Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop up Ad


  • Please log in to reply
5 replies to this topic

#1 Robinn1987

Robinn1987

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:50 PM

Posted 06 February 2013 - 07:41 PM

I have a pop up ad virus on my computer that I can't identify nor get rid of. I am using Windows 7 and in any browser, ads start popping up in the lower right hand corner of my browser. Sometimes it looks like a cell phone, sometimes it looks like and ad and sometimes is shows a video screen and says "you are missing a plugin to play videos" and wants me to click on an Update button. I cannot get rid of this - I have tried Malwarbytes, Spybot Search and Destry, Ad-Aware but nothing has worked. Please help me! I have attached screenshots of all three types of ads. Thanks in advance.

I've got the same problem as this ->
http://www.bleepingcomputer.com/forums/topic454045.html

Here are my log files.

Log file TDSS Killer

01:29:13.0097 3036 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
01:29:13.0253 3036 ============================================================
01:29:13.0253 3036 Current date / time: 2013/02/07 01:29:13.0253
01:29:13.0253 3036 SystemInfo:
01:29:13.0253 3036
01:29:13.0253 3036 OS Version: 6.1.7601 ServicePack: 1.0
01:29:13.0253 3036 Product type: Workstation
01:29:13.0253 3036 ComputerName: RNIEUWHOF1
01:29:13.0253 3036 UserName: rnieuwhof
01:29:13.0253 3036 Windows directory: C:\Windows
01:29:13.0253 3036 System windows directory: C:\Windows
01:29:13.0253 3036 Running under WOW64
01:29:13.0253 3036 Processor architecture: Intel x64
01:29:13.0253 3036 Number of processors: 8
01:29:13.0253 3036 Page size: 0x1000
01:29:13.0253 3036 Boot type: Normal boot
01:29:13.0253 3036 ============================================================
01:29:13.0643 3036 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:29:13.0643 3036 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:29:13.0674 3036 Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:29:13.0674 3036 ============================================================
01:29:13.0674 3036 \Device\Harddisk0\DR0:
01:29:13.0674 3036 MBR partitions:
01:29:13.0674 3036 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
01:29:13.0674 3036 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE48800
01:29:13.0674 3036 \Device\Harddisk1\DR1:
01:29:14.0283 3036 MBR partitions:
01:29:14.0283 3036 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
01:29:14.0283 3036 \Device\Harddisk2\DR2:
01:29:14.0283 3036 MBR partitions:
01:29:14.0283 3036 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x2, BlocksNum 0x1D1C596E
01:29:14.0283 3036 ============================================================
01:29:14.0283 3036 C: <-> \Device\Harddisk0\DR0\Partition2
01:29:14.0330 3036 E: <-> \Device\Harddisk1\DR1\Partition1
01:29:14.0345 3036 H: <-> \Device\Harddisk2\DR2\Partition1
01:29:14.0345 3036 ============================================================
01:29:14.0345 3036 Initialize success
01:29:14.0345 3036 ============================================================
01:29:43.0392 3928 ============================================================
01:29:43.0392 3928 Scan started
01:29:43.0392 3928 Mode: Manual; TDLFS;
01:29:43.0392 3928 ============================================================
01:29:43.0533 3928 ================ Scan system memory ========================
01:29:43.0533 3928 System memory - ok
01:29:43.0533 3928 ================ Scan services =============================
01:29:43.0564 3928 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
01:29:43.0564 3928 1394ohci - ok
01:29:43.0564 3928 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:29:43.0580 3928 ACPI - ok
01:29:43.0580 3928 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:29:43.0580 3928 AcpiPmi - ok
01:29:43.0580 3928 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:29:43.0580 3928 AdobeARMservice - ok
01:29:43.0595 3928 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:29:43.0611 3928 AdobeFlashPlayerUpdateSvc - ok
01:29:43.0611 3928 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
01:29:43.0626 3928 adp94xx - ok
01:29:43.0626 3928 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
01:29:43.0626 3928 adpahci - ok
01:29:43.0642 3928 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
01:29:43.0642 3928 adpu320 - ok
01:29:43.0642 3928 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:29:43.0642 3928 AeLookupSvc - ok
01:29:43.0658 3928 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
01:29:43.0658 3928 AFD - ok
01:29:43.0673 3928 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:29:43.0673 3928 agp440 - ok
01:29:43.0673 3928 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
01:29:43.0673 3928 ALG - ok
01:29:43.0673 3928 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
01:29:43.0673 3928 aliide - ok
01:29:43.0673 3928 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
01:29:43.0673 3928 amdide - ok
01:29:43.0689 3928 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
01:29:43.0689 3928 AmdK8 - ok
01:29:43.0689 3928 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
01:29:43.0689 3928 AmdPPM - ok
01:29:43.0689 3928 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:29:43.0689 3928 amdsata - ok
01:29:43.0704 3928 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
01:29:43.0704 3928 amdsbs - ok
01:29:43.0704 3928 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:29:43.0704 3928 amdxata - ok
01:29:43.0704 3928 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
01:29:43.0704 3928 AppID - ok
01:29:43.0704 3928 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:29:43.0704 3928 AppIDSvc - ok
01:29:43.0720 3928 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
01:29:43.0720 3928 Appinfo - ok
01:29:43.0720 3928 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
01:29:43.0720 3928 AppMgmt - ok
01:29:43.0720 3928 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
01:29:43.0720 3928 arc - ok
01:29:43.0736 3928 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
01:29:43.0736 3928 arcsas - ok
01:29:43.0736 3928 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:29:43.0736 3928 AsyncMac - ok
01:29:43.0736 3928 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
01:29:43.0736 3928 atapi - ok
01:29:43.0751 3928 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:29:43.0751 3928 AudioEndpointBuilder - ok
01:29:43.0767 3928 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:29:43.0767 3928 AudioSrv - ok
01:29:43.0767 3928 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:29:43.0767 3928 AxInstSV - ok
01:29:43.0782 3928 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
01:29:43.0782 3928 b06bdrv - ok
01:29:43.0782 3928 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:29:43.0798 3928 b57nd60a - ok
01:29:43.0798 3928 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
01:29:43.0798 3928 BDESVC - ok
01:29:43.0798 3928 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
01:29:43.0798 3928 Beep - ok
01:29:43.0814 3928 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
01:29:43.0814 3928 BFE - ok
01:29:43.0829 3928 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
01:29:43.0845 3928 BITS - ok
01:29:43.0845 3928 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:29:43.0845 3928 blbdrive - ok
01:29:43.0845 3928 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:29:43.0845 3928 bowser - ok
01:29:43.0845 3928 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:29:43.0845 3928 BrFiltLo - ok
01:29:43.0860 3928 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:29:43.0860 3928 BrFiltUp - ok
01:29:43.0860 3928 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
01:29:43.0860 3928 Browser - ok
01:29:43.0860 3928 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:29:43.0876 3928 Brserid - ok
01:29:43.0876 3928 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:29:43.0876 3928 BrSerWdm - ok
01:29:43.0876 3928 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:29:43.0876 3928 BrUsbMdm - ok
01:29:43.0876 3928 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:29:43.0876 3928 BrUsbSer - ok
01:29:43.0876 3928 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
01:29:43.0876 3928 BTHMODEM - ok
01:29:43.0892 3928 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
01:29:43.0892 3928 bthserv - ok
01:29:43.0892 3928 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:29:43.0892 3928 cdfs - ok
01:29:43.0892 3928 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
01:29:43.0892 3928 cdrom - ok
01:29:43.0907 3928 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
01:29:43.0907 3928 CertPropSvc - ok
01:29:43.0907 3928 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
01:29:43.0907 3928 circlass - ok
01:29:43.0907 3928 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
01:29:43.0923 3928 CLFS - ok
01:29:43.0923 3928 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:29:43.0923 3928 clr_optimization_v2.0.50727_32 - ok
01:29:43.0923 3928 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:29:43.0923 3928 clr_optimization_v2.0.50727_64 - ok
01:29:43.0938 3928 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:29:43.0938 3928 clr_optimization_v4.0.30319_32 - ok
01:29:43.0954 3928 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:29:43.0954 3928 clr_optimization_v4.0.30319_64 - ok
01:29:43.0954 3928 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:29:43.0954 3928 CmBatt - ok
01:29:43.0954 3928 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:29:43.0954 3928 cmdide - ok
01:29:43.0954 3928 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
01:29:43.0970 3928 CNG - ok
01:29:43.0970 3928 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:29:43.0970 3928 Compbatt - ok
01:29:43.0970 3928 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
01:29:43.0970 3928 CompositeBus - ok
01:29:43.0970 3928 COMSysApp - ok
01:29:43.0970 3928 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
01:29:43.0970 3928 crcdisk - ok
01:29:43.0985 3928 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:29:43.0985 3928 CryptSvc - ok
01:29:43.0985 3928 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
01:29:43.0985 3928 CSC - ok
01:29:44.0001 3928 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
01:29:44.0001 3928 CscService - ok
01:29:44.0016 3928 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:29:44.0016 3928 DcomLaunch - ok
01:29:44.0032 3928 [ D0B322012EBAB1F29E3AD4A8568B2DBA ] DefaultTabSearch C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
01:29:44.0032 3928 DefaultTabSearch - ok
01:29:44.0032 3928 [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\rnieuwhof\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
01:29:44.0032 3928 DefaultTabUpdate - ok
01:29:44.0048 3928 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
01:29:44.0048 3928 defragsvc - ok
01:29:44.0048 3928 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:29:44.0048 3928 DfsC - ok
01:29:44.0048 3928 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
01:29:44.0063 3928 Dhcp - ok
01:29:44.0063 3928 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
01:29:44.0063 3928 discache - ok
01:29:44.0063 3928 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
01:29:44.0063 3928 Disk - ok
01:29:44.0063 3928 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:29:44.0063 3928 Dnscache - ok
01:29:44.0079 3928 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
01:29:44.0079 3928 dot3svc - ok
01:29:44.0079 3928 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
01:29:44.0079 3928 DPS - ok
01:29:44.0079 3928 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:29:44.0079 3928 drmkaud - ok
01:29:44.0094 3928 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:29:44.0094 3928 DXGKrnl - ok
01:29:44.0094 3928 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
01:29:44.0110 3928 EapHost - ok
01:29:44.0126 3928 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
01:29:44.0157 3928 ebdrv - ok
01:29:44.0157 3928 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
01:29:44.0157 3928 EFS - ok
01:29:44.0172 3928 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:29:44.0172 3928 ehRecvr - ok
01:29:44.0172 3928 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
01:29:44.0172 3928 ehSched - ok
01:29:44.0188 3928 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
01:29:44.0188 3928 elxstor - ok
01:29:44.0188 3928 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:29:44.0188 3928 ErrDev - ok
01:29:44.0204 3928 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
01:29:44.0204 3928 EventSystem - ok
01:29:44.0204 3928 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
01:29:44.0204 3928 exfat - ok
01:29:44.0219 3928 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:29:44.0219 3928 fastfat - ok
01:29:44.0219 3928 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
01:29:44.0235 3928 Fax - ok
01:29:44.0235 3928 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:29:44.0235 3928 fdc - ok
01:29:44.0235 3928 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
01:29:44.0235 3928 fdPHost - ok
01:29:44.0235 3928 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
01:29:44.0235 3928 FDResPub - ok
01:29:44.0235 3928 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:29:44.0235 3928 FileInfo - ok
01:29:44.0250 3928 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:29:44.0250 3928 Filetrace - ok
01:29:44.0250 3928 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:29:44.0250 3928 flpydisk - ok
01:29:44.0250 3928 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:29:44.0250 3928 FltMgr - ok
01:29:44.0266 3928 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
01:29:44.0282 3928 FontCache - ok
01:29:44.0282 3928 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:29:44.0282 3928 FontCache3.0.0.0 - ok
01:29:44.0282 3928 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:29:44.0282 3928 FsDepends - ok
01:29:44.0282 3928 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:29:44.0282 3928 Fs_Rec - ok
01:29:44.0297 3928 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:29:44.0297 3928 fvevol - ok
01:29:44.0297 3928 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
01:29:44.0297 3928 gagp30kx - ok
01:29:44.0297 3928 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
01:29:44.0313 3928 gpsvc - ok
01:29:44.0313 3928 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:29:44.0313 3928 gupdate - ok
01:29:44.0313 3928 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:29:44.0313 3928 gupdatem - ok
01:29:44.0328 3928 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:29:44.0328 3928 hcw85cir - ok
01:29:44.0328 3928 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:29:44.0328 3928 HdAudAddService - ok
01:29:44.0328 3928 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
01:29:44.0328 3928 HDAudBus - ok
01:29:44.0328 3928 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
01:29:44.0344 3928 HidBatt - ok
01:29:44.0344 3928 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
01:29:44.0344 3928 HidBth - ok
01:29:44.0344 3928 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
01:29:44.0344 3928 HidIr - ok
01:29:44.0344 3928 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
01:29:44.0344 3928 hidserv - ok
01:29:44.0344 3928 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:29:44.0344 3928 HidUsb - ok
01:29:44.0360 3928 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:29:44.0360 3928 hkmsvc - ok
01:29:44.0360 3928 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:29:44.0360 3928 HomeGroupListener - ok
01:29:44.0360 3928 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:29:44.0375 3928 HomeGroupProvider - ok
01:29:44.0375 3928 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:29:44.0375 3928 HpSAMD - ok
01:29:44.0375 3928 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:29:44.0391 3928 HTTP - ok
01:29:44.0391 3928 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:29:44.0391 3928 hwpolicy - ok
01:29:44.0391 3928 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
01:29:44.0391 3928 i8042prt - ok
01:29:44.0406 3928 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:29:44.0406 3928 iaStorV - ok
01:29:44.0406 3928 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:29:44.0422 3928 idsvc - ok
01:29:44.0422 3928 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
01:29:44.0422 3928 iirsp - ok
01:29:44.0422 3928 [ 67999A9D34A0B2479381E7A61AFC37AB ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
01:29:44.0438 3928 ikbevent - ok
01:29:44.0438 3928 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
01:29:44.0453 3928 IKEEXT - ok
01:29:44.0453 3928 [ DDAE90DD5BDAC53C8C5CD5B82FC1F1B4 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
01:29:44.0453 3928 imsevent - ok
01:29:44.0500 3928 [ 059DDDEDBE5701DC3B779D32798108AC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:29:44.0516 3928 IntcAzAudAddService - ok
01:29:44.0531 3928 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
01:29:45.0124 3928 Intel® Capability Licensing Service Interface - ok
01:29:45.0124 3928 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
01:29:45.0124 3928 intelide - ok
01:29:45.0124 3928 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:29:45.0124 3928 intelppm - ok
01:29:45.0124 3928 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:29:45.0124 3928 IPBusEnum - ok
01:29:45.0140 3928 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:29:45.0140 3928 IpFilterDriver - ok
01:29:45.0140 3928 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:29:45.0140 3928 iphlpsvc - ok
01:29:45.0155 3928 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:29:45.0155 3928 IPMIDRV - ok
01:29:45.0155 3928 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:29:45.0155 3928 IPNAT - ok
01:29:45.0155 3928 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:29:45.0155 3928 IRENUM - ok
01:29:45.0155 3928 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:29:45.0155 3928 isapnp - ok
01:29:45.0155 3928 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:29:45.0171 3928 iScsiPrt - ok
01:29:45.0171 3928 [ 970995B7C36F4408ED31C3BF204FE1F5 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
01:29:45.0171 3928 ISCT - ok
01:29:45.0171 3928 [ 6F60B7AD044924B8C1E32D692C593612 ] ISCTAgent C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
01:29:45.0186 3928 ISCTAgent - ok
01:29:45.0186 3928 [ 846354992EBB373F452EB9182D501B08 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
01:29:45.0186 3928 iusb3hcs - ok
01:29:45.0186 3928 [ 1D88A23853387D34D52CC8F9DDBFC56C ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
01:29:45.0186 3928 iusb3hub - ok
01:29:45.0202 3928 [ FC5EFD7C797DF19DFB999F0605A7924E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
01:29:45.0202 3928 iusb3xhc - ok
01:29:45.0202 3928 [ 0043D9FB61C35F90886B1E93DD556FAF ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
01:29:45.0218 3928 jhi_service - ok
01:29:45.0218 3928 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:29:45.0218 3928 kbdclass - ok
01:29:45.0218 3928 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
01:29:45.0218 3928 kbdhid - ok
01:29:45.0218 3928 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
01:29:45.0218 3928 KeyIso - ok
01:29:45.0218 3928 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:29:45.0218 3928 KSecDD - ok
01:29:45.0233 3928 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:29:45.0233 3928 KSecPkg - ok
01:29:45.0233 3928 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:29:45.0233 3928 ksthunk - ok
01:29:45.0233 3928 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
01:29:45.0233 3928 KtmRm - ok
01:29:45.0249 3928 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
01:29:45.0249 3928 LanmanServer - ok
01:29:45.0249 3928 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:29:45.0249 3928 LanmanWorkstation - ok
01:29:45.0264 3928 [ 584528BF596A54B2BF6BE5067ADDA44A ] Linksys_adapter_H C:\Windows\system32\DRIVERS\AE2500w764.sys
01:29:45.0264 3928 Linksys_adapter_H - ok
01:29:45.0280 3928 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:29:45.0280 3928 lltdio - ok
01:29:45.0280 3928 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:29:45.0280 3928 lltdsvc - ok
01:29:45.0280 3928 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:29:45.0280 3928 lmhosts - ok
01:29:45.0296 3928 [ 2FB262276D1C689C6886B1C0710342FA ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
01:29:45.0296 3928 LMS - ok
01:29:45.0296 3928 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
01:29:45.0296 3928 LSI_FC - ok
01:29:45.0296 3928 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
01:29:45.0311 3928 LSI_SAS - ok
01:29:45.0311 3928 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:29:45.0311 3928 LSI_SAS2 - ok
01:29:45.0311 3928 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:29:45.0311 3928 LSI_SCSI - ok
01:29:45.0311 3928 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
01:29:45.0311 3928 luafv - ok
01:29:45.0311 3928 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
01:29:45.0327 3928 MBAMProtector - ok
01:29:45.0327 3928 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
01:29:45.0327 3928 MBAMScheduler - ok
01:29:45.0342 3928 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
01:29:45.0342 3928 MBAMService - ok
01:29:45.0342 3928 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:29:45.0342 3928 Mcx2Svc - ok
01:29:45.0358 3928 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
01:29:45.0358 3928 megasas - ok
01:29:45.0358 3928 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
01:29:45.0358 3928 MegaSR - ok
01:29:45.0358 3928 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
01:29:45.0358 3928 MEIx64 - ok
01:29:45.0374 3928 Microsoft SharePoint Workspace Audit Service - ok
01:29:45.0374 3928 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
01:29:45.0374 3928 MMCSS - ok
01:29:45.0374 3928 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
01:29:45.0374 3928 Modem - ok
01:29:45.0374 3928 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:29:45.0374 3928 monitor - ok
01:29:45.0389 3928 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:29:45.0389 3928 mouclass - ok
01:29:45.0389 3928 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:29:45.0389 3928 mouhid - ok
01:29:45.0389 3928 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:29:45.0389 3928 mountmgr - ok
01:29:45.0389 3928 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:29:45.0420 3928 MozillaMaintenance - ok
01:29:45.0420 3928 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
01:29:45.0420 3928 MpFilter - ok
01:29:45.0436 3928 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
01:29:45.0436 3928 mpio - ok
01:29:45.0436 3928 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:29:45.0436 3928 mpsdrv - ok
01:29:45.0452 3928 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
01:29:45.0452 3928 MpsSvc - ok
01:29:45.0452 3928 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:29:45.0452 3928 MRxDAV - ok
01:29:45.0467 3928 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:29:45.0467 3928 mrxsmb - ok
01:29:45.0467 3928 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:29:45.0467 3928 mrxsmb10 - ok
01:29:45.0467 3928 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:29:45.0467 3928 mrxsmb20 - ok
01:29:45.0483 3928 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
01:29:45.0483 3928 msahci - ok
01:29:45.0483 3928 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:29:45.0483 3928 msdsm - ok
01:29:45.0483 3928 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
01:29:45.0483 3928 MSDTC - ok
01:29:45.0483 3928 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:29:45.0483 3928 Msfs - ok
01:29:45.0498 3928 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:29:45.0498 3928 mshidkmdf - ok
01:29:45.0498 3928 MSICDSetup - ok
01:29:45.0498 3928 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:29:45.0498 3928 msisadrv - ok
01:29:45.0498 3928 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:29:45.0498 3928 MSiSCSI - ok
01:29:45.0498 3928 msiserver - ok
01:29:45.0514 3928 [ C72ADF8436182E12B1B7E04390CE4C5B ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
01:29:45.0530 3928 MSI_SuperCharger - ok
01:29:45.0530 3928 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:29:45.0530 3928 MSKSSRV - ok
01:29:45.0545 3928 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
01:29:45.0545 3928 MsMpSvc - ok
01:29:45.0545 3928 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:29:45.0545 3928 MSPCLOCK - ok
01:29:45.0545 3928 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:29:45.0545 3928 MSPQM - ok
01:29:45.0545 3928 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:29:45.0561 3928 MsRPC - ok
01:29:45.0561 3928 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
01:29:45.0561 3928 mssmbios - ok
01:29:45.0561 3928 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:29:45.0561 3928 MSTEE - ok
01:29:45.0561 3928 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
01:29:45.0561 3928 MTConfig - ok
01:29:45.0561 3928 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
01:29:45.0561 3928 Mup - ok
01:29:45.0576 3928 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
01:29:45.0576 3928 napagent - ok
01:29:45.0576 3928 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:29:45.0576 3928 NativeWifiP - ok
01:29:45.0592 3928 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:29:45.0608 3928 NDIS - ok
01:29:45.0608 3928 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:29:45.0608 3928 NdisCap - ok
01:29:45.0608 3928 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:29:45.0608 3928 NdisTapi - ok
01:29:45.0608 3928 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:29:45.0608 3928 Ndisuio - ok
01:29:45.0623 3928 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:29:45.0623 3928 NdisWan - ok
01:29:45.0623 3928 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:29:45.0623 3928 NDProxy - ok
01:29:45.0623 3928 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:29:45.0623 3928 NetBIOS - ok
01:29:45.0623 3928 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:29:45.0623 3928 NetBT - ok
01:29:45.0639 3928 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
01:29:45.0639 3928 Netlogon - ok
01:29:45.0639 3928 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
01:29:45.0639 3928 Netman - ok
01:29:45.0654 3928 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
01:29:45.0654 3928 netprofm - ok
01:29:45.0654 3928 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:29:45.0654 3928 NetTcpPortSharing - ok
01:29:45.0654 3928 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
01:29:45.0654 3928 nfrd960 - ok
01:29:45.0670 3928 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
01:29:45.0670 3928 NisDrv - ok
01:29:45.0670 3928 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
01:29:45.0670 3928 NisSrv - ok
01:29:45.0670 3928 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:29:45.0686 3928 NlaSvc - ok
01:29:45.0686 3928 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:29:45.0686 3928 Npfs - ok
01:29:45.0686 3928 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
01:29:45.0686 3928 nsi - ok
01:29:45.0686 3928 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:29:45.0686 3928 nsiproxy - ok
01:29:45.0701 3928 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:29:45.0717 3928 Ntfs - ok
01:29:45.0717 3928 [ 3F39F013168428C8E505A7B9E6CBA8A2 ] NTIOLib_1_0_3 C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys
01:29:45.0732 3928 NTIOLib_1_0_3 - ok
01:29:45.0732 3928 NTIOLib_1_0_C - ok
01:29:45.0732 3928 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
01:29:45.0732 3928 Null - ok
01:29:45.0732 3928 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
01:29:45.0732 3928 NVHDA - ok
01:29:45.0857 3928 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:29:45.0904 3928 nvlddmkm - ok
01:29:45.0920 3928 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:29:45.0920 3928 nvraid - ok
01:29:45.0920 3928 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:29:45.0920 3928 nvstor - ok
01:29:45.0935 3928 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
01:29:45.0935 3928 nvsvc - ok
01:29:45.0951 3928 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
01:29:45.0966 3928 nvUpdatusService - ok
01:29:45.0966 3928 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:29:45.0966 3928 nv_agp - ok
01:29:45.0966 3928 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:29:45.0966 3928 ohci1394 - ok
01:29:45.0982 3928 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:29:45.0982 3928 ose64 - ok
01:29:46.0013 3928 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:29:46.0060 3928 osppsvc - ok
01:29:46.0060 3928 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:29:46.0060 3928 p2pimsvc - ok
01:29:46.0076 3928 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
01:29:46.0076 3928 p2psvc - ok
01:29:46.0076 3928 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
01:29:46.0076 3928 Parport - ok
01:29:46.0091 3928 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:29:46.0091 3928 partmgr - ok
01:29:46.0091 3928 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:29:46.0091 3928 PcaSvc - ok
01:29:46.0091 3928 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
01:29:46.0091 3928 pci - ok
01:29:46.0091 3928 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
01:29:46.0107 3928 pciide - ok
01:29:46.0107 3928 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
01:29:46.0107 3928 pcmcia - ok
01:29:46.0107 3928 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
01:29:46.0107 3928 pcw - ok
01:29:46.0122 3928 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:29:46.0122 3928 PEAUTH - ok
01:29:46.0138 3928 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
01:29:46.0154 3928 PeerDistSvc - ok
01:29:46.0154 3928 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:29:46.0154 3928 PerfHost - ok
01:29:46.0169 3928 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
01:29:46.0185 3928 pla - ok
01:29:46.0200 3928 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:29:46.0200 3928 PlugPlay - ok
01:29:46.0200 3928 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:29:46.0200 3928 PNRPAutoReg - ok
01:29:46.0200 3928 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:29:46.0216 3928 PNRPsvc - ok
01:29:46.0216 3928 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:29:46.0216 3928 PolicyAgent - ok
01:29:46.0232 3928 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
01:29:46.0232 3928 Power - ok
01:29:46.0232 3928 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:29:46.0232 3928 PptpMiniport - ok
01:29:46.0232 3928 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
01:29:46.0232 3928 Processor - ok
01:29:46.0232 3928 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
01:29:46.0247 3928 ProfSvc - ok
01:29:46.0247 3928 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:29:46.0247 3928 ProtectedStorage - ok
01:29:46.0247 3928 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:29:46.0247 3928 Psched - ok
01:29:46.0247 3928 [ BC08F7F3C53CBEE68670ED1314E290FD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
01:29:46.0247 3928 PxHlpa64 - ok
01:29:46.0263 3928 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
01:29:46.0278 3928 ql2300 - ok
01:29:46.0278 3928 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
01:29:46.0278 3928 ql40xx - ok
01:29:46.0294 3928 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
01:29:46.0294 3928 QWAVE - ok
01:29:46.0294 3928 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:29:46.0294 3928 QWAVEdrv - ok
01:29:46.0294 3928 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:29:46.0294 3928 RasAcd - ok
01:29:46.0294 3928 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:29:46.0294 3928 RasAgileVpn - ok
01:29:46.0310 3928 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
01:29:46.0310 3928 RasAuto - ok
01:29:46.0310 3928 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:29:46.0310 3928 Rasl2tp - ok
01:29:46.0310 3928 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
01:29:46.0325 3928 RasMan - ok
01:29:46.0325 3928 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:29:46.0325 3928 RasPppoe - ok
01:29:46.0325 3928 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:29:46.0325 3928 RasSstp - ok
01:29:46.0325 3928 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:29:46.0341 3928 rdbss - ok
01:29:46.0341 3928 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
01:29:46.0341 3928 rdpbus - ok
01:29:46.0341 3928 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:29:46.0341 3928 RDPCDD - ok
01:29:46.0341 3928 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
01:29:46.0341 3928 RDPDR - ok
01:29:46.0341 3928 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:29:46.0341 3928 RDPENCDD - ok
01:29:46.0356 3928 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:29:46.0356 3928 RDPREFMP - ok
01:29:46.0356 3928 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
01:29:46.0356 3928 RdpVideoMiniport - ok
01:29:46.0356 3928 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:29:46.0356 3928 RDPWD - ok
01:29:46.0372 3928 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:29:46.0372 3928 rdyboost - ok
01:29:46.0372 3928 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:29:46.0372 3928 RemoteAccess - ok
01:29:46.0372 3928 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:29:46.0372 3928 RemoteRegistry - ok
01:29:46.0388 3928 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:29:46.0388 3928 RpcEptMapper - ok
01:29:46.0388 3928 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
01:29:46.0388 3928 RpcLocator - ok
01:29:46.0388 3928 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
01:29:46.0388 3928 RpcSs - ok
01:29:46.0403 3928 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:29:46.0403 3928 rspndr - ok
01:29:46.0403 3928 [ 6CF9DB101A75360E98659F823852E540 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
01:29:46.0403 3928 RTL8167 - ok
01:29:46.0419 3928 [ 9269EF78A780A3161087DF1BEC117DC8 ] RTL85n64 C:\Windows\system32\DRIVERS\RTL85n64.sys
01:29:46.0419 3928 RTL85n64 - ok
01:29:46.0419 3928 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
01:29:46.0419 3928 s3cap - ok
01:29:46.0419 3928 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
01:29:46.0419 3928 SamSs - ok
01:29:46.0419 3928 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:29:46.0434 3928 sbp2port - ok
01:29:46.0434 3928 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:29:46.0434 3928 SCardSvr - ok
01:29:46.0434 3928 [ 3A09F31454DFEFBB124BAF378F90B636 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
01:29:46.0450 3928 SCDEmu - ok
01:29:46.0450 3928 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:29:46.0450 3928 scfilter - ok
01:29:46.0466 3928 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
01:29:46.0481 3928 Schedule - ok
01:29:46.0481 3928 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
01:29:46.0481 3928 SCPolicySvc - ok
01:29:46.0481 3928 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:29:46.0481 3928 SDRSVC - ok
01:29:46.0497 3928 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:29:46.0497 3928 secdrv - ok
01:29:46.0497 3928 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
01:29:46.0497 3928 seclogon - ok
01:29:46.0497 3928 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
01:29:46.0497 3928 SENS - ok
01:29:46.0497 3928 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:29:46.0497 3928 SensrSvc - ok
01:29:46.0497 3928 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
01:29:46.0497 3928 Serenum - ok
01:29:46.0512 3928 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
01:29:46.0512 3928 Serial - ok
01:29:46.0512 3928 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
01:29:46.0512 3928 sermouse - ok
01:29:46.0512 3928 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
01:29:46.0512 3928 SessionEnv - ok
01:29:46.0528 3928 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:29:46.0528 3928 sffdisk - ok
01:29:46.0528 3928 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:29:46.0528 3928 sffp_mmc - ok
01:29:46.0528 3928 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:29:46.0528 3928 sffp_sd - ok
01:29:46.0528 3928 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
01:29:46.0528 3928 sfloppy - ok
01:29:46.0528 3928 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:29:46.0544 3928 SharedAccess - ok
01:29:46.0544 3928 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:29:46.0544 3928 ShellHWDetection - ok
01:29:46.0544 3928 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:29:46.0544 3928 SiSRaid2 - ok
01:29:46.0559 3928 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
01:29:46.0559 3928 SiSRaid4 - ok
01:29:46.0559 3928 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:29:46.0559 3928 Smb - ok
01:29:46.0559 3928 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:29:46.0559 3928 SNMPTRAP - ok
01:29:46.0559 3928 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
01:29:46.0559 3928 spldr - ok
01:29:46.0575 3928 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
01:29:46.0575 3928 Spooler - ok
01:29:46.0606 3928 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
01:29:46.0637 3928 sppsvc - ok
01:29:46.0637 3928 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:29:46.0637 3928 sppuinotify - ok
01:29:46.0637 3928 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
01:29:46.0653 3928 srv - ok
01:29:46.0653 3928 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:29:46.0653 3928 srv2 - ok
01:29:46.0653 3928 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:29:46.0653 3928 srvnet - ok
01:29:46.0668 3928 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:29:46.0668 3928 SSDPSRV - ok
01:29:46.0668 3928 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:29:46.0668 3928 SstpSvc - ok
01:29:46.0684 3928 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
01:29:46.0684 3928 Stereo Service - ok
01:29:46.0684 3928 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
01:29:46.0684 3928 stexstor - ok
01:29:46.0684 3928 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
01:29:46.0700 3928 stisvc - ok
01:29:46.0700 3928 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
01:29:46.0700 3928 storflt - ok
01:29:46.0700 3928 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
01:29:46.0700 3928 storvsc - ok
01:29:46.0700 3928 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
01:29:46.0700 3928 swenum - ok
01:29:46.0715 3928 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
01:29:46.0746 3928 SwitchBoard - ok
01:29:46.0746 3928 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
01:29:46.0762 3928 swprv - ok
01:29:46.0762 3928 Synth3dVsc - ok
01:29:46.0778 3928 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
01:29:46.0793 3928 SysMain - ok
01:29:46.0793 3928 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:29:46.0793 3928 TabletInputService - ok
01:29:46.0809 3928 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
01:29:46.0809 3928 TapiSrv - ok
01:29:46.0809 3928 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
01:29:46.0809 3928 TBS - ok
01:29:46.0824 3928 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:29:46.0840 3928 Tcpip - ok
01:29:46.0856 3928 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:29:46.0871 3928 TCPIP6 - ok
01:29:46.0871 3928 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:29:46.0871 3928 tcpipreg - ok
01:29:46.0871 3928 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:29:46.0871 3928 TDPIPE - ok
01:29:46.0871 3928 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:29:46.0871 3928 TDTCP - ok
01:29:46.0887 3928 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:29:46.0887 3928 tdx - ok
01:29:46.0887 3928 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
01:29:46.0887 3928 TermDD - ok
01:29:46.0902 3928 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
01:29:46.0902 3928 TermService - ok
01:29:46.0902 3928 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
01:29:46.0902 3928 Themes - ok
01:29:46.0902 3928 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
01:29:46.0902 3928 THREADORDER - ok
01:29:46.0918 3928 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
01:29:46.0918 3928 TrkWks - ok
01:29:46.0918 3928 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:29:46.0918 3928 TrustedInstaller - ok
01:29:46.0918 3928 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:29:46.0918 3928 tssecsrv - ok
01:29:46.0918 3928 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:29:46.0918 3928 TsUsbFlt - ok
01:29:46.0934 3928 tsusbhub - ok
01:29:46.0934 3928 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:29:46.0934 3928 tunnel - ok
01:29:46.0934 3928 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
01:29:46.0934 3928 uagp35 - ok
01:29:46.0934 3928 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:29:46.0949 3928 udfs - ok
01:29:46.0949 3928 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:29:46.0949 3928 UI0Detect - ok
01:29:46.0949 3928 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:29:46.0949 3928 uliagpkx - ok
01:29:46.0949 3928 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:29:46.0949 3928 umbus - ok
01:29:46.0949 3928 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
01:29:46.0949 3928 UmPass - ok
01:29:46.0965 3928 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
01:29:46.0965 3928 UmRdpService - ok
01:29:46.0965 3928 [ CABEC311CEA77EAEA3DC04A1ADFC0459 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
01:29:46.0965 3928 UNS - ok
01:29:46.0980 3928 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
01:29:46.0980 3928 upnphost - ok
01:29:46.0980 3928 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:29:46.0980 3928 usbccgp - ok
01:29:46.0980 3928 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:29:46.0996 3928 usbcir - ok
01:29:46.0996 3928 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
01:29:46.0996 3928 usbehci - ok
01:29:46.0996 3928 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:29:46.0996 3928 usbhub - ok
01:29:46.0996 3928 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:29:46.0996 3928 usbohci - ok
01:29:47.0012 3928 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:29:47.0012 3928 usbprint - ok
01:29:47.0012 3928 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:29:47.0012 3928 USBSTOR - ok
01:29:47.0012 3928 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
01:29:47.0012 3928 usbuhci - ok
01:29:47.0012 3928 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
01:29:47.0012 3928 UxSms - ok
01:29:47.0012 3928 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
01:29:47.0012 3928 VaultSvc - ok
01:29:47.0027 3928 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:29:47.0027 3928 vdrvroot - ok
01:29:47.0027 3928 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
01:29:47.0027 3928 vds - ok
01:29:47.0043 3928 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:29:47.0043 3928 vga - ok
01:29:47.0043 3928 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
01:29:47.0043 3928 VgaSave - ok
01:29:47.0043 3928 VGPU - ok
01:29:47.0043 3928 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:29:47.0043 3928 vhdmp - ok
01:29:47.0043 3928 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
01:29:47.0043 3928 viaide - ok
01:29:47.0058 3928 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
01:29:47.0058 3928 vmbus - ok
01:29:47.0058 3928 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
01:29:47.0058 3928 VMBusHID - ok
01:29:47.0058 3928 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:29:47.0058 3928 volmgr - ok
01:29:47.0058 3928 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:29:47.0074 3928 volmgrx - ok
01:29:47.0074 3928 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:29:47.0074 3928 volsnap - ok
01:29:47.0074 3928 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
01:29:47.0074 3928 vsmraid - ok
01:29:47.0090 3928 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
01:29:47.0105 3928 VSS - ok
01:29:47.0105 3928 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
01:29:47.0105 3928 vwifibus - ok
01:29:47.0121 3928 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
01:29:47.0121 3928 vwififlt - ok
01:29:47.0121 3928 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
01:29:47.0121 3928 W32Time - ok
01:29:47.0121 3928 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
01:29:47.0121 3928 WacomPen - ok
01:29:47.0136 3928 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:29:47.0136 3928 WANARP - ok
01:29:47.0136 3928 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:29:47.0136 3928 Wanarpv6 - ok
01:29:47.0152 3928 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
01:29:47.0152 3928 WatAdminSvc - ok
01:29:47.0168 3928 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
01:29:47.0183 3928 wbengine - ok
01:29:47.0183 3928 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:29:47.0183 3928 WbioSrvc - ok
01:29:47.0199 3928 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:29:47.0199 3928 wcncsvc - ok
01:29:47.0199 3928 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:29:47.0199 3928 WcsPlugInService - ok
01:29:47.0199 3928 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
01:29:47.0199 3928 Wd - ok
01:29:47.0214 3928 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:29:47.0214 3928 Wdf01000 - ok
01:29:47.0230 3928 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:29:47.0230 3928 WdiServiceHost - ok
01:29:47.0230 3928 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:29:47.0230 3928 WdiSystemHost - ok
01:29:47.0230 3928 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
01:29:47.0230 3928 WebClient - ok
01:29:47.0246 3928 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:29:47.0246 3928 Wecsvc - ok
01:29:47.0246 3928 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:29:47.0246 3928 wercplsupport - ok
01:29:47.0246 3928 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
01:29:47.0246 3928 WerSvc - ok
01:29:47.0261 3928 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:29:47.0261 3928 WfpLwf - ok
01:29:47.0261 3928 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:29:47.0261 3928 WIMMount - ok
01:29:47.0261 3928 WinDefend - ok
01:29:47.0261 3928 WinHttpAutoProxySvc - ok
01:29:47.0261 3928 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:29:47.0277 3928 Winmgmt - ok
01:29:47.0292 3928 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
01:29:47.0308 3928 WinRM - ok
01:29:47.0324 3928 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
01:29:47.0324 3928 Wlansvc - ok
01:29:47.0324 3928 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:29:47.0324 3928 WmiAcpi - ok
01:29:47.0339 3928 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:29:47.0339 3928 wmiApSrv - ok
01:29:47.0339 3928 WMPNetworkSvc - ok
01:29:47.0339 3928 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:29:47.0339 3928 WPCSvc - ok
01:29:47.0339 3928 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:29:47.0339 3928 WPDBusEnum - ok
01:29:47.0355 3928 [ 7CA09731EB7FC99B910C7F239E57720F ] WPRO_41_2001 C:\Windows\system32\drivers\WPRO_41_2001.sys
01:29:47.0355 3928 WPRO_41_2001 - ok
01:29:47.0355 3928 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:29:47.0355 3928 ws2ifsl - ok
01:29:47.0355 3928 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
01:29:47.0355 3928 wscsvc - ok
01:29:47.0370 3928 WSearch - ok
01:29:47.0386 3928 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
01:29:47.0402 3928 wuauserv - ok
01:29:47.0402 3928 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:29:47.0417 3928 WudfPf - ok
01:29:47.0417 3928 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:29:47.0417 3928 WUDFRd - ok
01:29:47.0417 3928 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:29:47.0417 3928 wudfsvc - ok
01:29:47.0417 3928 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
01:29:47.0433 3928 WwanSvc - ok
01:29:47.0433 3928 ================ Scan global ===============================
01:29:47.0433 3928 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
01:29:47.0433 3928 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
01:29:47.0448 3928 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
01:29:47.0448 3928 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
01:29:47.0448 3928 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
01:29:47.0448 3928 [Global] - ok
01:29:47.0448 3928 ================ Scan MBR ==================================
01:29:47.0464 3928 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:29:47.0495 3928 \Device\Harddisk0\DR0 - ok
01:29:47.0526 3928 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
01:29:47.0604 3928 \Device\Harddisk1\DR1 - ok
01:29:47.0604 3928 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2

Log file ASWMBR

01:32:00.952 OS Version: Windows x64 6.1.7601 Service Pack 1
01:32:00.952 Number of processors: 8 586 0x3A09
01:32:00.952 ComputerName: RNIEUWHOF1 UserName: rnieuwhof
01:32:01.092 Initialize success
01:34:10.977 AVAST engine defs: 13020601
01:34:43.864 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
01:34:43.874 Disk 0 Vendor: SAMSUNG_SSD_830_Series CXM03B1Q Size: 122104MB BusType: 11
01:34:43.874 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2
01:34:43.874 Disk 1 Vendor: ST2000DM001-9YN164 CC4B Size: 1907729MB BusType: 11
01:34:43.874 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-3
01:34:43.884 Disk 2 Vendor: Hitachi_HDP725025GLA380 GM2OA5CA Size: 238475MB BusType: 11
01:34:43.884 Disk 0 MBR read successfully
01:34:43.884 Disk 0 MBR scan
01:34:43.894 Disk 0 Windows 7 default MBR code
01:34:43.894 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
01:34:43.914 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 122001 MB offset 206848
01:34:43.954 Disk 0 scanning C:\Windows\system32\drivers
01:34:47.974 Service scanning
01:34:54.034 Service MSICDSetup D:\CDriver64.sys **LOCKED** 21
01:34:54.644 Service NTIOLib_1_0_C D:\NTIOLib_X64.sys **LOCKED** 21
01:35:00.564 Modules scanning
01:35:00.564 Disk 0 trace - called modules:
01:35:00.574 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
01:35:00.574 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800d7e2790]
01:35:00.584 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800d5b2060]
01:35:00.714 AVAST engine scan C:\Windows
01:35:01.304 AVAST engine scan C:\Windows\system32
01:36:31.483 AVAST engine scan C:\Windows\system32\drivers
01:36:36.123 AVAST engine scan C:\Users\rnieuwhof
01:37:41.533 Disk 0 MBR has been saved successfully to "C:\Users\rnieuwhof\Desktop\MBR.dat"
01:37:41.563 The log file has been saved successfully to "C:\Users\rnieuwhof\Desktop\aswMBR.txt"

MiniToolBox by Farbar Version:10-01-2013
Ran by rnieuwhof (administrator) on 07-02-2013 at 01:39:47
Running from "C:\Users\rnieuwhof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8B7ARLM"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP-configuratie

De DNS-omzettingscache is leeggemaakt.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost


192.157.56.28 www.google-analytics.com.
192.157.56.28 ad-emea.doubleclick.net.
192.157.56.28 www.statcounter.com.
192.157.56.28 connect.facebook.net.
192.157.56.28 platform.twitter.com.
93.115.241.27 www.google-analytics.com.
93.115.241.27 ad-emea.doubleclick.net.
93.115.241.27 www.statcounter.com.
93.115.241.27 connect.facebook.net.
93.115.241.27 platform.twitter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Linksys AE2500 = Draadloze netwerkverbinding 3 (Connected)
Realtek PCIe GBE Family Controller = LAN-verbinding (Media disconnected)
Realtek 8185 Extensible 802.11b/g-draadloos apparaat = Draadloze netwerkverbinding 2 (Media disconnected)


# ----------------------------------
# IPv4-configuratie
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Draadloze netwerkverbinding 2" nexthop=192.168.1.1 publish=Ja


popd
# Einde van IPv4-configuratie



Windows IP-configuratie

Hostnaam . . . . . . . . . . . . : RNIEUWHOF1
Primair DNS-achtervoegsel . . . . :
Knooppunttype . . . . . . . . . . : hybride
IP-routering ingeschakeld . . . . : nee
WINS-proxy ingeschakeld . . . . . : nee

Draadloos LAN-adapter voor Draadloze netwerkverbinding 3:

Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Linksys AE2500
Fysiek adres. . . . . . . . . . . : C0-C1-C0-6C-E6-DB
DHCP ingeschakeld . . . . . . . . : ja
Autom. configuratie ingeschakeld : ja
Link-local IPv6-adres . . . . . . : fe80::dd1d:c05c:d37a:19ac%15(voorkeur)
IPv4-adres. . . . . . . . . . . . : 192.168.1.105(voorkeur)
Subnetmasker. . . . . . . . . . . : 255.255.255.0
Lease verkregen . . . . . . . . . : donderdag 7 februari 2013 1:17:09
Lease verlopen. . . . . . . . . . : vrijdag 8 februari 2013 1:17:09
Standaardgateway. . . . . . . . . : 192.168.1.1
DHCP-server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 432062912
DHCPv6-client DUID. . . . . . . . : 00-01-00-01-18-28-39-32-8C-89-A5-CB-90-E0
DNS-servers . . . . . . . . . . . : 212.54.40.25
212.54.35.25
NetBIOS via TCPIP . . . . . . . . : ingeschakeld

Draadloos LAN-adapter voor Draadloze netwerkverbinding 2:

Mediumstatus. . . . . . . . . . . : medium ontkoppeld
Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Realtek 8185 Extensible 802.11b/g-draadloos apparaat
Fysiek adres. . . . . . . . . . . : 00-11-6B-63-78-C3
DHCP ingeschakeld . . . . . . . . : ja
Autom. configuratie ingeschakeld : ja

Ethernet-adapter voor LAN-verbinding:

Mediumstatus. . . . . . . . . . . : medium ontkoppeld
Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Realtek PCIe GBE Family Controller
Fysiek adres. . . . . . . . . . . : 8C-89-A5-CB-90-E0
DHCP ingeschakeld . . . . . . . . : ja
Autom. configuratie ingeschakeld : ja

Tunnel-adapter voor isatap.{517946B2-850B-46A1-8950-D645B2277274}:

Mediumstatus. . . . . . . . . . . : medium ontkoppeld
Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter
Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP ingeschakeld . . . . . . . . : nee
Autom. configuratie ingeschakeld : ja

Tunnel-adapter voor Teredo Tunneling Pseudo-Interface:

Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP ingeschakeld . . . . . . . . : nee
Autom. configuratie ingeschakeld : ja
IPv6-adres. . . . . . . . . . . . : 2001:0:5ef5:79fd:2c8b:2f37:a12f:671c(voorkeur)
Link-local IPv6-adres . . . . . . : fe80::2c8b:2f37:a12f:671c%11(voorkeur)
Standaardgateway. . . . . . . . . : ::
NetBIOS via TCPIP . . . . . . . . : uitgeschakeld
Server: dns.tb.iss.as9143.net
Address: 212.54.40.25

Naam: google.com
Addresses: 2a00:1450:400c:c06::66
74.125.132.139
74.125.132.101
74.125.132.102
74.125.132.100
74.125.132.138
74.125.132.113


Pingen naar google.com [74.125.132.139] met 32 bytes aan gegevens:
Antwoord van 74.125.132.139: bytes=32 tijd=17 ms TTL=48
Antwoord van 74.125.132.139: bytes=32 tijd=15 ms TTL=48

Ping-statistieken voor 74.125.132.139:
Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
(0% verlies).

De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
Minimum = 15ms, Maximum = 17ms, Gemiddelde = 16ms
Server: dns.tb.iss.as9143.net
Address: 212.54.40.25

Naam: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109


Pingen naar yahoo.com [98.139.183.24] met 32 bytes aan gegevens:
Antwoord van 98.139.183.24: bytes=32 tijd=217 ms TTL=49
Antwoord van 98.139.183.24: bytes=32 tijd=247 ms TTL=49

Ping-statistieken voor 98.139.183.24:
Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
(0% verlies).

De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
Minimum = 217ms, Maximum = 247ms, Gemiddelde = 232ms

Pingen naar 127.0.0.1 met 32 bytes aan gegevens:
Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128
Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128

Ping-statistieken voor 127.0.0.1:
Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
(0% verlies).

De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
Minimum = 0ms, Maximum = 0ms, Gemiddelde = 0ms
===========================================================================
Interfacelijst
15...c0 c1 c0 6c e6 db ......Linksys AE2500
14...00 11 6b 63 78 c3 ......Realtek 8185 Extensible 802.11b/g-draadloos apparaat
10...8c 89 a5 cb 90 e0 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 routetabel
===========================================================================
Actieve routes:
Netwerkadres Netmasker Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.105 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.105 281
192.168.1.105 255.255.255.255 On-link 192.168.1.105 281
192.168.1.255 255.255.255.255 On-link 192.168.1.105 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.105 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.105 281
===========================================================================
Permanente routes:
Netwerkadres Netmask Gateway-adres Metric
0.0.0.0 0.0.0.0 192.168.1.1 Standaard
===========================================================================

IPv6 routetabel
===========================================================================
Actieve routes:
Indien metrische netwerkbestemming Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:5ef5:79fd:2c8b:2f37:a12f:671c/128
On-link
15 281 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::2c8b:2f37:a12f:671c/128
On-link
15 281 fe80::dd1d:c05c:d37a:19ac/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Permanente routes:
Geen
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/07/2013 01:17:06 AM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: DefaultTabSearch.exe, versie: 0.0.0.0, tijdstempel: 0x509b4379
Naam van module met fout: DefaultTabSearch.exe, versie: 0.0.0.0, tijdstempel: 0x509b4379
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00002c90
Id van proces met fout: 0x964
Starttijd van toepassing met fout: 0xDefaultTabSearch.exe0
Pad naar toepassing met fout: DefaultTabSearch.exe1
Pad naar module met fout: DefaultTabSearch.exe2
Rapport-id: DefaultTabSearch.exe3

Error: (02/07/2013 01:17:04 AM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (02/05/2013 09:56:14 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (02/03/2013 03:49:04 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (02/01/2013 08:19:05 AM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (01/31/2013 10:30:13 PM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: iexplore.exe, versie: 9.0.8112.16457, tijdstempel: 0x50a2f9e3
Naam van module met fout: MSHTML.dll, versie: 9.0.8112.16457, tijdstempel: 0x50a30507
Uitzonderingscode: 0xc00000fd
Foutoffset: 0x00419c5d
Id van proces met fout: 0x12b8
Starttijd van toepassing met fout: 0xiexplore.exe0
Pad naar toepassing met fout: iexplore.exe1
Pad naar module met fout: iexplore.exe2
Rapport-id: iexplore.exe3

Error: (01/31/2013 10:15:33 PM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: iexplore.exe, versie: 9.0.8112.16457, tijdstempel: 0x50a2f9e3
Naam van module met fout: MSHTML.dll, versie: 9.0.8112.16457, tijdstempel: 0x50a30507
Uitzonderingscode: 0xc00000fd
Foutoffset: 0x002b8789
Id van proces met fout: 0x8f4
Starttijd van toepassing met fout: 0xiexplore.exe0
Pad naar toepassing met fout: iexplore.exe1
Pad naar module met fout: iexplore.exe2
Rapport-id: iexplore.exe3

Error: (01/31/2013 08:40:44 PM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: DefaultTabSearch.exe, versie: 0.0.0.0, tijdstempel: 0x509b4379
Naam van module met fout: DefaultTabSearch.exe, versie: 0.0.0.0, tijdstempel: 0x509b4379
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00002c90
Id van proces met fout: 0x964
Starttijd van toepassing met fout: 0xDefaultTabSearch.exe0
Pad naar toepassing met fout: DefaultTabSearch.exe1
Pad naar module met fout: DefaultTabSearch.exe2
Rapport-id: DefaultTabSearch.exe3

Error: (01/31/2013 08:40:42 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (01/29/2013 07:11:52 PM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: DefaultTabSearch.exe, versie: 0.0.0.0, tijdstempel: 0x509b4379
Naam van module met fout: DefaultTabSearch.exe, versie: 0.0.0.0, tijdstempel: 0x509b4379
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00002c90
Id van proces met fout: 0x974
Starttijd van toepassing met fout: 0xDefaultTabSearch.exe0
Pad naar toepassing met fout: DefaultTabSearch.exe1
Pad naar module met fout: DefaultTabSearch.exe2
Rapport-id: DefaultTabSearch.exe3


System errors:
=============
Error: (02/07/2013 01:17:44 AM) (Source: Service Control Manager) (User: )
Description: De Superfetch-service is gestopt met de volgende foutcode:
%%2.

Error: (02/07/2013 01:17:06 AM) (Source: Service Control Manager) (User: )
Description: De DefaultTabSearch-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.

Error: (02/05/2013 09:56:54 PM) (Source: Service Control Manager) (User: )
Description: De Superfetch-service is gestopt met de volgende foutcode:
%%2.

Error: (02/03/2013 03:49:44 PM) (Source: Service Control Manager) (User: )
Description: De Superfetch-service is gestopt met de volgende foutcode:
%%2.

Error: (02/01/2013 08:19:45 AM) (Source: Service Control Manager) (User: )
Description: De Superfetch-service is gestopt met de volgende foutcode:
%%2.

Error: (01/31/2013 08:41:23 PM) (Source: Service Control Manager) (User: )
Description: De Superfetch-service is gestopt met de volgende foutcode:
%%2.

Error: (01/31/2013 08:40:44 PM) (Source: Service Control Manager) (User: )
Description: De DefaultTabSearch-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.

Error: (01/29/2013 07:12:30 PM) (Source: Service Control Manager) (User: )
Description: De Superfetch-service is gestopt met de volgende foutcode:
%%2.

Error: (01/29/2013 07:11:52 PM) (Source: Service Control Manager) (User: )
Description: De DefaultTabSearch-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.

Error: (01/28/2013 07:55:54 PM) (Source: Service Control Manager) (User: )
Description: De Superfetch-service is gestopt met de volgende foutcode:
%%2.


Microsoft Office Sessions:
=========================
Error: (02/07/2013 01:17:06 AM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.0509b4379DefaultTabSearch.exe0.0.0.0509b4379c000000500002c9096401ce04c8745f1f18C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeb3e50dc7-70bb-11e2-a703-c0c1c06ce6db

Error: (02/07/2013 01:17:04 AM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (02/05/2013 09:56:14 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (02/03/2013 03:49:04 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (02/01/2013 08:19:05 AM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (01/31/2013 10:30:13 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1645750a2f9e3MSHTML.dll9.0.8112.1645750a30507c00000fd00419c5d12b801cdfffa06000bc0C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll6516d115-6bed-11e2-a4ce-8c89a5cb90e0

Error: (01/31/2013 10:15:33 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1645750a2f9e3MSHTML.dll9.0.8112.1645750a30507c00000fd002b87898f401cdfff3e3fd3cffC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll58919fc8-6beb-11e2-a4ce-8c89a5cb90e0

Error: (01/31/2013 08:40:44 PM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.0509b4379DefaultTabSearch.exe0.0.0.0509b4379c000000500002c9096401cdffeada63ae4eC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe19b127ba-6bde-11e2-a4ce-c0c1c06ce6db

Error: (01/31/2013 08:40:42 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (01/29/2013 07:11:52 PM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.0509b4379DefaultTabSearch.exe0.0.0.0509b4379c000000500002c9097401cdfe4c1b0ff3e3C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe5ad82b3a-6a3f-11e2-9feb-8c89a5cb90e0


CodeIntegrity Errors:
===================================
Date: 2013-01-06 18:41:23.865
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\dxgi.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Help Manager (Version: 4.0.244)
Adobe Premiere Pro CS6 (Version: 6.0)
Adobe Reader XI (11.0.01) - Nederlands (Version: 11.0.01)
µTorrent (Version: 3.2.1.28086)
bl (Version: 1.0.0)
DefaultTab (Version: 1.3.1.0)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dropbox (Version: 1.6.16)
Google Chrome (Version: 24.0.1312.57)
Google Update Helper (Version: 1.3.21.123)
Gygan
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 8.0.3.1427)
Intel® Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.4.220)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Malwarebytes Anti-Malware versie 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile NLD Language Pack (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 18.0.2 (x86 nl) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
NVIDIA-configuratiescherm 306.97 (Version: 306.97)
NVIDIA 3D Vision controllerstuurprogramma 306.97 (Version: 306.97)
NVIDIA 3D Vision stuurprogramma 306.97 (Version: 306.97)
NVIDIA Grafisch stuurprogramma 306.97 (Version: 306.97)
NVIDIA HD Audio-stuurprogramma 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0613)
NVIDIA PhysX systeemsoftware 9.12.0613 (Version: 9.12.0613)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
ph (Version: 1.0.0)
PowerISO (Version: 5.4)
Realtek Ethernet Controller Driver (Version: 7.50.1123.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6586)
Spotnet (Version: 1.8.1)
Super-Charger (Version: 1.2.006)
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (Version: 4.0.30319)
TornTV (Version: 2.1 Build 26473)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Verzoek of wijziging voorlopige aanslag 2013
VIO Player version 1.0.1 (Version: 1.0.1)
VLC media player 2.0.5 (Version: 2.0.5)
Winki (Version: 3.2.121)
Yontoo 1.10.03 (Version: 1.10.03)

========================= Memory info: ===================================

Percentage of memory in use: 14%
Total physical RAM: 16317.45 MB
Available physical RAM: 14014.36 MB
Total Pagefile: 32633.1 MB
Available Pagefile: 30149.64 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.75 MB

========================= Partitions: =====================================

1 Drive c: (System) (Fixed) (Total:119.14 GB) (Free:53.1 GB) NTFS
3 Drive e: (Data) (Fixed) (Total:1863.01 GB) (Free:1759.17 GB) NTFS
4 Drive h: (Hitachi) (Fixed) (Total:232.88 GB) (Free:147.46 GB) exFAT

========================= Users: ========================================

Gebruikersaccounts voor \\RNIEUWHOF1

Administrator Gast rnieuwhof
UpdatusUser
De opdracht is voltooid.


**** End of log ****

Edited by Robinn1987, 06 February 2013 - 07:44 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:50 PM

Posted 06 February 2013 - 11:19 PM

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    Posted Image

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. Note: If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.

===================================================



Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop. If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download. You can also right click on the link and select Save Link As
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Search
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well

===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply

===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:

  • In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.

===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • ESET results
  • Farbar's Service Scanner log
  • AdwVleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

Edited by narenxp, 07 February 2013 - 03:46 AM.


#3 Robinn1987

Robinn1987
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:50 PM

Posted 07 February 2013 - 06:00 PM

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Databaseversie: v2013.02.07.10

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

rnieuwhof :: RNIEUWHOF1 [administrator]

7-2-2013 23:34:27

mbam-log-2013-02-07 (23-34-27).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems |
Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP |
PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 231880

Verstreken tijd: 53 seconde(n)

 

Geheugenprocessen gedetecteerd: 0


(Geen kwaadaardige objecten gedetecteerd)

 

Geheugenmodulen gedetecteerd: 0

 

(Geen kwaadaardige objecten gedetecteerd)

 

Registersleutels gedetecteerd: 0

 

(Geen kwaadaardige objecten gedetecteerd)

 

Registerwaarden gedetecteerd: 0

 

(Geen kwaadaardige objecten gedetecteerd)

 

Registerdata gedetecteerd: 0

 

(Geen kwaadaardige objecten gedetecteerd)

 

Mappen gedetecteerd: 0

 

(Geen kwaadaardige objecten gedetecteerd)

 

Bestanden gedetecteerd: 0

 

(Geen kwaadaardige objecten gedetecteerd)

 

 

Farbar Service Scanner Version: 30-01-2013

Ran by rnieuwhof (administrator) on 07-02-2013 at 23:38:03

Running from "C:\Users\rnieuwhof\Desktop"

Windows 7 Ultimate Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

 

============

 

Connection Status:

 

==============


Localhost is accessible.


LAN connected.


Attempt to access Google IP returned error. Google IP is
offline


 

Google.com is accessible.



 

Yahoo IP is accessible.



 

Yahoo.com is accessible.



 

 



 

Windows Firewall:



 

=============



 

Firewall Disabled Policy:



 

==================



 

System Restore:



 

============



 

System Restore Disabled Policy:



 

========================



 

Action Center:



 

============



 

Windows Update:



 

============



 

Windows Autoupdate Disabled Policy:



 

============================



 

Windows Defender:



 

==============



 

WinDefend Service is not running. Checking service
configuration:



 

The start type of WinDefend service is set to Demand. The
default start type is Auto.



 

The ImagePath of WinDefend service is OK.



 

The ServiceDll of WinDefend service is OK.



 

 



 

Windows Defender Disabled Policy:



 

==========================



 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]



 

"DisableAntiSpyware"=DWORD:1



 

Other Services:



 

==============



 

File Check:



 

========



 

C:\Windows\System32\nsisvc.dll => MD5 is legit



 

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit



 

C:\Windows\System32\dhcpcore.dll => MD5 is legit



 

C:\Windows\System32\drivers\afd.sys => MD5 is legit



 

C:\Windows\System32\drivers\tdx.sys => MD5 is legit



 

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit



 

C:\Windows\System32\dnsrslvr.dll => MD5 is legit



 

C:\Windows\System32\mpssvc.dll => MD5 is legit



 

C:\Windows\System32\bfe.dll => MD5 is legit



 

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit



 

C:\Windows\System32\SDRSVC.dll => MD5 is legit



 

C:\Windows\System32\vssvc.exe => MD5 is legit



 

C:\Windows\System32\wscsvc.dll => MD5 is legit



 

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit



 

C:\Windows\System32\wuaueng.dll => MD5 is legit



 

C:\Windows\System32\qmgr.dll => MD5 is legit



 

C:\Windows\System32\es.dll => MD5 is legit



 

C:\Windows\System32\cryptsvc.dll => MD5 is legit



 

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is
legit



 

C:\Windows\System32\ipnathlp.dll => MD5 is legit



 

C:\Windows\System32\iphlpsvc.dll => MD5 is legit



 

C:\Windows\System32\svchost.exe => MD5 is legit



 

C:\Windows\System32\rpcss.dll => MD5 is legit



 

**** End of log ****



 

 



 

 



 

 



 

 



 

 



 

 



 

 



 

 



 

 



 

 



 

 



 

# AdwCleaner v2.111 - Verslag gemaakt op 07/02/2013 om
23:41:02



 

# Geactualiseerd op 05/02/2013 door Xplode



 

# Besturingssysteem : Windows 7 Ultimate Service Pack 1 (64
bits)



 

# Gebruiker : rnieuwhof - RNIEUWHOF1



 

# Opstarten Modus : Normale modus



 

# Gelanceerd vanaf :
C:\Users\rnieuwhof\Desktop\AdwCleaner.exe



 

# Optie [Zoeken]



 

 



 

 



 

***** [Diensten] *****



 

 



 

Aanwezig : DefaultTabSearch



 

Aanwezig : DefaultTabUpdate



 

 



 

***** [Files / Mappen] *****



 

 



 

File Aanwezig : C:\Program Files (x86)\Mozilla
Firefox\searchplugins\babylon.xml



 

File Aanwezig :
C:\Users\rnieuwhof\AppData\Roaming\Mozilla\Firefox\Profiles\0rwlh6xh.default\bprotector_prefs.js



 

File Aanwezig :
C:\Users\rnieuwhof\AppData\Roaming\Mozilla\Firefox\Profiles\0rwlh6xh.default\searchplugins\babylon1.xml



 

File Aanwezig : C:\Users\rnieuwhof\AppData\Roaming\Mozilla\Firefox\Profiles\0rwlh6xh.default\searchplugins\search-here.xml



 

Map Aanwezig : C:\Program Files (x86)\DefaultTab



 

Map Aanwezig : C:\Program Files (x86)\Yontoo



 

Map Aanwezig : C:\ProgramData\Babylon



 

Map Aanwezig : C:\ProgramData\Tarma Installer



 

Map Aanwezig :
C:\Users\rnieuwhof\AppData\Local\Google\Chrome\User
Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc



 

Map Aanwezig : C:\Users\rnieuwhof\AppData\Roaming\Babylon



 

Map Aanwezig : C:\Users\rnieuwhof\AppData\Roaming\DefaultTab



 

 



 

***** [Register] *****



 

 



 

Sleutel Aanwezig : HKCU\Software\1ClickDownload



 

Sleutel Aanwezig :
HKCU\Software\AppDataLow\Software\DefaultTab



 

Sleutel Aanwezig : HKCU\Software\BabylonToolbar



 

Sleutel Aanwezig : HKCU\Software\DataMngr



 

Sleutel Aanwezig : HKCU\Software\DataMngr_Toolbar



 

Sleutel Aanwezig : HKCU\Software\Default Tab



 

Sleutel Aanwezig : HKCU\Software\DefaultTab



 

Sleutel Aanwezig :
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}



 

Sleutel Aanwezig :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings



 

Sleutel Aanwezig :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}



 

Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}



 

Sleutel Aanwezig :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}



 

Sleutel Aanwezig : HKCU\Software\Softonic



 

Sleutel Aanwezig : HKCU\Software\e28dd0e53bed13



 

Sleutel Aanwezig : HKLM\Software\Babylon



 

Sleutel Aanwezig : HKLM\Software\BabylonToolbar



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}



 

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Prod.cap



 

Sleutel Aanwezig : HKLM\Software\DataMngr



 

Sleutel Aanwezig : HKLM\Software\Default Tab



 

Sleutel Aanwezig : HKLM\Software\DefaultTab



 

Sleutel Aanwezig : HKLM\Software\Iminent



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32



 

Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}



 

Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\e28dd0e53bed13



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar



 

Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}



 

Sleutel Aanwezig :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar



 

Sleutel Aanwezig : HKLM\SOFTWARE\Tarma Installer



 

***** [Browsers] *****



 

-\\ Internet Explorer v9.0.8112.16457



 

 



 

 



 

 



 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



 

Junkware Removal Tool (JRT) by Thisisu



 

Version: 4.6.2 (02.02.2013:2)



 

OS: Windows 7 Ultimate x64



 

Ran by rnieuwhof on do 07-02-2013 at 23:43:03,50



 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



 

 



 

~~~ Services



 

Successfully stopped: [Service] defaulttabsearch



 

Successfully deleted: [Service] defaulttabsearch



 

Successfully stopped: [Service] defaulttabupdate



 

Successfully deleted: [Service] defaulttabupdate



 

 



 

~~~ Registry Values



 

~~~ Registry Keys



 

 



 

Successfully deleted: [Registry Key]
hkey_current_user\software\1clickdownload



 

Successfully deleted: [Registry Key]
hkey_local_machine\software\babylon



 

Successfully deleted: [Registry Key]
hkey_current_user\software\babylontoolbar



 

Successfully deleted: [Registry Key]
hkey_local_machine\software\babylontoolbar



 

Failed to delete: [Registry Key]
hkey_current_user\software\datamngr



 

Failed to delete: [Registry Key]
hkey_local_machine\software\datamngr



 

Failed to delete: [Registry Key]
hkey_current_user\software\datamngr_toolbar



 

Successfully deleted: [Registry Key]
hkey_current_user\software\default tab



 

Successfully deleted: [Registry Key]
hkey_local_machine\software\default tab



 

Successfully deleted: [Registry Key]
hkey_current_user\software\defaulttab



 

Successfully deleted: [Registry Key]
hkey_local_machine\software\defaulttab



 

Successfully deleted: [Registry Key]
hkey_local_machine\software\iminent



 

Successfully deleted: [Registry Key] hkey_current_user\software\softonic



 

Successfully deleted: [Registry Key]
hkey_current_user\software\sweetim



 

Successfully deleted: [Registry Key]
hkey_local_machine\software\sweetim



 

Successfully deleted: [Registry Key]
hkey_current_user\software\appdatalow\software\defaulttab



 

Successfully deleted: [Registry Key]
hkey_current_user\software\microsoft\windows\currentversion\ext\bprotectsettings



 

Successfully deleted: [Registry Key]
hkey_local_machine\software\classes\prod.cap



 

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasapi32



 

Successfully deleted: [Registry Key]
hkey_local_machine\software\microsoft\tracing\mybabylontb_rasmancs



 

Failed to delete: [Registry Key]
hkey_local_machine\software\wow6432node\datamngr



 

Successfully deleted: [Registry Key]
hkey_classes_root\clsid\{7f6afbf1-e065-4627-a2fd-810366367d01}



 

Successfully deleted: [Registry Key]
hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser
helper objects\{7f6afbf1-e065-4627-a2fd-810366367d01}



 

~~~ Files



 

~~~ Folders



 

Successfully deleted: [Folder]
"C:\ProgramData\babylon"



 

Successfully deleted: [Folder] "C:\ProgramData\tarma
installer"



 

Successfully deleted: [Folder]
"C:\Users\rnieuwhof\AppData\Roaming\babylon"



 

Successfully deleted: [Folder]
"C:\Users\rnieuwhof\AppData\Roaming\defaulttab"



 

Successfully deleted: [Folder] "C:\Program Files
(x86)\defaulttab"



 

Successfully deleted: [Folder] "C:\Program Files
(x86)\yontoo"



 

 



 

~~~ FireFox



 

Successfully deleted: [File] "C:\Program Files
(x86)\Mozilla Firefox\searchplugins\babylon.xml"



 

Successfully deleted: [File]
C:\Users\rnieuwhof\AppData\Roaming\mozilla\firefox\profiles\0rwlh6xh.default\user.js



 

Successfully deleted: [File]
C:\Users\rnieuwhof\AppData\Roaming\mozilla\firefox\profiles\0rwlh6xh.default\bprotector_prefs.js



 

Successfully deleted: [File]
C:\Users\rnieuwhof\AppData\Roaming\mozilla\firefox\profiles\0rwlh6xh.default\searchplugins\search-here.xml



 

Successfully deleted the following from
C:\Users\rnieuwhof\AppData\Roaming\mozilla\firefox\profiles\0rwlh6xh.default\prefs.js



 

 



 

user_pref("avg.install.userHPSettings",
"hxxp://search.babylon.com/?affID=109220&tt=010113_def_0113_4&babsrc=HP_ss&mntrId=e4c9a71b000000000000c0c1c06ce6db");



 

user_pref("avg.install.userSPSettings", "Search
the web (Babylon)");



 

user_pref("browser.search.selectedEngine",
"Search the web (Babylon)");



 

user_pref("browser.startup.homepage",
"hxxp://search.babylon.com/?affID=109220&tt=010113_def_0113_4&babsrc=HP_ss&mntrId=e4c9a71b000000000000c0c1c06ce6db");



 

user_pref("extensions.BabylonToolbar.admin",
false);



 

user_pref("extensions.BabylonToolbar.aflt",
"babsst");



 

user_pref("extensions.BabylonToolbar.appId",
"{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");



 

user_pref("extensions.BabylonToolbar.autoRvrt",
"false");



 

user_pref("extensions.BabylonToolbar.dfltLng",
"en");



 

user_pref("extensions.BabylonToolbar.excTlbr",
false);



 

user_pref("extensions.BabylonToolbar.id",
"e4c9a71b000000000000c0c1c06ce6db");



 

user_pref("extensions.BabylonToolbar.instlDay",
"15706");



 

user_pref("extensions.BabylonToolbar.instlRef",
"sst");



 

user_pref("extensions.BabylonToolbar.prdct",
"BabylonToolbar");



 

user_pref("extensions.BabylonToolbar.prtnrId",
"babylon");



 

user_pref("extensions.BabylonToolbar.rvrt",
"false");



 

user_pref("extensions.BabylonToolbar.tlbrId",
"base");



 

user_pref("extensions.BabylonToolbar.tlbrSrchUrl",
"hxxp://search.babylon.com/?babsrc=TB_def&mntrId=e4c9a71b000000000000c0c1c06ce6db&q=");



 

user_pref("extensions.BabylonToolbar.vrsn",
"1.8.7.2");



 

user_pref("extensions.BabylonToolbar.vrsni",
"1.8.7.2");



 

user_pref("extensions.BabylonToolbar_i.babExt",
"");



 

user_pref("extensions.BabylonToolbar_i.babTrack",
"affID=109220&tt=010113_def_0113_4");



 

user_pref("extensions.BabylonToolbar_i.excTlbr",
false);



 

user_pref("extensions.BabylonToolbar_i.newTab",
false);



 

user_pref("extensions.BabylonToolbar_i.smplGrp",
"none");



 

user_pref("extensions.BabylonToolbar_i.srcExt",
"ss");



 

user_pref("extensions.BabylonToolbar_i.vrsnTs",
"1.8.7.222:35:25");



 

Emptied folder: C:\Users\rnieuwhof\AppData\Roaming\mozilla\firefox\profiles\0rwlh6xh.default\minidumps
[2 files]



 

 



 

~~~ Chrome



 

 



 

Successfully deleted: [Folder]
C:\Users\rnieuwhof\appdata\local\Google\Chrome\User
Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc



 

Successfully deleted: [Registry Key]
hkey_local_machine\software\google\chrome\extensions\kdidombaedgpfiiedeimiebkmbilgmlc



 

Successfully deleted: [Registry Key]
hkey_local_machine\software\google\chrome\extensions\niapdbllcanepiiimjjndipklodoedlc



 

 



 

~~~ Event Viewer Logs were cleared



 

 



 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



 

Scan was completed on do 07-02-2013 at 23:46:56,37



 



End of JRT log


 



 

 



 

 



 

Rkill 2.4.6 by Lawrence Abrams (Grinler)



 

http://www.bleepingcomputer.com/



 

Copyright 2008-2013 BleepingComputer.com



 

More Information about Rkill can be found at this link:



 

 http://www.bleepingcomputer.com/forums/topic308364.html



 

 



 

Program started at: 02/07/2013 11:54:01 PM in x64 mode.



 

Windows Version: Windows 7 Ultimate Service Pack 1



 

 



 

Checking for Windows services to stop:



 

 



 

 * No malware services
found to stop.



 

 



 

Checking for processes to terminate:



 

 



 

 * No malware
processes found to kill.



 

 



 

Checking Registry for malware related settings:



 

 



 

 * Explorer Policy
Removed:  NoActiveDesktopChanges [HKLM]



 

 



 

Backup Registry file created at:



 

 C:\Users\rnieuwhof\Desktop\rkill\rkill-02-07-2013-11-54-03.reg



 

 



 

Resetting .EXE, .COM, & .BAT associations in the Windows
Registry.



 

 



 

Performing miscellaneous checks:



 

 



 

 * No issues found.



 

 



 

Checking Windows Service Integrity:



 

 



 

 * No issues found.



 

 



 

Searching for Missing Digital Signatures:



 

 



 

 * No issues found.



 

 



 

Checking HOSTS File:



 

 



 

 * Cannot edit the
HOSTS file.



 

 * Permissions Fixed.
Administrators can now edit the HOSTS file.



 

 



 

 * HOSTS file entries
found:



 

 



 

  127.0.0.1       localhost



 

  ::1             localhost



 

  192.157.56.28
www.google-analytics.com.



 

  192.157.56.28
ad-emea.doubleclick.net.



 

  192.157.56.28
www.statcounter.com.



 

  192.157.56.28
connect.facebook.net.



 

  192.157.56.28 platform.twitter.com.



 

  93.115.241.27
www.google-analytics.com.



 

  93.115.241.27
ad-emea.doubleclick.net.



 

  93.115.241.27
www.statcounter.com.



 

  93.115.241.27
connect.facebook.net.



 

  93.115.241.27
platform.twitter.com.



 

 



 

Program finished at: 02/07/2013 11:54:06 PM



 

Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)



 

 



 

 



 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"              ""            ""            ""



 

+ "AdobeAAMUpdater-1.0"      "Adobe Updater Startup Utility"              "Adobe Systems
Incorporated"               "c:\program
files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"



 

+ "BCSSync"       "Microsoft
Office 2010 component"      "Microsoft
Corporation"              "c:\program
files\microsoft office\office14\bcssync.exe"



 

+ "MSC"              "Microsoft
Security Client User Interface"          "Microsoft
Corporation"              "c:\program
files\microsoft security client\msseces.exe"



 

+ "RTHDVCPL"  "Realtek
HD Audio configuratie"              "Realtek
Semiconductor"            "c:\program
files\realtek\audio\hda\rtkngui64.exe"




 

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"            ""            ""            ""



 

+ "Adobe ARM"               "Adobe
Reader and Acrobat Manager"                "Adobe
Systems Incorporated"               "c:\program
files (x86)\common files\adobe\arm\1.0\adobearm.exe"



 

+ "AdobeCS6ServiceManager" "Adobe CS6 Service Manager"  "Adobe Systems Incorporated"               "c:\program files (x86)\common
files\adobe\cs6servicemanager\cs6servicemanager.exe"



 

+ "PWRISOVM.EXE"       "PowerISO
Virtual Drive Manager"         "Power
Software Ltd"   "c:\program
files (x86)\poweriso\pwrisovm.exe"



 

+ "SunJavaUpdateSched"           "Java™ Update Scheduler"  "Sun Microsystems, Inc."            "c:\program files (x86)\common
files\java\java update\jusched.exe"



 

+ "Super-Charger"          "Super-Charger"             "MSI"    "c:\program files
(x86)\msi\super-charger\super-charger.exe"



 

+ "SwitchBoard"              "SwitchBoard
Server (32 bit)"    "Adobe
Systems Incorporated"               "c:\program
files (x86)\common files\adobe\switchboard\switchboard.exe"



 

+ "USB3MON"  "Intel®
USB 3.0 Monitor"         "Intel
Corporation"        "c:\program
files (x86)\intel\intel® usb 3.0 extensible host controller
driver\application\iusb3mon.exe"



 

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce"  ""            ""            ""



 

+ "Malwarebytes Anti-Malware"            "Malwarebytes
Anti-Malware"                "Malwarebytes
Corporation"    "c:\program
files (x86)\malwarebytes' anti-malware\mbamgui.exe"



 

"C:\Users\rnieuwhof\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup"             ""            ""            ""



 

+ "Dropbox.lnk"              "Dropbox"          "Dropbox, Inc."                "c:\users\rnieuwhof\appdata\roaming\dropbox\bin\dropbox.exe"



 

"HKLM\SOFTWARE\Microsoft\Active Setup\Installed
Components"    ""            ""            ""



 

+ "Microsoft Windows"               "Windows Mail"              "Microsoft Corporation"              "c:\program files\windows
mail\winmail.exe"



 

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active
Setup\Installed Components"  ""            ""            ""



 

+ "Google Chrome"       "Google
Chrome"           "Google
Inc."    "c:\program files
(x86)\google\chrome\application\24.0.1312.57\installer\chrmstp.exe"



 

+ "Microsoft Windows"               "Windows Mail"              "Microsoft Corporation"              "c:\program files
(x86)\windows mail\winmail.exe"



 

"HKLM\SOFTWARE\Classes\Protocols\Filter"   ""            ""            ""



 

+ "text/xml"      "Microsoft
Office XML MIME Filter"       "Microsoft
Corporation"              "c:\program
files\common files\microsoft shared\office14\msoxmlmf.dll"



 

"HKLM\SOFTWARE\Classes\Protocols\Handler"             ""            ""            ""



 

+ "ms-help"       "Microsoft®
Help Data Services Module"            "Microsoft
Corporation"              "c:\program
files\common files\microsoft shared\help\hxds.dll"



 

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"              ""            ""                ""



 

+ "Groove GFS Stub Execution Hook"   "Microsoft SharePoint Workspace
Extensions"                "Microsoft
Corporation"                "c:\program
files (x86)\microsoft office\office14\grooveex.dll"



 

"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers"   ""            ""            ""



 

+ "DropboxExt"               "Dropbox
Shell Extension"         "Dropbox,
Inc."                "c:\users\rnieuwhof\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



 

"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"  ""            ""            ""



 

+ "7-Zip"              "7-Zip
Shell Extension" "Igor
Pavlov"     "c:\program
files\7-zip\7-zip.dll"



 

+ "EPP"                "Microsoft
Security Client Shell Extension"         "Microsoft
Corporation"              "c:\program
files\microsoft security client\shellext.dll"



 

+ "PowerISO"   "PowerISOShell
DLL"     "Power Software
Ltd"   "c:\program files
(x86)\poweriso\pwrisosh.dll"



 

+ "XXX Groove GFS Context Menu Handler XXX"            "Microsoft SharePoint Workspace
Extensions"                "Microsoft
Corporation"     "c:\program
files\microsoft office\office14\grooveex.dll"



 

"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"                ""            ""            ""



 

+ "XXX Groove GFS Context Menu Handler XXX"            "Microsoft SharePoint Workspace
Extensions"                "Microsoft
Corporation"     "c:\program files
(x86)\microsoft office\office14\grooveex.dll"



 

"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"         ""            ""            ""



 

+ "MBAMShlExt"             "Malwarebytes
Anti-Malware"                "Malwarebytes
Corporation"    "c:\program
files (x86)\malwarebytes' anti-malware\mbamext.dll"



 

+ "XXX Groove GFS Context Menu Handler XXX"            "Microsoft SharePoint Workspace
Extensions"                "Microsoft
Corporation"     "c:\program
files\microsoft office\office14\grooveex.dll"



 

"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"       ""            ""            ""



 

+ "XXX Groove GFS Context Menu Handler XXX"            "Microsoft SharePoint Workspace
Extensions"                "Microsoft
Corporation"     "c:\program
files (x86)\microsoft office\office14\grooveex.dll"



 

"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers"  ""            ""            ""



 

+ "DropboxExt"               "Dropbox
Shell Extension"         "Dropbox,
Inc."                "c:\users\rnieuwhof\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



 

"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"  ""            ""            ""



 

+ "7-Zip"              "7-Zip
Shell Extension" "Igor
Pavlov"     "c:\program
files\7-zip\7-zip.dll"



 

+ "EPP"                "Microsoft
Security Client Shell Extension"         "Microsoft
Corporation"              "c:\program
files\microsoft security client\shellext.dll"



 

+ "PowerISO"   "PowerISOShell
DLL"     "Power Software
Ltd"   "c:\program files
(x86)\poweriso\pwrisosh.dll"



 

+ "XXX Groove GFS Context Menu Handler XXX"            "Microsoft SharePoint Workspace
Extensions"                "Microsoft
Corporation"     "c:\program
files\microsoft office\office14\grooveex.dll"



 

"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"                ""            ""            ""



 

+ "XXX Groove GFS Context Menu Handler XXX"            "Microsoft SharePoint Workspace
Extensions"                "Microsoft
Corporation"     "c:\program
files (x86)\microsoft office\office14\grooveex.dll"



 

"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"           ""            ""            ""



 

+ "7-Zip"              "7-Zip
Shell Extension" "Igor
Pavlov"     "c:\program
files\7-zip\7-zip.dll"



 

"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"        ""            ""            ""



 

+ "DropboxExt"               "Dropbox
Shell Extension"         "Dropbox,
Inc."                "c:\users\rnieuwhof\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



 

"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"       ""            ""            ""



 

+ "Gadgets"       "Sidebar
droptarget"     "Microsoft
Corporation"              "c:\program
files\windows sidebar\sbdrop.dll"



 

+ "NvCplDesktopContext"          ""            "NVIDIA
Corporation"   "c:\windows\system32\nvshext.dll"



 

+ "XXX Groove GFS Context Menu Handler XXX"            "Microsoft SharePoint Workspace
Extensions"                "Microsoft
Corporation"     "c:\program
files\microsoft office\office14\grooveex.dll"



 

"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"     ""            ""            ""



 

+ "Gadgets"       "Sidebar
droptarget"     "Microsoft
Corporation"              "c:\program
files (x86)\windows sidebar\sbdrop.dll"



 

+ "XXX Groove GFS Context Menu Handler XXX"            "Microsoft SharePoint Workspace
Extensions"                "Microsoft
Corporation"     "c:\program
files (x86)\microsoft office\office14\grooveex.dll"



 

"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"   ""            ""            ""



 

+ "PDF Shell Extension"               "PDF Shell Extension"   "Adobe Systems, Inc."  "c:\program
files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"



 

"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"        ""            ""            ""



 

+ "MBAMShlExt"             "Malwarebytes
Anti-Malware"                "Malwarebytes
Corporation"    "c:\program
files (x86)\malwarebytes' anti-malware\mbamext.dll"



 

+ "PowerISO"   "PowerISOShell
DLL"     "Power Software
Ltd"   "c:\program files
(x86)\poweriso\pwrisosh.dll"



 

+ "XXX Groove GFS Context Menu Handler XXX"            "Microsoft SharePoint Workspace
Extensions"                "Microsoft
Corporation"     "c:\program
files\microsoft office\office14\grooveex.dll"



 

"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"      ""            ""            ""



 

+ "XXX Groove GFS Context Menu Handler XXX"            "Microsoft SharePoint Workspace
Extensions"                "Microsoft
Corporation"     "c:\program
files (x86)\microsoft office\office14\grooveex.dll"



 

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"               ""            ""            ""



 

+ "DropboxExt1"             "Dropbox
Shell Extension"         "Dropbox,
Inc."                "c:\users\rnieuwhof\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



 

+ "DropboxExt2"             "Dropbox
Shell Extension"         "Dropbox,
Inc."                "c:\users\rnieuwhof\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



 

+ "DropboxExt3"             "Dropbox
Shell Extension"         "Dropbox,
Inc."                "c:\users\rnieuwhof\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



 

+ "DropboxExt4"             "Dropbox
Shell Extension"         "Dropbox,
Inc."                "c:\users\rnieuwhof\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



 

+ "Groove Explorer Icon Overlay 1 (GFS Unread
Stub)"                "Microsoft
SharePoint Workspace Extensions"                "Microsoft
Corporation"              "c:\program
files\microsoft office\office14\grooveex.dll"



 

+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace
Extensions"                "Microsoft
Corporation"     "c:\program
files\microsoft office\office14\grooveex.dll"



 

+ "Groove Explorer Icon Overlay 2.5 (GFS Unread
Folder)"        "Microsoft
SharePoint Workspace Extensions"                "Microsoft
Corporation"              "c:\program
files\microsoft office\office14\grooveex.dll"



 

+ "Groove Explorer Icon Overlay 3 (GFS Folder)"             "Microsoft SharePoint
Workspace Extensions"                "Microsoft
Corporation"     "c:\program
files\microsoft office\office14\grooveex.dll"



 

+ "Groove Explorer Icon Overlay 4 (GFS Unread
Mark)"              "Microsoft
SharePoint Workspace Extensions"                "Microsoft
Corporation"              "c:\program
files\microsoft office\office14\grooveex.dll"



 

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"             ""                ""            ""



 

+ "DropboxExt1"             "Dropbox
Shell Extension"         "Dropbox,
Inc."                "c:\users\rnieuwhof\appdata\roaming\dropbox\bin\dropboxext.17.dll"



 

+ "DropboxExt2"             "Dropbox
Shell Extension"         "Dropbox,
Inc."                "c:\users\rnieuwhof\appdata\roaming\dropbox\bin\dropboxext.17.dll"



 

+ "DropboxExt3"             "Dropbox
Shell Extension"         "Dropbox,
Inc."                "c:\users\rnieuwhof\appdata\roaming\dropbox\bin\dropboxext.17.dll"



 

+ "Groove Explorer Icon Overlay 1 (GFS Unread
Stub)"                "Microsoft
SharePoint Workspace Extensions"                "Microsoft
Corporation"              "c:\program
files (x86)\microsoft office\office14\grooveex.dll"



 

+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace
Extensions"                "Microsoft
Corporation"     "c:\program
files (x86)\microsoft office\office14\grooveex.dll"



 

+ "Groove Explorer Icon Overlay 2.5 (GFS Unread
Folder)"        "Microsoft
SharePoint Workspace Extensions"                "Microsoft
Corporation"              "c:\program
files (x86)\microsoft office\office14\grooveex.dll"



 

+ "Groove Explorer Icon Overlay 3 (GFS Folder)"             "Microsoft SharePoint
Workspace Extensions"                "Microsoft
Corporation"     "c:\program
files (x86)\microsoft office\office14\grooveex.dll"



 

+ "Groove Explorer Icon Overlay 4 (GFS Unread
Mark)"              "Microsoft
SharePoint Workspace Extensions"                "Microsoft
Corporation"              "c:\program
files (x86)\microsoft office\office14\grooveex.dll"



 

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects"    ""            ""                ""



 

+ "Adobe PDF Link Helper"         "Adobe PDF Helper for Internet Explorer"          "Adobe Systems Incorporated"                "c:\program files
(x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"



 

+ "Groove GFS Browser Helper"              "Microsoft SharePoint
Workspace Extensions"                "Microsoft
Corporation"                "c:\program
files (x86)\microsoft office\office14\grooveex.dll"



 

+ "Java™ Plug-In 2 SSV Helper"           "Java™ Platform SE
binary"  "Oracle
Corporation"     "c:\program
files (x86)\java\jre7\bin\jp2ssv.dll"



 

+ "Java™ Plug-In SSV Helper"              "Java™ Platform SE
binary"  "Oracle
Corporation"     "c:\program
files (x86)\java\jre7\bin\ssv.dll"



 

+ "Office Document Cache Handler"      "Microsoft Office Document Cache
Handler"    "Microsoft
Corporation"                "c:\program
files (x86)\microsoft office\office14\urlredir.dll"



 

"HKLM\Software\Microsoft\Internet
Explorer\Extensions"      ""            ""            ""



 

+ "&Gekoppelde notities van OneNote"             "Microsoft OneNote Internet
Explorer Add-in"               "Microsoft
Corporation"     "c:\program
files\microsoft office\office14\onbttnielinkednotes.dll"



 

+ "&Verzenden naar OneNote"               "Microsoft OneNote Internet
Explorer Add-in"               "Microsoft
Corporation"                "c:\program
files\microsoft office\office14\onbttnie.dll"



 

"Task Scheduler"             ""            ""            ""



 

+ "\Adobe Flash Player Updater"            "Adobe® Flash® Player Update
Service 11.5 r502"           "Adobe
Systems Incorporated"   "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"



 

+ "\GoogleUpdateTaskMachineCore"  "Google Installer"           "Google Inc."    "c:\program files
(x86)\google\update\googleupdate.exe"



 

+ "\GoogleUpdateTaskMachineUA"      "Google Installer"           "Google Inc."    "c:\program files
(x86)\google\update\googleupdate.exe"



 

+ "\Microsoft\Microsoft Antimalware\Microsoft
Antimalware Scheduled Scan"             "Microsoft
Malware Protection Command Line Utility"  "Microsoft
Corporation"              "c:\program
files\microsoft security client\mpcmdrun.exe"



 

+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"            ""            ""                "c:\windows\system32\gathernetworkinfo.vbs"



 

+ "\Microsoft\Windows\Windows Media
Sharing\UpdateLibrary"         "Toepassing
voor configuratie van Windows Media Connect"            "Microsoft Corporation"              "c:\program files\windows media
player\wmpnscfg.exe"



 

"HKLM\System\CurrentControlSet\Services"   ""            ""            ""



 

+ "AdobeARMservice" "Adobe Acrobat Updater houdt uw Adobe-software bij de
tijd."            "Adobe Systems
Incorporated"   "c:\program
files (x86)\common files\adobe\arm\1.0\armsvc.exe"



 

+ "AdobeFlashPlayerUpdateSvc"            "Deze service zorgt ervoor dat
uw installatie van Adobe Flash Player up-to-date blijft met de nieuwste
correcties en beveiligingsverbeteringen."      "Adobe
Systems Incorporated"                "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"



 

+ "gupdate"       "Zorgt
ervoor dat u altijd beschikt over de nieuwste Google-software. Als deze service
wordt uitgeschakeld of afgebroken, wordt uw Google-software niet bijgewerkt.
Hierdoor kunnen beveiligingsrisico's mogelijk niet worden verholpen of kunnen
bepaalde functies niet werken. Deze service verwijdert zichzelf wanneer er geen
Google-software is waarvoor de service wordt gebruikt."   "Google Inc."    "c:\program files
(x86)\google\update\googleupdate.exe"



 

+ "gupdatem"   "Zorgt
ervoor dat u altijd beschikt over de nieuwste Google-software. Als deze service
wordt uitgeschakeld of afgebroken, wordt uw Google-software niet bijgewerkt.
Hierdoor kunnen beveiligingsrisico's mogelijk niet worden verholpen of kunnen
bepaalde functies niet werken. Deze service verwijdert zichzelf wanneer er geen
Google-software is waarvoor de service wordt gebruikt."   "Google Inc."    "c:\program files
(x86)\google\update\googleupdate.exe"



 

+ "Intel® Capability Licensing Service
Interface"           "Version:
1.23.605.1"     "Intel®
Corporation"  "c:\program
files\intel\icls client\heciserver.exe"



 

+ "ISCTAgent"   "Refreshes
online content while system is asleep."       ""            "c:\program
files\intel\intel® smart connect technology agent\isctagent.exe"



 

+ "jhi_service"  "Intel®
Dynamic Application Loader Host Interface Service - Allows applications to
access the local Intel ® DAL"      "Intel
Corporation"        "c:\program
files (x86)\intel\intel® management engine components\dal\jhi_service.exe"



 

+ "LMS"               "Allows
applications to access the local Intel® Management and Security Application
using its locally-available selected network interfaces."               "Intel Corporation"        "c:\program files
(x86)\intel\intel® management engine components\lms\lms.exe"



 

+ "MBAMScheduler"     "Malwarebytes
Anti-Malware scheduler"           "Malwarebytes
Corporation"    "c:\program
files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"



 

+ "MBAMService"          "Malwarebytes
Anti-Malware service" "Malwarebytes
Corporation"    "c:\program
files (x86)\malwarebytes' anti-malware\mbamservice.exe"



 

+ "Microsoft SharePoint Workspace Audit Service"        "Microsoft SharePoint
Workspace"        "Microsoft
Corporation"                "c:\program
files\microsoft office\office14\groove.exe"



 

+ "MozillaMaintenance"              "The Mozilla Maintenance Service ensures that you
have the latest and most secure version of Mozilla Firefox on your computer.
Keeping Firefox up to date is very important for your online security, and
Mozilla strongly recommends that you keep this service enabled."       "Mozilla Foundation"    "c:\program files (x86)\mozilla
maintenance service\maintenanceservice.exe"



 

+ "MSI_SuperCharger" "Super-Charger Service"             "MSI"    "c:\program files
(x86)\msi\super-charger\chargeservice.exe"



 

+ "MsMpSvc"    "Beschermt
gebruikers tegen malware en andere mogelijk ongewenste software"      "Microsoft Corporation"     "c:\program files\microsoft security
client\msmpeng.exe"



 

+ "NisSrv"           "Biedt
bescherming tegen inbraakpogingen die gericht zijn op bekende en onlangs
gevonden zwakke plekken in netwerkprotocollen"              "Microsoft Corporation"              "c:\program files\microsoft
security client\nissrv.exe"



 

+ "nvsvc"            "Provides
system and desktop level support to the NVIDIA display driver"        "NVIDIA Corporation"                "c:\windows\system32\nvvsvc.exe"



 

+ "nvUpdatusService"  "NVIDIA Settings Update Manager service, used to check new
updates from NVIDIA server."                "NVIDIA
Corporation"   "c:\program files
(x86)\nvidia corporation\nvidia update core\daemonu.exe"



 

+ "ose64"            "Hiermee
worden de installatiebestanden opgeslagen die worden gebruikt voor het
bijwerken en herstellen. Dit is vereist voor het downloaden van updates van
Setup en van Watson-foutrapporten."              "Microsoft
Corporation"     "c:\program
files\common files\microsoft shared\source engine\ose.exe"



 

+ "osppsvc"       "Office
Software Protection Platform Service (unlocalized description)"             "Microsoft Corporation"                "c:\program files\common
files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"



 

+ "Stereo Service"          "Provides
system support for NVIDIA Stereoscopic 3D driver"  "NVIDIA Corporation"   "c:\program
files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"



 

+ "SwitchBoard"              "Adobe
SwitchBoard"   "Adobe Systems
Incorporated"               "c:\program
files (x86)\common files\adobe\switchboard\switchboard.exe"



 

+ "UNS"               "Intel®
Management and Security Application User Notification Service - Updates the
Windows Event Log with notifications of pre defined events received from the
local Intel® Management and Security Application Device."                "Intel Corporation"        "c:\program files
(x86)\intel\intel® management engine components\uns\uns.exe"



 

+ "WinDefend"                "Beveiliging
tegen spyware en mogelijk ongewenste software"             "Microsoft Corporation"                "c:\program files\windows
defender\mpsvc.dll"



 

+ "WMPNetworkSvc"   "Hiermee
worden media-bestanden met behulp van UPnP (Universal Plug and Play) op
media-apparaten beschikbaar gemaakt"           "Microsoft
Corporation"              "c:\program
files\windows media player\wmpnetwk.exe"



 

"HKLM\System\CurrentControlSet\Services"   ""            ""            ""



 

+ "adp94xx"       "Adaptec
Windows SAS/SATA Storport Driver"                "Adaptec,
Inc."                "c:\windows\system32\drivers\adp94xx.sys"



 

+ "adpahci"        "Adaptec
Windows SATA Storport Driver"          "Adaptec,
Inc." "c:\windows\system32\drivers\adpahci.sys"



 

+ "adpu320"      "Adaptec
StorPort Ultra320 SCSI Driver (X64)"  "Adaptec,
Inc." "c:\windows\system32\drivers\adpu320.sys"



 

+ "aliide"             "ALi
mini IDE Driver"      "Acer
Laboratories Inc."               "c:\windows\system32\drivers\aliide.sys"



 

+ "amdsata"      "AHCI
1.2 Device Driver"              "Advanced
Micro Devices"         "c:\windows\system32\drivers\amdsata.sys"



 

+ "amdsbs"        "AMD
Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"               "AMD Technologies Inc."          "c:\windows\system32\drivers\amdsbs.sys"



 

+ "amdxata"      "Storage
Filter Driver"   "Advanced Micro
Devices"         "c:\windows\system32\drivers\amdxata.sys"



 

+ "arc"  "Adaptec
RAID Storport Driver"               "Adaptec,
Inc." "c:\windows\system32\drivers\arc.sys"



 

+ "arcsas"           "Adaptec
SAS RAID WS03 Driver"            "Adaptec,
Inc." "c:\windows\system32\drivers\arcsas.sys"



 

+ "b06bdrv"       "Broadcom
NetXtreme II GigE VBD"      "Broadcom
Corporation"                "c:\windows\system32\drivers\bxvbda.sys"



 

+ "b57nd60a"    "Broadcom
NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."          "Broadcom Corporation"                "c:\windows\system32\drivers\b57nd60a.sys"



 

+ "BrFiltLo"         "Windows
ME USB Mass-Storage Bulk-Only Lower Filter Driver"             "Brother Industries, Ltd."                "c:\windows\system32\drivers\brfiltlo.sys"



 

+ "BrFiltUp"       "Windows
ME USB Mass-Storage Bulk-Only Upper Filter Driver"             "Brother Industries, Ltd."                "c:\windows\system32\drivers\brfiltup.sys"



 

+ "Brserid"         "Brotehr
Serieel I/F-stuurprogramma (WDM)" "Brother
Industries Ltd."                "c:\windows\system32\drivers\brserid.sys"



 

+ "BrSerWdm"  "Brother
Serial driver (WDM version)"  "Brother
Industries Ltd."                "c:\windows\system32\drivers\brserwdm.sys"



 

+ "BrUsbMdm"                "Brother
USB MDM Driver "       "Brother
Industries Ltd."                "c:\windows\system32\drivers\brusbmdm.sys"



 

+ "BrUsbSer"     "Brother
USB Serial Driver"        "Brother
Industries Ltd."             "c:\windows\system32\drivers\brusbser.sys"



 

+ "cmdide"         "CMD
PCI IDE Bus Driver"            "CMD
Technology, Inc."               "c:\windows\system32\drivers\cmdide.sys"



 

+ "ebdrv"            "Broadcom
NetXtreme II 10 GigE VBD" "Broadcom
Corporation"                "c:\windows\system32\drivers\evbda.sys"



 

+ "elxstor"          "Storport
Miniport Driver for LightPulse HBAs" "Emulex"            "c:\windows\system32\drivers\elxstor.sys"



 

+ "hcw85cir"      "Hauppauge
WinTV 885 Consumer IR Driver for eHome"            "Hauppauge
Computer Works, Inc."                "c:\windows\system32\drivers\hcw85cir.sys"



 

+ "HpSAMD"     "Smart
Array SAS/SATA Controller Media Driver"            "Hewlett-Packard
Company"                "c:\windows\system32\drivers\hpsamd.sys"



 

+ "iaStorV"         "Intel
Matrix Storage Manager driver - x64"       "Intel
Corporation"                "c:\windows\system32\drivers\iastorv.sys"



 

+ "iirsp"               "Intel/ICP
Raid Storport Driver"               "Intel
Corp./ICP vortex GmbH"                "c:\windows\system32\drivers\iirsp.sys"



 

+ "ikbevent"      "Intel
Keyboard Class Upper Filter Driver"          ""            "c:\windows\system32\drivers\ikbevent.sys"



 

+ "imsevent"     "Intel
Mouse Class Upper Filter Driver"                ""            "c:\windows\system32\drivers\imsevent.sys"



 

+ "IntcAzAudAddService"           "Realtek® High Definition Audio Function
Driver"         "Realtek
Semiconductor Corp."                "c:\windows\system32\drivers\rtkvhd64.sys"



 

+ "ISCT"               "ISCT
and IFFS Driver"   ""            "c:\windows\system32\drivers\isctd64.sys"



 

+ "iusb3hcs"      "Intel®
USB 3.0 Host Controller Switch Driver"               "Intel
Corporation"                "c:\windows\system32\drivers\iusb3hcs.sys"



 

+ "iusb3hub"     "Intel®
USB 3.0 Hub Driver"    "Intel
Corporation"        "c:\windows\system32\drivers\iusb3hub.sys"



 

+ "iusb3xhc"      "Intel®
USB 3.0 eXtensible Host Controller Driver"      "Intel
Corporation"                "c:\windows\system32\drivers\iusb3xhc.sys"



 

+ "Linksys_adapter_H" "Broadcom 802.11 Network Adapter wireless driver"    "Broadcom Corporation"                "c:\windows\system32\drivers\ae2500w764.sys"



 

+ "LSI_FC"          "LSI
Fusion-MPT FC Driver (StorPort)"   "LSI
Corporation"            "c:\windows\system32\drivers\lsi_fc.sys"



 

+ "LSI_SAS"        "LSI
Fusion-MPT SAS Driver (StorPort)"                "LSI
Corporation"                "c:\windows\system32\drivers\lsi_sas.sys"



 

+ "LSI_SAS2"     "LSI
SAS Gen2 Driver (StorPort)"             "LSI
Corporation"            "c:\windows\system32\drivers\lsi_sas2.sys"



 

+ "LSI_SCSI"       "LSI
Fusion-MPT SCSI Driver (StorPort)"               "LSI
Corporation"                "c:\windows\system32\drivers\lsi_scsi.sys"



 

+ "MBAMProtector"      "Malwarebytes
Anti-Malware"                "Malwarebytes
Corporation"                "c:\windows\system32\drivers\mbam.sys"



 

+ "megasas"      "MEGASAS
RAID Controller Driver for Windows 7\Server 2008 R2 for x64"         "LSI Corporation"                "c:\windows\system32\drivers\megasas.sys"



 

+ "MegaSR"       "LSI
MegaRAID Software RAID Driver"  "LSI
Corporation, Inc."  "c:\windows\system32\drivers\megasr.sys"



 

+ "MEIx64"         "Intel®
Management Engine Interface"            "Intel
Corporation"                "c:\windows\system32\drivers\hecix64.sys"



 

+ "MSICDSetup"              ""            ""            "File not found: D:\CDriver64.sys"



 

+ "nfrd960"        "IBM
ServeRAID Controller Driver"         "IBM
Corporation"         "c:\windows\system32\drivers\nfrd960.sys"



 

+ "NTIOLib_1_0_3"        "NTIOLib"           "MSI"    "c:\program files
(x86)\msi\super-charger\ntiolib_x64.sys"



 

+ "NTIOLib_1_0_C"        ""            ""            "File not found: D:\NTIOLib_X64.sys"



 

+ "NVHDA"        "NVIDIA
HDMI Audio Driver"     "NVIDIA
Corporation"   "c:\windows\system32\drivers\nvhda64v.sys"



 

+ "nvlddmkm"  "NVIDIA
Windows Kernel Mode Driver, Version 306.97 "            "NVIDIA Corporation"                "c:\windows\system32\drivers\nvlddmkm.sys"



 

+ "nvraid"           "NVIDIA®
nForce™ RAID Driver"       "NVIDIA
Corporation"   "c:\windows\system32\drivers\nvraid.sys"



 

+ "nvstor"           "NVIDIA®
nForce™ Sata Performance Driver"            "NVIDIA
Corporation"                "c:\windows\system32\drivers\nvstor.sys"



 

+ "PxHlpa64"     "Px
Engine Device Driver for 64-bit Windows"   "Rovi
Corporation"                "c:\windows\system32\drivers\pxhlpa64.sys"



 

+ "ql2300"           "QLogic
Fibre Channel Stor Miniport Driver"      "QLogic
Corporation"                "c:\windows\system32\drivers\ql2300.sys"



 

+ "ql40xx"           "QLogic
iSCSI Storport Miniport Driver"                "QLogic
Corporation"                "c:\windows\system32\drivers\ql40xx.sys"



 

+ "RTL8167"       "Realtek
8136/8168/8169 NDIS 6.20 64-bit Driver                "           "Realtek                                           
"                "c:\windows\system32\drivers\rt64win7.sys"



 

+ "RTL85n64"     "Realtek
8180/8185 Wireless Device"    "Realtek"            "c:\windows\system32\drivers\rtl85n64.sys"



 

+ "SCDEmu"       "PowerISO
Virtual Drive"            "Power
Software Ltd"   "c:\windows\system32\drivers\scdemu.sys"



 

+ "secdrv"          "Macrovision
SECURITY Driver"                "Macrovision
Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia
K.K."            "c:\windows\system32\drivers\secdrv.sys"



 

+ "SiSRaid2"       "SiS
RAID Stor Miniport Driver" "Silicon
Integrated Systems Corp."                "c:\windows\system32\drivers\sisraid2.sys"



 

+ "SiSRaid4"       "SiS
AHCI Stor-Miniport Driver"                "Silicon
Integrated Systems"                "c:\windows\system32\drivers\sisraid4.sys"



 

+ "stexstor"       "Promise  SuperTrak EX Series Driver for Windows "      "Promise Technology"                "c:\windows\system32\drivers\stexstor.sys"



 

+ "Synth3dVsc"                ""            ""            "File not found:
System32\drivers\synth3dvsc.sys"



 

+ "tsusbhub"     "@%SystemRoot%\system32\drivers\tsusbhub.sys,-2"              ""            "File not found: system32\drivers\tsusbhub.sys"



 

+ "VGPU"           ""            ""            "File not found: System32\drivers\rdvgkmd.sys"



 

+ "viaide"            "VIA
Generic PCI IDE Bus Driver"             "VIA
Technologies, Inc."                "c:\windows\system32\drivers\viaide.sys"



 

+ "vsmraid"        "VIA
RAID DRIVER FOR AMD-X86-64"    "VIA
Technologies Inc.,Ltd"                "c:\windows\system32\drivers\vsmraid.sys"



 

+ "WPRO_41_2001"       ""            ""            "c:\windows\system32\drivers\wpro_41_2001.sys"



 

"HKLM\Software\Microsoft\Windows
NT\CurrentVersion\Drivers32" ""            ""            ""



 

+ "msacm.l3acm"            "MPEG
Layer-3 Audio Codec for MSACM"          "Fraunhofer
Institut Integrierte Schaltungen IIS"                "c:\windows\system32\l3codeca.acm"



 

"HKLM\Software\Wow6432Node\Microsoft\Windows
NT\CurrentVersion\Drivers32"              ""            ""            ""



 

+ "msacm.l3acm"            "MPEG
Layer-3 Audio Codec for MSACM"          "Fraunhofer
Institut Integrierte Schaltungen IIS"                "c:\windows\syswow64\l3codeca.acm"



 

+ "vidc.cvid"      "Cinepak®-codec"          "Radius Inc."      "c:\windows\syswow64\iccvid.dll"



 

 



 



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:50 PM

Posted 07 February 2013 - 06:19 PM

Download

Hosts fixit

Run it,restart the PC

Now launch mini toolbox and checkmark hosts contents alone and post the new log



#5 Robinn1987

Robinn1987
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:50 PM

Posted 08 February 2013 - 03:06 AM

MiniToolBox by Farbar  Version:10-01-2013
Ran by rnieuwhof (administrator) on 08-02-2013 at 09:05:03
Running from "E:\rnieuwhof\Downloads"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================
 
#       ::1             localhost
 
 
**** End of log ****


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:50 PM

Posted 08 February 2013 - 07:08 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users