (Version: 11.0.150.5357)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (Version: 15.4.5722.2)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.46.1.0327)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox (Version: 1.6.16)
ESET Online Scanner v3
ETDWare PS/2-X64 10.5.5.0 (Version: 10.5.5.0)
Fresco Logic USB3.0 Host Controller (Version: 3.5.24.0)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Google Chrome (Version: 24.0.1312.57)
Google Update Helper (Version: 1.3.21.135)
HP Photosmart Wireless B109n-z All-in-One Driver 14.0 Rel. 6 (Version: 14.0)
IETester v0.4.12 (remove only) (Version: 0.4.12)
IIS 8.0 Express (Version: 8.0.1557)
IIS Express Application Compatibility Database for x64
InstantOn for NB (Version: 2.1.8)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2559)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Juniper Citrix Services Client (Version: 5.5.0.12029)
Juniper Networks Setup Client (Version: 1.0.0.3)
Malwarebytes Anti-Malware versie 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Report Viewer 2012 Runtime (Version: 11.0.2100.60)
Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.51.2500.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server 2012 Native Client (Version: 11.0.2316.0)
Microsoft SQL Server 2012 Setup (English) (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (Version: 11.0.2316.0)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (Version: 11.0.2100.60)
Microsoft SQL Server System CLR Types (Version: 10.51.2500.0)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft System CLR Types for SQL Server 2012 (x64) (Version: 11.0.2100.60)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (Version: 10.0.40219)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.35191)
MPC-HC 1.6.4.6052 (Version: 1.6.4.6052)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 140.0.215.000)
Nuance PDF Reader (Version: 6.00.0041)
PDF Settings CS6 (Version: 11.0)
PS_AIO_06_B109n-z_SW_Min (Version: 140.0.690.000)
Qualcomm Atheros WiFi Driver Installation (Version: 9.2)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (Version: 6.0.1.6446)
Realtek USB 2.0 Reader Driver (Version: 6.1.7600.10010)
Revo Uninstaller Pro 2.5.9 (Version: 2.5.9)
S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922)
Scan (Version: 140.0.80.000)
Skype™ 5.10 (Version: 5.10.116)
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? (Version: 15.4.5722.2)
Sublime Text 2.0.1
Toolbox (Version: 140.0.428.000)
Trojan Killer (Version: 2.1.5.0)
Update 4.0.2 for Microsoft .NET Framework 4 Client Profile (KB2544514) (Version: 1)
Update 4.0.2 for Microsoft .NET Framework 4 Extended (KB2544514) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Visual Studio 2010 Prerequisites - English (Version: 10.0.40219)
Winamp (Version: 5.63 )
Winamp Applicatie Detect (Version: 1.0.0.1)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (Version: 15.4.5722.2)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinFlash (Version: 2.32.3)
Wireless Console 3 (Version: 3.0.25)

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 3998.64 MB
Available physical RAM: 2210.97 MB
Total Pagefile: 7995.48 MB
Available Pagefile: 6167.41 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.24 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:111.24 GB) (Free:29.2 GB) NTFS

========================= Users: ========================================

Gebruikersaccounts voor \\SIMONE-PC

Administrator Gast Simone
De opdracht is voltooid.

========================= Restore Points ==================================

04-02-2013 23:13:52 ComboFix created restore point
04-02-2013 23:43:29 Revo Uninstaller Pro's restore point - Google Chrome
05-02-2013 00:02:29 Installed SpyHunter
05-02-2013 20:05:28 Revo Uninstaller Pro's restore point - SpyHunter
05-02-2013 20:06:41 Removed SpyHunter
05-02-2013 21:04:36 Revo Uninstaller Pro's restore point - Malwarebytes Anti-Malware versie 1.70.0.1100
06-02-2013 08:43:11 Windows Update

**** End of log ****


____________________________________________________________




Farbar Service scanner


Farbar Service Scanner Version: 30-01-2013
Ran by Simone (administrator) on 06-02-2013 at 15:28:32
Running from "C:\Users\Simone\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



_________________________________________________________



AdwCleaner



# AdwCleaner v2.111 - Verslag gemaakt op 06/02/2013 om 15:29:52
# Geactualiseerd op 05/02/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : Simone - SIMONE-PC
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Simone\Desktop\AdwCleaner.exe
# Optie [Zoeken]


***** [Diensten] *****


***** [Files / Mappen] *****


***** [Register] *****


***** [Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[R1].txt - [3306 octets] - [16/01/2013 22:32:17]
AdwCleaner[R2].txt - [1365 octets] - [16/01/2013 22:42:50]
AdwCleaner[R3].txt - [1124 octets] - [20/01/2013 21:21:25]
AdwCleaner[R4].txt - [1244 octets] - [31/01/2013 22:09:51]
AdwCleaner[R5].txt - [1213 octets] - [05/02/2013 00:55:26]
AdwCleaner[R6].txt - [1054 octets] - [06/02/2013 15:29:52]
AdwCleaner[S1].txt - [3469 octets] - [16/01/2013 22:32:59]
AdwCleaner[S2].txt - [1438 octets] - [16/01/2013 22:43:30]
AdwCleaner[S3].txt - [1190 octets] - [20/01/2013 21:22:00]
AdwCleaner[S4].txt - [1310 octets] - [31/01/2013 22:10:37]
AdwCleaner[S5].txt - [1281 octets] - [05/02/2013 00:55:54]

########## EOF - C:\AdwCleaner[R6].txt - [1414 octets] ##########



____________________________________________________________________________________




JRT





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows 7 Home Premium x64
Ran by Simone on wo 06-02-2013 at 15:33:06,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on wo 06-02-2013 at 15:51:15,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





__________________________________________________________________________________________________________________








Rkill






Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/06/2013 03:51:41 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Security Center (wscsvc) is not Running.
Startup Type set to: Disabled

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 02/06/2013 03:51:59 PM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)




___________________________________________________________________________________________________










Autoruns





"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AthBtTray" "Bluetooth Tray" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\athbttray.exe"
+ "AtherosBtStack" "Bluetooth-stackserver" "Atheros Communications" "c:\program files (x86)\bluetooth suite\btvstack.exe"
+ "ETDCtrl" "ETD Control Center" "ELAN Microelectronics Corp." "c:\program files\elantech\etdctrl.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelTBRunOnce" "" "" "c:\program files\intel\turboboost\runtbgadgetonce.vbs"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RTHDVCPL" "Realtek HD Audio configuratie" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "ASUS Screen Saver Protector" "AsScrPro" "ASUS" "c:\windows\asscrpro.exe"
+ "ASUSWebStorage" "AsusWebStorage" "ecareme" "c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswspanel.exe"
+ "ATKMEDIA" "ATK Media" "ASUS" "c:\program files (x86)\asus\atk package\atk media\dmedia.exe"
+ "ATKOSD2" "ATKOSD2" "ASUS" "c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "FLxHCIm64" "Fresco Logic" "Windows ® Win 7 DDK provider" "c:\program files\fresco logic\fresco logic usb3.0 host controller\amd64_host\flxhcim.exe"
+ "HControlUser" "HControlUser" "ASUS" "c:\program files (x86)\asus\atk package\atk hotkey\hcontroluser.exe"
+ "WinampAgent" "Winamp Agent" "Nullsoft, Inc." "c:\program files (x86)\winamp\winampa.exe"
+ "Wireless Console 3" "Wireless Console 3" "ASUS" "c:\program files (x86)\asus\wireless console 3\wcourier.exe"
"C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\24.0.1312.57\installer\chrmstp.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files (x86)\daemon tools lite\dtlite.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Atheros" "Bluetooth-toepassingsuitbreiding" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\btvappext.dll"
+ "DataSanitizerShellExtObj" "TODO: <File description>" "TODO: <Company name>" "c:\program files (x86)\common files\asus\secure delete\asus secure delete shellext.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "FTShellContext" "Bluetooth Tray" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\shellcontextext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DataSanitizerShellExtObj" "TODO: <File description>" "TODO: <Company name>" "c:\program files (x86)\common files\asus\secure delete\asus secure delete shellext.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Ath_CopyHook" "AthCopyHook Dynamic Link Library" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\athcopyhook.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "RUShellExt" "Revo Uninstaller Pro Extension" "VS Revo Group" "c:\program files\vs revo group\revo uninstaller pro\ruext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "AsusWSShellExt_B" "AsusWSShellExt64" "eCareme Technologies, Inc." "c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswsshellext64.dll"
+ "AsusWSShellExt_O" "AsusWSShellExt64" "eCareme Technologies, Inc." "c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswsshellext64.dll"
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\progra~1\micros~2\office14\grooveex.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "CIESpeechBHO Class" "Bluetooth IE PlugIn" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\ieplugin.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Gekoppelde notities van OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "&Verzenden naar OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Gekoppelde notities van OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "&Verzenden naar OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Send by Bluetooth to" "Bluetooth IE PlugIn" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\ieplugin.dll"
"Task Scheduler" "" "" ""
+ "\ACMON" "ACMON " "ASUS" "c:\program files (x86)\asus\splendid\acmon.exe"
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\AdobeAAMUpdater-1.0-Simone-PC-Simone" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\ASUS Live Update" "ASUS Live Update" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\asus live update\liveupdate.exe"
+ "\ASUS P4G" "Power4Gear Hybrid" "ASUS" "c:\program files\asus\p4g\batterylife.exe"
+ "\ASUS Quick Gesture" "ASUS Quick Gesture Exe" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\asus virtual touch\quickgesture\x86\quickgesture.exe"
+ "\ASUS Quick Gesture (x64)" "ASUS Quick Gesture Exe" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\asus virtual touch\quickgesture\x64\quickgesture64.exe"
+ "\ASUS SmartLogon Console Sensor" "FaceLogon Application" "ASUS" "c:\program files (x86)\asus\facelogon\sensorsrv.exe"
+ "\ATKOSD2" "ATKOSD2" "ASUS" "c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\Fxytttr" "" "" "c:\windows\syswow64\c_200048.dll"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\TabletPC\InputPersonalization" "" "" "File not found: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Toepassing voor configuratie van Windows Media Connect" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Secure Delete" "ASUS SecureDelete Server" "" "c:\program files\asus\asus secure delete\addel.exe"
+ "\SidebarExecute" "Windows-bureaubladgadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\USBChargerPlus" "USB Charger+" "ASUSTek Computer Inc." "c:\program files (x86)\asus\usbchargerplus\usbchargerplus.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater houdt uw Adobe-software bij de tijd." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "Deze service zorgt ervoor dat uw installatie van Adobe Flash Player up-to-date blijft met de nieuwste correcties en beveiligingsverbeteringen." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "ASLDRService" "ASLDR Service" "ASUS" "c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe"
+ "ASUS InstantOn" "ASUS InstantOn Program" "ASUS" "c:\program files (x86)\asus\instanton for nb\insonsrv.exe"
+ "Atheros Bt&Wlan Coex Agent" "Co-existence Coordinator Service between 11a/b/g/n Wireless LAN and Bluetooth." "Atheros" "c:\program files (x86)\bluetooth suite\ath_coexagent.exe"
+ "AtherosSvc" "Atheros BT Stack Service Agent" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\adminservice.exe"
+ "ATKGFNEXSrv" "GFNEXSrv" "ASUS" "c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe"
+ "gupdate" "Zorgt ervoor dat u altijd beschikt over de nieuwste Google-software. Als deze service wordt uitgeschakeld of afgebroken, wordt uw Google-software niet bijgewerkt. Hierdoor kunnen beveiligingsrisico's mogelijk niet worden verholpen of kunnen bepaalde functies niet werken. Deze service verwijdert zichzelf wanneer er geen Google-software is waarvoor de service wordt gebruikt." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Zorgt ervoor dat u altijd beschikt over de nieuwste Google-software. Als deze service wordt uitgeschakeld of afgebroken, wordt uw Google-software niet bijgewerkt. Hierdoor kunnen beveiligingsrisico's mogelijk niet worden verholpen of kunnen bepaalde functies niet werken. Deze service verwijdert zichzelf wanneer er geen Google-software is waarvoor de service wordt gebruikt." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "HPSLPSVC" "Onthult en bewaakt de staat en configuratie van de HP-apparaten die aan uw netwerk zijn gekoppeld. Als de service wordt gestopt en uw apparaten een ander IP-adres krijgen, zijn deze wellicht niet meer beschikbaar." "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MsMpSvc" "Beschermt gebruikers tegen malware en andere mogelijk ongewenste software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "NisSrv" "Biedt bescherming tegen inbraakpogingen die gericht zijn op bekende en onlangs gevonden zwakke plekken in netwerkprotocollen" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "ose" "Hiermee worden de installatiebestanden opgeslagen die worden gebruikt voor het bijwerken en herstellen. Dit is vereist voor het downloaden van updates van Setup en van Watson-foutrapporten." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "TurboBoost" "Intel® Turbo Boost Technology Monitor 2.0" "Intel® Corporation" "c:\program files\intel\turboboost\turboboost.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Hiermee worden media-bestanden met behulp van UPnP (Universal Plug and Play) op media-apparaten beschikbaar gemaakt" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AiCharger" "ASUS Charger driver" "ASUSTek Computer Inc." "c:\windows\system32\drivers\aicharger.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "ASMMAP64" "Memory mapping Driver" "ASUS" "c:\program files (x86)\asus\atk package\atkgfnex\asmmap64.sys"
+ "assd" "ASUS Image Toolkit Disk Monitor Driver" "ASUS Corporation" "c:\windows\system32\drivers\assd.sys"
+ "AsusVBus" "ASUS Virtual Bus" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\asusvbus.sys"
+ "AsusVTouch" "ASUS HID mini driver for Virtual Touch Device" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\asusvtouch.sys"
+ "AthBTPort" "Atheros FILTER driver" "Atheros" "c:\windows\system32\drivers\btath_flt.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "ATKWMIACPIIO" "ATK WMIACPI Utility" "ASUS" "c:\program files (x86)\asus\atk package\atk wmiacpi\atkwmiacpi64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serieel I/F-stuurprogramma (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BTATH_A2DP" "Atheros A2DP driver" "Atheros" "c:\windows\system32\drivers\btath_a2dp.sys"
+ "btath_avdt" "Atheros Bluetooth AVDT driver" "Atheros" "c:\windows\system32\drivers\btath_avdt.sys"
+ "BTATH_BUS" "Atheros BUS driver" "Atheros" "c:\windows\system32\drivers\btath_bus.sys"
+ "BTATH_HCRP" "Atheros HCRP driver" "Atheros" "c:\windows\system32\drivers\btath_hcrp.sys"
+ "BTATH_LWFLT" "Atheros FILTER driver" "Atheros" "c:\windows\system32\drivers\btath_lwflt.sys"
+ "BTATH_RCP" "Atheros AVRCP driver" "Atheros" "c:\windows\system32\drivers\btath_rcp.sys"
+ "BtFilter" "BtFilter Driver" "Atheros" "c:\windows\system32\drivers\btfilter.sys"
+ "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "ETD" "ETD Kernel Center" "ELAN Microelectronics Corp." "c:\windows\system32\drivers\etd.sys"
+ "FLxHCIc" "Fresco Logic xHCI (USB3) Bus Driver" "Fresco Logic" "c:\windows\system32\drivers\flxhcic.sys"
+ "FLxHCIh" "Fresco Logic xHCI (USB3) Hub Driver" "Fresco Logic" "c:\windows\system32\drivers\flxhcih.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "kbfiltr" "Keyboard Filter Driver" " " "c:\windows\system32\drivers\kbfiltr.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "Revoflt" "Revo Uninstaller Filter driver" "VS Revo Group" "c:\windows\system32\drivers\revoflt.sys"
+ "RSUSBVSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsuvstor.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSGbeLH" "NDIS 6.0 Miniport Driver for SiS191/SiS190 Ethernet Device" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisg664.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "TrojanKillerDriver" "GridinSoft Trojan Killer Mini-Filter Driver" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\gtkdrv.sys"
+ "TurboB" "Turbo Boost UI Monitor driver" "Intel® Corporation" "c:\windows\system32\drivers\turbob.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak®-codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ASUS Color Convert" "ASUS Color Preview Filter" "ASUSTek" "c:\program files (x86)\asus\splendid\rgbtran.ax"
+ "ASUS Color Preview Filter" "ASUS Color Preview Filter" "ASUSTek" "c:\program files (x86)\asus\splendid\rgbtran.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Gargle" "Gargle Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\asus\asus lifeframe3\lifeframeaudio.ax"
+ "LifeFrame Image Effects" "Camera Filter" "ASUS" "c:\program files (x86)\asus\asus lifeframe3\camera_effect.ax"
+ "Logon Effects" "SmartLogon Filter" "ASUS" "c:\program files (x86)\asus\facelogon\face_filter.ax"
+ "MotionDetect" "" "" "c:\program files (x86)\asus\asus lifeframe3\motiondetect.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "AthCredentialProvider" "Bluetooth Credential Provider" "Atheros Commnucations" "c:\windows\system32\athcredentialprovider.dll"
+ "FaceCredentialProvider64" "FaceLogon Dynamic Link Library" "ASUS" "c:\program files (x86)\asus\facelogon\system\facecredentialprovider64.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "hpf3l70w.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3l70w.dll"










________________________________________________________________________________________________________________



A lot of logs.. hope you can find it out somewhere. Thanks for your help.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:00 AM

Posted 06 February 2013 - 10:32 AM

Click on startmenu and type

cmd

Right click on it and select run as administrator and run these commands

cd C:\Windows\SysWOW64
takeown /a /f c_200048.dll
cacls c_200048.dll /g everyone:f


Type Y and press <ENTER>

attrib -s -h -r c_200048.dll
del c_200048.dll


Restart the PC,run autoruns again and post the new log

#7 HoloX

HoloX
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:00 AM

Posted 06 February 2013 - 10:56 AM

At

cacls c_200048.dll /g everyone:f

it says (translated):

No mapping between account names and security ID's..

Found several things on the net about it, but what to do?

Thanks for your quick responses.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:00 AM

Posted 06 February 2013 - 11:01 AM

Browse to

C:\windows\sysWOW64

On top ,click on organize-folder and search options

Click on view tab and scroll down

Checkmark show hidden files
Uncheck Hide operating system files

CLick ok

You should find c_200048.dll

Take ownership of the file using this guide

http://www.techrepublic.com/blog/window-on-windows/quick-tip-take-ownership-of-files-and-folders-in-windows/3688

Right click on the FILE-PROPERTIES

Click on SECURITY tab

Click on EDIT tab and click on ADD and type

Everyone and click ok

Now uncheck both READ ONLY and HIDDEN attributes

click ok

Delete the file now. Restart the PC,run autoruns again and post the new log

Edited by narenxp, 06 February 2013 - 11:02 AM.


#9 HoloX

HoloX
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:00 AM

Posted 06 February 2013 - 11:29 AM

Did that.

Logfile autoruns:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AthBtTray" "Bluetooth Tray" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\athbttray.exe"
+ "AtherosBtStack" "Bluetooth-stackserver" "Atheros Communications" "c:\program files (x86)\bluetooth suite\btvstack.exe"
+ "ETDCtrl" "ETD Control Center" "ELAN Microelectronics Corp." "c:\program files\elantech\etdctrl.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelTBRunOnce" "" "" "c:\program files\intel\turboboost\runtbgadgetonce.vbs"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RTHDVCPL" "Realtek HD Audio configuratie" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "ASUS Screen Saver Protector" "AsScrPro" "ASUS" "c:\windows\asscrpro.exe"
+ "ASUSWebStorage" "AsusWebStorage" "ecareme" "c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswspanel.exe"
+ "ATKMEDIA" "ATK Media" "ASUS" "c:\program files (x86)\asus\atk package\atk media\dmedia.exe"
+ "ATKOSD2" "ATKOSD2" "ASUS" "c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "FLxHCIm64" "Fresco Logic" "Windows ® Win 7 DDK provider" "c:\program files\fresco logic\fresco logic usb3.0 host controller\amd64_host\flxhcim.exe"
+ "HControlUser" "HControlUser" "ASUS" "c:\program files (x86)\asus\atk package\atk hotkey\hcontroluser.exe"
+ "WinampAgent" "Winamp Agent" "Nullsoft, Inc." "c:\program files (x86)\winamp\winampa.exe"
+ "Wireless Console 3" "Wireless Console 3" "ASUS" "c:\program files (x86)\asus\wireless console 3\wcourier.exe"
"C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\24.0.1312.57\installer\chrmstp.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files (x86)\daemon tools lite\dtlite.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Atheros" "Bluetooth-toepassingsuitbreiding" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\btvappext.dll"
+ "DataSanitizerShellExtObj" "TODO: <File description>" "TODO: <Company name>" "c:\program files (x86)\common files\asus\secure delete\asus secure delete shellext.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "FTShellContext" "Bluetooth Tray" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\shellcontextext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DataSanitizerShellExtObj" "TODO: <File description>" "TODO: <Company name>" "c:\program files (x86)\common files\asus\secure delete\asus secure delete shellext.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Ath_CopyHook" "AthCopyHook Dynamic Link Library" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\athcopyhook.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "RUShellExt" "Revo Uninstaller Pro Extension" "VS Revo Group" "c:\program files\vs revo group\revo uninstaller pro\ruext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "AsusWSShellExt_B" "AsusWSShellExt64" "eCareme Technologies, Inc." "c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswsshellext64.dll"
+ "AsusWSShellExt_O" "AsusWSShellExt64" "eCareme Technologies, Inc." "c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswsshellext64.dll"
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\simone\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "CIESpeechBHO Class" "Bluetooth IE PlugIn" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\ieplugin.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Gekoppelde notities van OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "&Verzenden naar OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Gekoppelde notities van OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "&Verzenden naar OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Send by Bluetooth to" "Bluetooth IE PlugIn" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\ieplugin.dll"
"Task Scheduler" "" "" ""
+ "\AdobeAAMUpdater-1.0-Simone-PC-Simone" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\ATKOSD2" "ATKOSD2" "ASUS" "c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\TabletPC\InputPersonalization" "" "" "File not found: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Toepassing voor configuratie van Windows Media Connect" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\SidebarExecute" "Windows-bureaubladgadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater houdt uw Adobe-software bij de tijd." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "Deze service zorgt ervoor dat uw installatie van Adobe Flash Player up-to-date blijft met de nieuwste correcties en beveiligingsverbeteringen." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "ASLDRService" "ASLDR Service" "ASUS" "c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe"
+ "ASUS InstantOn" "ASUS InstantOn Program" "ASUS" "c:\program files (x86)\asus\instanton for nb\insonsrv.exe"
+ "Atheros Bt&Wlan Coex Agent" "Co-existence Coordinator Service between 11a/b/g/n Wireless LAN and Bluetooth." "Atheros" "c:\program files (x86)\bluetooth suite\ath_coexagent.exe"
+ "AtherosSvc" "Atheros BT Stack Service Agent" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\adminservice.exe"
+ "ATKGFNEXSrv" "GFNEXSrv" "ASUS" "c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe"
+ "gupdate" "Zorgt ervoor dat u altijd beschikt over de nieuwste Google-software. Als deze service wordt uitgeschakeld of afgebroken, wordt uw Google-software niet bijgewerkt. Hierdoor kunnen beveiligingsrisico's mogelijk niet worden verholpen of kunnen bepaalde functies niet werken. Deze service verwijdert zichzelf wanneer er geen Google-software is waarvoor de service wordt gebruikt." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Zorgt ervoor dat u altijd beschikt over de nieuwste Google-software. Als deze service wordt uitgeschakeld of afgebroken, wordt uw Google-software niet bijgewerkt. Hierdoor kunnen beveiligingsrisico's mogelijk niet worden verholpen of kunnen bepaalde functies niet werken. Deze service verwijdert zichzelf wanneer er geen Google-software is waarvoor de service wordt gebruikt." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "HPSLPSVC" "Onthult en bewaakt de staat en configuratie van de HP-apparaten die aan uw netwerk zijn gekoppeld. Als de service wordt gestopt en uw apparaten een ander IP-adres krijgen, zijn deze wellicht niet meer beschikbaar." "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MsMpSvc" "Beschermt gebruikers tegen malware en andere mogelijk ongewenste software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "NisSrv" "Biedt bescherming tegen inbraakpogingen die gericht zijn op bekende en onlangs gevonden zwakke plekken in netwerkprotocollen" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "ose" "Hiermee worden de installatiebestanden opgeslagen die worden gebruikt voor het bijwerken en herstellen. Dit is vereist voor het downloaden van updates van Setup en van Watson-foutrapporten." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "TurboBoost" "Intel® Turbo Boost Technology Monitor 2.0" "Intel® Corporation" "c:\program files\intel\turboboost\turboboost.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Hiermee worden media-bestanden met behulp van UPnP (Universal Plug and Play) op media-apparaten beschikbaar gemaakt" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AiCharger" "ASUS Charger driver" "ASUSTek Computer Inc." "c:\windows\system32\drivers\aicharger.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "ASMMAP64" "Memory mapping Driver" "ASUS" "c:\program files (x86)\asus\atk package\atkgfnex\asmmap64.sys"
+ "assd" "ASUS Image Toolkit Disk Monitor Driver" "ASUS Corporation" "c:\windows\system32\drivers\assd.sys"
+ "AsusVBus" "ASUS Virtual Bus" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\asusvbus.sys"
+ "AsusVTouch" "ASUS HID mini driver for Virtual Touch Device" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\asusvtouch.sys"
+ "AthBTPort" "Atheros FILTER driver" "Atheros" "c:\windows\system32\drivers\btath_flt.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "ATKWMIACPIIO" "ATK WMIACPI Utility" "ASUS" "c:\program files (x86)\asus\atk package\atk wmiacpi\atkwmiacpi64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serieel I/F-stuurprogramma (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BTATH_A2DP" "Atheros A2DP driver" "Atheros" "c:\windows\system32\drivers\btath_a2dp.sys"
+ "btath_avdt" "Atheros Bluetooth AVDT driver" "Atheros" "c:\windows\system32\drivers\btath_avdt.sys"
+ "BTATH_BUS" "Atheros BUS driver" "Atheros" "c:\windows\system32\drivers\btath_bus.sys"
+ "BTATH_HCRP" "Atheros HCRP driver" "Atheros" "c:\windows\system32\drivers\btath_hcrp.sys"
+ "BTATH_LWFLT" "Atheros FILTER driver" "Atheros" "c:\windows\system32\drivers\btath_lwflt.sys"
+ "BTATH_RCP" "Atheros AVRCP driver" "Atheros" "c:\windows\system32\drivers\btath_rcp.sys"
+ "BtFilter" "BtFilter Driver" "Atheros" "c:\windows\system32\drivers\btfilter.sys"
+ "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "ETD" "ETD Kernel Center" "ELAN Microelectronics Corp." "c:\windows\system32\drivers\etd.sys"
+ "FLxHCIc" "Fresco Logic xHCI (USB3) Bus Driver" "Fresco Logic" "c:\windows\system32\drivers\flxhcic.sys"
+ "FLxHCIh" "Fresco Logic xHCI (USB3) Hub Driver" "Fresco Logic" "c:\windows\system32\drivers\flxhcih.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "kbfiltr" "Keyboard Filter Driver" " " "c:\windows\system32\drivers\kbfiltr.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "Revoflt" "Revo Uninstaller Filter driver" "VS Revo Group" "c:\windows\system32\drivers\revoflt.sys"
+ "RSUSBVSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsuvstor.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSGbeLH" "NDIS 6.0 Miniport Driver for SiS191/SiS190 Ethernet Device" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisg664.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "TrojanKillerDriver" "GridinSoft Trojan Killer Mini-Filter Driver" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\gtkdrv.sys"
+ "TurboB" "Turbo Boost UI Monitor driver" "Intel® Corporation" "c:\windows\system32\drivers\turbob.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak®-codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ASUS Color Convert" "ASUS Color Preview Filter" "ASUSTek" "c:\program files (x86)\asus\splendid\rgbtran.ax"
+ "ASUS Color Preview Filter" "ASUS Color Preview Filter" "ASUSTek" "c:\program files (x86)\asus\splendid\rgbtran.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Gargle" "Gargle Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\asus\asus lifeframe3\lifeframeaudio.ax"
+ "LifeFrame Image Effects" "Camera Filter" "ASUS" "c:\program files (x86)\asus\asus lifeframe3\camera_effect.ax"
+ "Logon Effects" "SmartLogon Filter" "ASUS" "c:\program files (x86)\asus\facelogon\face_filter.ax"
+ "MotionDetect" "" "" "c:\program files (x86)\asus\asus lifeframe3\motiondetect.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "AthCredentialProvider" "Bluetooth Credential Provider" "Atheros Commnucations" "c:\windows\system32\athcredentialprovider.dll"
+ "FaceCredentialProvider64" "FaceLogon Dynamic Link Library" "ASUS" "c:\program files (x86)\asus\facelogon\system\facecredentialprovider64.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "hpf3l70w.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3l70w.dll"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:00 AM

Posted 06 February 2013 - 11:37 AM

Restart the PC.Redirects should stop.

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#11 HoloX

HoloX
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:00 AM

Posted 06 February 2013 - 11:43 AM

Thanks man! Seems to work all fine now. Also Microsoft Security essentials is running good again.

Thanks!

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:00 AM

Posted 06 February 2013 - 11:45 AM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users