Mededeling

Collapse
No announcement yet.

Barracuda probleem

Collapse
X
Collapse
  •  
  • Page of 2
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige 1 2 template Volgende
  • #1

    Barracuda probleem

    Hallo,

    Onlangs had ik een emailadres die allerlei spam verstuurde. Zoveel zelfs dat ik niet meer van dat account naar anderen kon mailen. Alleen intern wel. Dit emailadres wordt niet meer gebruikt en is ook verwijderd.

    Nu denk ik zelf dat dit ervoor gezorgd heeft dat ik op de barracuda blacklist kwam. Ik heb een hele tijd probleemloos kunnen mailen. Nu wilde ik van mijn nieuwe emailadres iemand van een organisatie mailen, maar kreeg het bericht terug dat de mail niet afgeleverd wordt. Dit bij meerder emailadressen van die organisatie die de zelfde host hebben. Gebeld met deze mensen van de host, en die konden mij vertellen dat ik op de blacklist sta. Dit is wat ik steeds terugkrijg als melding:

    This message was created automatically by mail delivery software.

    A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:


    SMTP error from remote mail server after end of data:
    host mx04.agn-e.net [81.xx.x.x36]: 554 Service unavailable; Client host [server02.uxw.nl] blocked using Barracuda Reputation; http://bbl.barracudacentral.com/q.cgi?ip=82.xx.x.x61

    ------ This is a copy of the message, including all the headers. ------

    Return-path: <[email protected]>
    Received: from 524a06a1.cm-4-3a.dynamic.ziggo.nl ([82.xx.xx.x61] helo=DennisPC)
    by server2.wned-dns.eu with esmtpa (Exim 4.80.1)
    (envelope-from <[email protected]>)
    id 1UmfNu-0007rY-8Z
    for ; Wed, 12 Jun 2013 09:22:22 +0200

    Ik heb nu een request gedaan om me van de lijst af te halen.

    Nu heb ik wel log gemaakt om te verifieren of ik geen kwaadaardige dingen nog op de pc heb. Misschien dat iemand mij verder kan helpen. BTW ik weet niet hoe snel ze zijn bij Barracuda en of ik uberhaupt van die lijst kom:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:50:47, on 12-6-2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16483)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
    C:\Users\Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
    C:\Program Files (x86)\Launch Manager\LManager.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files (x86)\Launch Manager\LMworker.exe
    C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
    C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
    C:\Program Files (x86)\Java\jre7\bin\java.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:21320
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file)
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [EPSON SX235 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Dennis\AppData\Local\Temp\E_SF588.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: Dropbox.lnk = Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
    O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
    O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
    O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 15954 bytes
    Labels: Geen
    • Citaat
  • #2
    hallo,

    zie http://www.nucia.eu/forum/threads/12...ericht-plaatst!
    • Citaat

    Comment

    • #3
      de andere logs

      Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
      Malwarebytes Cyber Security for Home & Business | Anti-Malware
      https://www.malwarebytes.org
      Protect your home and business PCs, Macs, iOS and Android devices from malware, viruses & cyber threats with Malwarebytes cyber security solutions.


      Databaseversie: v2013.06.13.06

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Dennis :: DENNIS-PC [administrator]

      Bescherming: Ingeschakeld

      13-6-2013 16:58:54
      mbam-log-2013-06-13 (16-58-54).txt

      Scan type: Snelle scan
      Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
      Uitgeschakelde scan opties: P2P
      Objecten gescand: 214573
      Verstreken tijd: 8 minuut/minuten, 43 seconde(n)

      Geheugenprocessen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Geheugenmodulen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registersleutels gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerwaarden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerdata gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Mappen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Bestanden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      (einde)


      DDS (Ver_2012-11-20.01) - NTFS_AMD64
      Internet Explorer: 9.0.8112.16483 BrowserJavaVersion: 10.21.2
      Run by Dennis at 17:08:45 on 2013-06-13
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3767.958 [GMT 2:00]
      .
      AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
      SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
      .
      ============== Running Processes ===============
      .
      C:\Windows\system32\lsm.exe
      C:\Windows\system32\svchost.exe -k DcomLaunch
      C:\Windows\system32\svchost.exe -k RPCSS
      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\Windows\system32\svchost.exe -k netsvcs
      C:\Windows\system32\svchost.exe -k LocalService
      C:\Windows\system32\svchost.exe -k NetworkService
      C:\Windows\System32\spoolsv.exe
      C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
      C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
      C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\Program Files (x86)\Launch Manager\dsiwmis.exe
      C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
      C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
      C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
      C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
      C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
      C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
      C:\Windows\system32\taskhost.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
      C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
      C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
      C:\Windows\system32\svchost.exe -k imgsvc
      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
      C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
      C:\Windows\System32\rundll32.exe
      C:\Windows\System32\igfxtray.exe
      C:\Windows\System32\hkcmd.exe
      C:\Windows\system32\igfxsrvc.exe
      C:\Windows\System32\igfxpers.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
      C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
      C:\Windows\system32\igfxext.exe
      C:\Windows\system32\wbem\unsecapp.exe
      C:\Users\Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe
      C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Program Files (x86)\Launch Manager\LManager.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
      C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
      C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
      C:\Program Files (x86)\Launch Manager\LMworker.exe
      C:\Windows\system32\SearchIndexer.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      C:\Program Files\Windows Media Player\wmpnetwk.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
      C:\Windows\System32\svchost.exe -k LocalServicePeerNet
      C:\Windows\system32\svchost.exe -k HPService
      C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      C:\Windows\System32\svchost.exe -k secsvcs
      C:\Windows\system32\taskhost.exe
      C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
      C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      C:\Windows\splwow64.exe
      C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
      C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
      C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
      C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      C:\maex\maex.exe
      C:\maex\dbeng7.exe
      C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
      C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
      C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
      C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
      C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
      C:\Windows\servicing\TrustedInstaller.exe
      C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
      C:\Windows\system32\taskeng.exe
      C:\Windows\system32\wuauclt.exe
      C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
      C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
      C:\Windows\system32\SearchProtocolHost.exe
      C:\Windows\system32\SearchFilterHost.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
      C:\Windows\System32\cscript.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = hxxp://www.google.com/
      uDefault_Page_URL = hxxp://packardbell.msn.com
      mStart Page = hxxp://packardbell.msn.com
      mDefault_Page_URL = hxxp://packardbell.msn.com
      uProxyServer = localhost:21320
      uURLSearchHooks: {2d8d9acc-f6d7-4362-8876-a275ca929591} - <orphaned>
      mWinlogon: Userinit = userinit.exe
      BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
      BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
      BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
      BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
      BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
      TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
      TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
      uRun: [EPSON SX235 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Dennis\AppData\Local\Temp\E_SF588.tmp" /EF "HKCU"
      uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
      uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
      uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
      uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
      mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
      mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
      mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
      mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
      mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
      mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
      mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
      mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
      StartupFolder: C:\Users\Dennis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe
      mPolicies-Explorer: NoActiveDesktop = dword:1
      mPolicies-Explorer: NoActiveDesktopChanges = dword:1
      mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
      mPolicies-System: ConsentPromptBehaviorUser = dword:3
      mPolicies-System: EnableUIADesktopToggle = dword:0
      IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
      IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
      IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
      TCP: NameServer = 10.0.0.1
      TCP: Interfaces\{7E9EF804-CCFD-4BBB-B800-9250BF3D34AA} : DHCPNameServer = 10.0.0.1
      TCP: Interfaces\{7E9EF804-CCFD-4BBB-B800-9250BF3D34AA}\14256573531393138364333444 : DHCPNameServer = 192.168.2.254
      TCP: Interfaces\{7E9EF804-CCFD-4BBB-B800-9250BF3D34AA}\14256573531393338373730363 : DHCPNameServer = 192.168.2.254
      TCP: Interfaces\{7E9EF804-CCFD-4BBB-B800-9250BF3D34AA}\2456C6B696E6024627161646C6F6F6370226F66756E6 : DHCPNameServer = 192.168.2.1
      TCP: Interfaces\{7E9EF804-CCFD-4BBB-B800-9250BF3D34AA}\3596475636F6D6932413837383 : DHCPNameServer = 192.168.0.1
      TCP: Interfaces\{7E9EF804-CCFD-4BBB-B800-9250BF3D34AA}\86F6C6C616E6469616 : DHCPNameServer = 192.168.2.254
      TCP: Interfaces\{7E9EF804-CCFD-4BBB-B800-9250BF3D34AA}\F427471636 : DHCPNameServer = 192.168.0.1
      TCP: Interfaces\{7EF86142-EEAB-4B19-9F92-6A596C2FE670} : DHCPNameServer = 192.168.178.1
      TCP: Interfaces\{E11E2D1E-5F28-4C78-910F-088C1E73D7DB} : DHCPNameServer = 192.168.39.28
      Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
      Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
      Notify: SDWinLogon - SDWinLogon.dll
      SSODL: WebCheck - <orphaned>
      SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
      mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
      x64-mStart Page = hxxp://packardbell.msn.com
      x64-mDefault_Page_URL = hxxp://packardbell.msn.com
      x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
      x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
      x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
      x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
      x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
      x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
      x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
      x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
      x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
      x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
      x64-Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
      x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
      x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
      x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
      x64-Notify: igfxcui - igfxdev.dll
      x64-SSODL: WebCheck - <orphaned>
      x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
      .
      ================= FIREFOX ===================
      .
      FF - ProfilePath - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\n8g5qral.default\
      FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
      FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
      FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
      FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
      FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
      FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
      FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
      FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
      FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
      FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      FF - plugin: C:\Users\Dennis\AppData\Roaming\TorrentStream\player\npts.dll
      FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
      FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
      FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
      FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
      FF - ExtSQL: 2013-05-07 19:52; [email protected]; C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\n8g5qral.default\extensions\[email protected] g.xpi
      FF - ExtSQL: 2013-06-03 13:42; {6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}; C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\n8g5qral.default\extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi
      .
      ============= SERVICES / DRIVERS ===============
      .
      R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\System32\drivers\NBVol.sys [2012-7-25 72240]
      R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\System32\drivers\NBVolUp.sys [2012-7-25 15920]
      R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-1-20 55856]
      R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-5-7 28600]
      R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
      R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
      R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-5-7 100712]
      R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-10-28 56344]
      R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-10-28 158976]
      R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-10-28 287232]
      R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-5-15 384040]
      S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
      S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2012-12-7 36928]
      S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2012-3-26 22528]
      S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-10-28 243712]
      .
      =============== Created Last 30 ================
      .
      2013-06-12 08:00:19 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2C22AFAC-1104-4350-B8C8-C735B3C56864}\offreg.dll
      2013-06-12 07:40:05 388096 ----a-r- C:\Users\Dennis\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
      2013-06-12 07:40:04 -------- d-----w- C:\Program Files (x86)\Trend Micro
      2013-06-11 07:18:50 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2C22AFAC-1104-4350-B8C8-C735B3C56864}\mpengine.dll
      2013-06-10 06:41:28 -------- d-----w- C:\Users\Dennis\AppData\Local\{242DC904-24CB-4FE2-9606-1F7A2457C6BF}
      2013-06-09 12:21:06 708168 ----a-w- C:\Program Files (x86)\39Uninstall MapsGalaxy.dll
      2013-06-09 12:21:06 186744 ----a-w- C:\Program Files (x86)\39res.dll
      2013-06-08 06:52:49 -------- d-----w- C:\Users\Dennis\AppData\Local\{E6756DC6-01F1-4FE0-AD52-1125668F90F8}
      2013-06-07 12:21:14 -------- d-----w- C:\Program Files\iPod
      2013-06-07 12:21:12 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
      2013-06-07 12:21:12 -------- d-----w- C:\Program Files\iTunes
      2013-06-07 12:21:12 -------- d-----w- C:\Program Files (x86)\iTunes
      2013-06-07 12:11:38 -------- d-----w- C:\Users\Dennis\AppData\Roaming\HTC
      2013-06-07 12:11:26 -------- d-----w- C:\Users\Dennis\AppData\Roaming\HTC Sync
      2013-06-07 12:11:22 -------- d-----w- C:\ProgramData\HTC
      2013-06-07 12:10:23 -------- d-----w- C:\Users\Dennis\AppData\Local\HTC MediaHub
      2013-06-07 12:10:07 -------- d-----w- C:\ProgramData\Motorola
      2013-06-07 12:08:44 -------- d-----w- C:\Program Files (x86)\Spirent Communications
      2013-06-07 12:08:44 -------- d-----w- C:\Program Files (x86)\HTC
      2013-06-07 12:07:26 -------- d-----w- C:\Users\Dennis\AppData\Local\Downloaded Installations
      2013-06-05 11:21:28 -------- d-----w- C:\Users\Dennis\AppData\Roaming\Serif
      2013-06-05 11:20:09 -------- d-----w- C:\Program Files (x86)\Common Files\MSSoap
      2013-06-05 11:19:38 -------- d-----w- C:\Program Files (x86)\Serif
      2013-06-03 07:34:34 -------- d-----w- C:\Users\Dennis\AppData\Local\{8AA3D198-9E80-4E13-9767-11EEF56261C9}
      2013-05-31 06:50:14 -------- d-----w- C:\Users\Dennis\AppData\Local\{6B14B78E-A273-4A0A-A275-42A10332B900}
      2013-05-30 07:47:03 -------- d-----w- C:\Users\Dennis\AppData\Local\{FE8CF9F5-2177-42E3-8691-151EBE5FD731}
      2013-05-29 18:14:00 -------- d-----w- C:\Users\Dennis\AppData\Roaming\SUPERAntiSpyware.com
      2013-05-29 18:13:51 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
      2013-05-29 18:13:51 -------- d-----w- C:\Program Files\SUPERAntiSpyware
      2013-05-29 17:18:55 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
      2013-05-29 17:17:56 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
      2013-05-29 17:17:51 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
      2013-05-29 16:51:04 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
      2013-05-29 16:51:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      2013-05-26 08:03:29 -------- d-----w- C:\ProgramData\boost_interprocess
      2013-05-24 09:49:58 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
      2013-05-24 09:49:54 26520 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe
      2013-05-22 12:49:11 -------- d-----w- C:\Users\Dennis\AppData\Local\{81F5AD39-3B92-4976-AACC-D0010803B589}
      2013-05-21 07:35:10 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
      2013-05-21 07:35:10 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
      2013-05-21 07:33:59 887808 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
      2013-05-21 07:33:59 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
      2013-05-15 12:24:09 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
      2013-05-15 12:24:09 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
      2013-05-15 12:24:09 144384 ----a-w- C:\Windows\System32\cdd.dll
      2013-05-15 12:24:04 3153920 ----a-w- C:\Windows\System32\win32k.sys
      2013-05-15 12:24:03 230400 ----a-w- C:\Windows\System32\wwansvc.dll
      2013-05-15 12:24:02 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
      2013-05-15 12:23:47 1930752 ----a-w- C:\Windows\System32\authui.dll
      2013-05-15 12:23:46 70144 ----a-w- C:\Windows\System32\appinfo.dll
      2013-05-15 12:23:46 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
      2013-05-15 12:23:46 111448 ----a-w- C:\Windows\System32\consent.exe
      .
      ==================== Find3M ====================
      .
      2013-06-12 18:04:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      2013-06-12 18:04:55 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
      2013-05-13 12:59:21 83160 ----a-w- C:\Windows\System32\drivers\avnetflt.sys
      2013-05-07 21:27:41 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
      2013-05-07 21:27:41 100712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
      2013-05-02 00:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
      2013-04-17 18:44:47 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
      2013-04-17 18:44:42 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
      2013-04-17 18:44:42 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
      2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
      2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
      2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
      2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
      2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
      2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
      2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
      2013-04-05 01:08:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
      2013-04-05 01:00:30 1392128 ----a-w- C:\Windows\System32\wininet.dll
      2013-04-05 00:59:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
      2013-04-05 00:56:16 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
      2013-04-05 00:55:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
      2013-04-04 22:11:34 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
      2013-04-04 22:02:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
      2013-04-04 22:02:17 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
      2013-04-04 21:58:51 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
      2013-04-04 21:57:45 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
      2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
      2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
      2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
      2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
      2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
      2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
      .
      ============= FINISH: 17:10:12,99 ===============


      GMER 2.1.19163 - http://www.gmer.net
      Rootkit scan 2013-06-13 17:26:08
      Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.0001 465,76GB
      Running: hzeveo9u.exe; Driver: C:\Users\Dennis\AppData\Local\Temp\pwrirpog.sys


      ---- Kernel code sections - GMER 2.1 ----

      INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 679 fffff80002fa3077 3 bytes {OR EAX, EDX; JMP 0xffffffffffffffe8}
      INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 844 fffff80002fa311c 5 bytes [B7, 45, CE, 05, A1]

      ---- User code sections - GMER 2.1 ----

      .text C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075611465 2 bytes [61, 75]
      .text C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe[992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000756114bb 2 bytes [61, 75]
      .text ... * 2
      .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2092] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075611465 2 bytes [61, 75]
      .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2092] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000756114bb 2 bytes [61, 75]
      .text ... * 2
      .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3412] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35 000000006acd11a8 2 bytes [CD, 6A]
      .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3412] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21 000000006acd13a8 2 bytes [CD, 6A]
      .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3412] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21 000000006acd1422 2 bytes [CD, 6A]
      .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3412] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19 000000006acd1498 2 bytes [CD, 6A]
      .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3412] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 195 0000000070bc1b41 2 bytes [BC, 70]
      .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3412] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 362 0000000070bc1be8 2 bytes [BC, 70]
      .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3412] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 418 0000000070bc1c20 2 bytes [BC, 70]
      .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3412] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 596 0000000070bc1cd2 2 bytes [BC, 70]
      .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3412] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 628 0000000070bc1cf2 2 bytes [BC, 70]
      .text C:\Users\Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe[3804] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000075611465 2 bytes [61, 75]
      .text C:\Users\Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe[3804] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000756114bb 2 bytes [61, 75]
      .text ... * 2
      .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[4128] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075611465 2 bytes [61, 75]
      .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[4128] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000756114bb 2 bytes [61, 75]
      .text ... * 2
      .text C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE[6644] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000772287b1 5 bytes JMP 000000015fb3856d
      .text C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE[6644] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 0000000076cf6143 5 bytes JMP 000000016006fa9a
      .text C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE[6644] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 00000000768e3e59 5 bytes JMP 000000015fb697d1
      .text C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE[6644] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 00000000768e3eae 5 bytes JMP 000000015fb77641
      .text C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE[6644] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 00000000768e4731 5 bytes JMP 000000015fb765d9
      .text C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE[6644] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 00000000768e5dee 5 bytes JMP 000000015fb9da4f
      ? C:\Windows\system32\mssprxy.dll [6644] entry point in ".rdata" section 0000000073dd71e6
      ? C:\Windows\system32\iertutil.dll [5816] entry point in ".rdata" section 0000000076835251
      .text C:\maex\maex.exe[8784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075611465 2 bytes [61, 75]
      .text C:\maex\maex.exe[8784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000756114bb 2 bytes [61, 75]
      .text ... * 2
      .text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[4904] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000772287b1 5 bytes JMP 000000015fb3856d
      .text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[4904] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 0000000076cf6143 5 bytes JMP 000000016006fa9a
      .text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[4904] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 00000000768e3e59 5 bytes JMP 000000015fb697d1
      .text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[4904] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 00000000768e3eae 5 bytes JMP 000000015fb77641
      .text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[4904] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 00000000768e4731 5 bytes JMP 000000015fb765d9
      .text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[4904] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 00000000768e5dee 5 bytes JMP 000000015fb9da4f
      .text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[4904] C:\Program Files (x86)\Microsoft Office\Office14\BCSRuntime.dll!LoadMsoInfoPathEmbeddedEditor + 562 000000006533a5ac 4 bytes [AB, 16, D7, EE]
      .text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[4904] C:\Program Files (x86)\Microsoft Office\Office14\BCSProxy32.dll!ReleaseMutex + 215 0000000073d12338 4 bytes [69, 9D, C9, EE]
      ? C:\Windows\system32\mssprxy.dll [4904] entry point in ".rdata" section 0000000073dd71e6
      .text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[4904] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075611465 2 bytes [61, 75]
      .text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[4904] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000756114bb 2 bytes [61, 75]
      .text ... * 2
      ? C:\Windows\System32\NLSData0013.dll [4904] entry point in ".rdata" section 0000000051f0bd91
      .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe[8104] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075611465 2 bytes [61, 75]
      .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe[8104] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000756114bb 2 bytes [61, 75]
      .text ... * 2

      ---- EOF - GMER 2.1 ----
      • Citaat

      Comment

      • #4
        Rechtsklik op C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
        en kies uitvoeren als Administrator.

        Klik op Scan en plaats een vinkje bij deze regel:
        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:21320

        Klik daarna op Fixed Checked.


        Downloadt TDSSKiller en plaats het op je bureaublad.
        Dubbelklik op TDSSKiller.exe om de tool te starten.
        Klik op "Change parameters" en vink aan:
        - Services and drivers
        - Boot sectors
        - Verify drivers digital signatures
        Klik op "OK"
        Klik op de knop "Start Scan" en volg de instructies.
        Wanneer de scan klaar is klik je op de knop "Report".
        Er opent een kladblokbestand. Post de inhoud van dit bestand.
        Geeft TDSSKiller aan om een bestand te genezen (Cure),dan sta je dit toe. In dit geval wordt gevraagd om de computer te herstarten. Doe dit onmiddellijk.
        De unsigned files skip je.
        Rootkit.Boot.SST.b en anderen zoals Sinowal, ZeroAccess of Whistler laat je herstellen Cure.
        Na reboot vind je de log op c:\ met de naam TDSSKiller.versie_datum_uur_log.txt.
        Post dat logje.
        • Citaat

        Comment

        • #5
          09:49:20.0988 2240 System windows directory: C:\Windows
          09:49:20.0988 2240 Running under WOW64
          09:49:20.0988 2240 Processor architecture: Intel x64
          09:49:20.0988 2240 Number of processors: 2
          09:49:20.0988 2240 Page size: 0x1000
          09:49:20.0988 2240 Boot type: Normal boot
          09:49:20.0988 2240 ============================================================
          09:49:21.0700 2240 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
          09:49:21.0717 2240 ============================================================
          09:49:21.0717 2240 \Device\Harddisk0\DR0:
          09:49:21.0717 2240 MBR partitions:
          09:49:21.0717 2240 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
          09:49:21.0717 2240 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x37F53000
          09:49:21.0717 2240 ============================================================
          09:49:21.0813 2240 C: <-> \Device\Harddisk0\DR0\Partition2
          09:49:21.0813 2240 ============================================================
          09:49:21.0813 2240 Initialize success
          09:49:21.0813 2240 ============================================================
          09:50:20.0419 8804 ============================================================
          09:50:20.0419 8804 Scan started
          09:50:20.0419 8804 Mode: Manual; SigCheck;
          09:50:20.0419 8804 ============================================================
          09:50:20.0769 8804 ================ Scan services =============================
          09:50:20.0889 8804 [ ABDCD326E1DD1C62509ED94C278A7453 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
          09:50:20.0959 8804 !SASCORE - ok
          09:50:21.0129 8804 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
          09:50:21.0209 8804 1394ohci - ok
          09:50:21.0319 8804 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
          09:50:21.0379 8804 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
          09:50:21.0419 8804 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
          09:50:21.0439 8804 ACPI - ok
          09:50:21.0469 8804 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
          09:50:21.0579 8804 AcpiPmi - ok
          09:50:21.0699 8804 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
          09:50:21.0729 8804 AdobeActiveFileMonitor9.0 - ok
          09:50:21.0809 8804 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
          09:50:21.0829 8804 AdobeARMservice - ok
          09:50:21.0959 8804 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
          09:50:21.0989 8804 AdobeFlashPlayerUpdateSvc - ok
          09:50:22.0039 8804 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
          09:50:22.0069 8804 adp94xx - ok
          09:50:22.0109 8804 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
          09:50:22.0139 8804 adpahci - ok
          09:50:22.0169 8804 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
          09:50:22.0190 8804 adpu320 - ok
          09:50:22.0230 8804 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
          09:50:22.0410 8804 AeLookupSvc - ok
          09:50:22.0470 8804 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
          09:50:22.0510 8804 AFD - ok
          09:50:22.0560 8804 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
          09:50:22.0570 8804 agp440 - ok
          09:50:22.0600 8804 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
          09:50:22.0690 8804 ALG - ok
          09:50:22.0720 8804 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
          09:50:22.0740 8804 aliide - ok
          09:50:22.0790 8804 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
          09:50:22.0820 8804 amdide - ok
          09:50:22.0850 8804 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
          09:50:22.0910 8804 AmdK8 - ok
          09:50:22.0960 8804 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
          09:50:23.0050 8804 AmdPPM - ok
          09:50:23.0080 8804 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
          09:50:23.0110 8804 amdsata - ok
          09:50:23.0140 8804 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
          09:50:23.0160 8804 amdsbs - ok
          09:50:23.0180 8804 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
          09:50:23.0190 8804 amdxata - ok
          09:50:23.0320 8804 [ 075DE33661971DE058854C526BDBBF0D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
          09:50:23.0340 8804 AntiVirSchedulerService - ok
          09:50:23.0490 8804 [ 826ADD8689FA33632CF98A0EAC89F156 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
          09:50:23.0500 8804 AntiVirService - ok
          09:50:23.0530 8804 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
          09:50:23.0760 8804 AppID - ok
          09:50:23.0790 8804 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
          09:50:23.0880 8804 AppIDSvc - ok
          09:50:23.0960 8804 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
          09:50:24.0030 8804 Appinfo - ok
          09:50:24.0140 8804 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
          09:50:24.0150 8804 Apple Mobile Device - ok
          09:50:24.0180 8804 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
          09:50:24.0200 8804 arc - ok
          09:50:24.0230 8804 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
          09:50:24.0250 8804 arcsas - ok
          09:50:24.0340 8804 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
          09:50:24.0370 8804 aspnet_state - ok
          09:50:24.0400 8804 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
          09:50:24.0470 8804 AsyncMac - ok
          09:50:24.0540 8804 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
          09:50:24.0560 8804 atapi - ok
          09:50:24.0650 8804 [ DE9FB3DADE8FD39AE2C587DF22D36B8E ] athr C:\Windows\system32\DRIVERS\athrx.sys
          09:50:24.0860 8804 athr - ok
          09:50:24.0930 8804 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
          09:50:25.0060 8804 AudioEndpointBuilder - ok
          09:50:25.0100 8804 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
          09:50:25.0150 8804 AudioSrv - ok
          09:50:25.0241 8804 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
          09:50:25.0291 8804 avgntflt - ok
          09:50:25.0351 8804 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
          09:50:25.0381 8804 avipbb - ok
          09:50:25.0441 8804 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
          09:50:25.0471 8804 avkmgr - ok
          09:50:25.0511 8804 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
          09:50:25.0651 8804 AxInstSV - ok
          09:50:25.0711 8804 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
          09:50:25.0801 8804 b06bdrv - ok
          09:50:25.0851 8804 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
          09:50:25.0901 8804 b57nd60a - ok
          09:50:25.0991 8804 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
          09:50:26.0071 8804 BDESVC - ok
          09:50:26.0111 8804 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
          09:50:26.0161 8804 Beep - ok
          09:50:26.0221 8804 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
          09:50:26.0351 8804 BFE - ok
          09:50:26.0431 8804 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
          09:50:26.0531 8804 BITS - ok
          09:50:26.0561 8804 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
          09:50:26.0601 8804 blbdrive - ok
          09:50:26.0681 8804 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
          09:50:26.0721 8804 Bonjour Service - ok
          09:50:26.0761 8804 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
          09:50:26.0851 8804 bowser - ok
          09:50:26.0911 8804 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
          09:50:26.0971 8804 BrFiltLo - ok
          09:50:27.0011 8804 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
          09:50:27.0031 8804 BrFiltUp - ok
          09:50:27.0071 8804 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
          09:50:27.0111 8804 Browser - ok
          09:50:27.0161 8804 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
          09:50:27.0241 8804 Brserid - ok
          09:50:27.0261 8804 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
          09:50:27.0301 8804 BrSerWdm - ok
          09:50:27.0341 8804 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
          09:50:27.0401 8804 BrUsbMdm - ok
          09:50:27.0441 8804 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
          09:50:27.0491 8804 BrUsbSer - ok
          09:50:27.0551 8804 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
          09:50:27.0601 8804 BTHMODEM - ok
          09:50:27.0671 8804 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
          09:50:27.0751 8804 bthserv - ok
          09:50:27.0781 8804 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
          09:50:27.0881 8804 cdfs - ok
          09:50:27.0921 8804 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
          09:50:27.0981 8804 cdrom - ok
          09:50:28.0041 8804 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
          09:50:28.0111 8804 CertPropSvc - ok
          09:50:28.0141 8804 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
          09:50:28.0181 8804 circlass - ok
          09:50:28.0231 8804 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
          09:50:28.0271 8804 CLFS - ok
          09:50:28.0321 8804 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
          09:50:28.0351 8804 clr_optimization_v2.0.50727_32 - ok
          09:50:28.0381 8804 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
          09:50:28.0391 8804 clr_optimization_v2.0.50727_64 - ok
          09:50:28.0471 8804 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
          09:50:28.0491 8804 clr_optimization_v4.0.30319_32 - ok
          09:50:28.0551 8804 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
          09:50:28.0581 8804 clr_optimization_v4.0.30319_64 - ok
          09:50:28.0601 8804 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
          09:50:28.0641 8804 CmBatt - ok
          09:50:28.0661 8804 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
          09:50:28.0681 8804 cmdide - ok
          09:50:28.0731 8804 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
          09:50:28.0771 8804 CNG - ok
          09:50:28.0811 8804 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
          09:50:28.0821 8804 Compbatt - ok
          09:50:28.0861 8804 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
          09:50:28.0911 8804 CompositeBus - ok
          09:50:28.0941 8804 COMSysApp - ok
          09:50:28.0961 8804 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
          09:50:28.0971 8804 crcdisk - ok
          09:50:29.0021 8804 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
          09:50:29.0121 8804 CryptSvc - ok
          09:50:29.0201 8804 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
          09:50:29.0342 8804 DcomLaunch - ok
          09:50:29.0372 8804 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
          09:50:29.0462 8804 defragsvc - ok
          09:50:29.0492 8804 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
          09:50:29.0552 8804 DfsC - ok
          09:50:29.0602 8804 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
          09:50:29.0712 8804 Dhcp - ok
          09:50:29.0742 8804 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
          09:50:29.0852 8804 discache - ok
          09:50:29.0902 8804 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
          09:50:29.0932 8804 Disk - ok
          09:50:29.0962 8804 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
          09:50:30.0052 8804 Dnscache - ok
          09:50:30.0062 8804 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
          09:50:30.0132 8804 dot3svc - ok
          09:50:30.0192 8804 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
          09:50:30.0232 8804 Dot4 - ok
          09:50:30.0282 8804 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
          09:50:30.0302 8804 Dot4Print - ok
          09:50:30.0312 8804 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
          09:50:30.0352 8804 dot4usb - ok
          09:50:30.0392 8804 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
          09:50:30.0492 8804 DPS - ok
          09:50:30.0522 8804 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
          09:50:30.0562 8804 drmkaud - ok
          09:50:30.0632 8804 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
          09:50:30.0662 8804 DsiWMIService - ok
          09:50:30.0712 8804 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
          09:50:30.0772 8804 DXGKrnl - ok
          09:50:30.0812 8804 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
          09:50:30.0892 8804 EapHost - ok
          09:50:31.0002 8804 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
          09:50:31.0152 8804 ebdrv - ok
          09:50:31.0202 8804 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
          09:50:31.0282 8804 EFS - ok
          09:50:31.0352 8804 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
          09:50:31.0452 8804 ehRecvr - ok
          09:50:31.0472 8804 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
          09:50:31.0512 8804 ehSched - ok
          09:50:31.0562 8804 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
          09:50:31.0592 8804 elxstor - ok
          09:50:31.0672 8804 [ 2AEE0416C54A1A86D035366DE192B2F0 ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
          09:50:31.0712 8804 ePowerSvc - ok
          09:50:31.0762 8804 [ 7C5BFAAC8DCE7292B0C04EBF892E71F9 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
          09:50:31.0832 8804 EPSON_EB_RPCV4_04 - ok
          09:50:31.0842 8804 [ D4615670CD49A1679E6067F155C47C68 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
          09:50:31.0902 8804 EPSON_PM_RPCV4_04 - ok
          09:50:31.0932 8804 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
          09:50:31.0982 8804 ErrDev - ok
          09:50:32.0032 8804 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
          09:50:32.0112 8804 EventSystem - ok
          09:50:32.0162 8804 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
          09:50:32.0212 8804 exfat - ok
          09:50:32.0232 8804 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
          09:50:32.0282 8804 fastfat - ok
          09:50:32.0322 8804 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
          09:50:32.0412 8804 Fax - ok
          09:50:32.0422 8804 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
          09:50:32.0452 8804 fdc - ok
          09:50:32.0472 8804 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
          09:50:32.0542 8804 fdPHost - ok
          09:50:32.0572 8804 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
          09:50:32.0662 8804 FDResPub - ok
          09:50:32.0702 8804 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
          09:50:32.0712 8804 FileInfo - ok
          09:50:32.0722 8804 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
          09:50:32.0792 8804 Filetrace - ok
          09:50:32.0822 8804 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
          09:50:32.0872 8804 flpydisk - ok
          09:50:32.0902 8804 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
          09:50:32.0942 8804 FltMgr - ok
          09:50:32.0992 8804 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
          09:50:33.0092 8804 FontCache - ok
          09:50:33.0132 8804 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
          09:50:33.0152 8804 FontCache3.0.0.0 - ok
          09:50:33.0182 8804 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
          09:50:33.0192 8804 FsDepends - ok
          09:50:33.0212 8804 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
          09:50:33.0232 8804 Fs_Rec - ok
          09:50:33.0273 8804 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
          09:50:33.0293 8804 fvevol - ok
          09:50:33.0323 8804 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
          09:50:33.0333 8804 gagp30kx - ok
          09:50:33.0403 8804 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
          09:50:33.0433 8804 GamesAppService - ok
          09:50:33.0493 8804 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
          09:50:33.0513 8804 GEARAspiWDM - ok
          09:50:33.0553 8804 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
          09:50:33.0633 8804 gpsvc - ok
          09:50:33.0663 8804 [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] GREGService C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
          09:50:33.0673 8804 GREGService - ok
          09:50:33.0743 8804 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
          09:50:33.0763 8804 gupdate - ok
          09:50:33.0783 8804 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
          09:50:33.0793 8804 gupdatem - ok
          09:50:33.0813 8804 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
          09:50:33.0833 8804 gusvc - ok
          09:50:33.0863 8804 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
          09:50:33.0923 8804 hcw85cir - ok
          09:50:33.0953 8804 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
          09:50:34.0003 8804 HdAudAddService - ok
          09:50:34.0053 8804 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
          09:50:34.0103 8804 HDAudBus - ok
          09:50:34.0153 8804 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
          09:50:34.0173 8804 HECIx64 - ok
          09:50:34.0223 8804 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
          09:50:34.0263 8804 HidBatt - ok
          09:50:34.0293 8804 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
          09:50:34.0353 8804 HidBth - ok
          09:50:34.0383 8804 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
          09:50:34.0423 8804 HidIr - ok
          09:50:34.0453 8804 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
          09:50:34.0523 8804 hidserv - ok
          09:50:34.0573 8804 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
          09:50:34.0603 8804 HidUsb - ok
          09:50:34.0633 8804 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
          09:50:34.0723 8804 hkmsvc - ok
          09:50:34.0743 8804 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
          09:50:34.0783 8804 HomeGroupListener - ok
          09:50:34.0813 8804 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
          09:50:34.0853 8804 HomeGroupProvider - ok
          09:50:34.0893 8804 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
          09:50:34.0913 8804 HpSAMD - ok
          09:50:35.0033 8804 [ 4F6C514B6149E380B8C1EDEAC3D7AEC5 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
          09:50:35.0083 8804 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
          09:50:35.0083 8804 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
          09:50:35.0153 8804 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
          09:50:35.0233 8804 HTCAND64 - ok
          09:50:35.0333 8804 [ 5C8BC8A28798FD010E7ABC4E0D588CAA ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
          09:50:35.0353 8804 HTCMonitorService - ok
          09:50:35.0373 8804 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
          09:50:35.0383 8804 htcnprot - ok
          09:50:35.0403 8804 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
          09:50:35.0503 8804 HTTP - ok
          09:50:35.0523 8804 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
          09:50:35.0543 8804 hwpolicy - ok
          09:50:35.0573 8804 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
          09:50:35.0593 8804 i8042prt - ok
          09:50:35.0643 8804 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys
          09:50:35.0663 8804 iaStor - ok
          09:50:35.0713 8804 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
          09:50:35.0733 8804 IAStorDataMgrSvc - ok
          09:50:35.0773 8804 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
          09:50:35.0803 8804 iaStorV - ok
          09:50:35.0853 8804 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
          09:50:35.0893 8804 idsvc - ok
          09:50:36.0133 8804 [ 31569A2E836C12014148BF7342716946 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
          09:50:36.0493 8804 igfx - ok
          09:50:36.0523 8804 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
          09:50:36.0543 8804 iirsp - ok
          09:50:36.0573 8804 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
          09:50:36.0673 8804 IKEEXT - ok
          09:50:36.0733 8804 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
          09:50:36.0803 8804 Impcd - ok
          09:50:36.0883 8804 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
          09:50:36.0983 8804 IntcAzAudAddService - ok
          09:50:37.0013 8804 [ 03C74719D48056A1078F3A51CEB76BAA ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
          09:50:37.0043 8804 IntcDAud - ok
          09:50:37.0053 8804 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
          09:50:37.0073 8804 intelide - ok
          09:50:37.0113 8804 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
          09:50:37.0153 8804 intelppm - ok
          09:50:37.0193 8804 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
          09:50:37.0273 8804 IPBusEnum - ok
          09:50:37.0293 8804 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
          09:50:37.0343 8804 IpFilterDriver - ok
          09:50:37.0373 8804 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
          09:50:37.0443 8804 iphlpsvc - ok
          09:50:37.0473 8804 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
          09:50:37.0513 8804 IPMIDRV - ok
          09:50:37.0543 8804 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
          09:50:37.0613 8804 IPNAT - ok
          09:50:37.0683 8804 [ 0FF335D687C85097725A53458160E81E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
          09:50:37.0713 8804 iPod Service - ok
          09:50:37.0753 8804 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
          09:50:37.0783 8804 IRENUM - ok
          09:50:37.0813 8804 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
          09:50:37.0823 8804 isapnp - ok
          09:50:37.0843 8804 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
          09:50:37.0863 8804 iScsiPrt - ok
          09:50:37.0903 8804 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
          09:50:37.0933 8804 k57nd60a - ok
          09:50:37.0953 8804 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
          09:50:37.0973 8804 kbdclass - ok
          09:50:37.0993 8804 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
          09:50:38.0013 8804 kbdhid - ok
          09:50:38.0023 8804 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
          09:50:38.0043 8804 KeyIso - ok
          09:50:38.0073 8804 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
          09:50:38.0093 8804 KSecDD - ok
          09:50:38.0113 8804 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
          09:50:38.0133 8804 KSecPkg - ok
          09:50:38.0153 8804 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
          09:50:38.0213 8804 ksthunk - ok
          09:50:38.0263 8804 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
          09:50:38.0353 8804 KtmRm - ok
          09:50:38.0403 8804 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
          09:50:38.0473 8804 LanmanServer - ok
          09:50:38.0513 8804 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
          09:50:38.0583 8804 LanmanWorkstation - ok
          09:50:38.0653 8804 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
          09:50:38.0683 8804 Live Updater Service - ok
          09:50:38.0713 8804 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
          09:50:38.0803 8804 lltdio - ok
          09:50:38.0843 8804 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
          09:50:38.0923 8804 lltdsvc - ok
          09:50:38.0943 8804 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
          09:50:38.0993 8804 lmhosts - ok
          09:50:39.0053 8804 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
          09:50:39.0093 8804 LMS - ok
          09:50:39.0133 8804 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
          09:50:39.0163 8804 LSI_FC - ok
          09:50:39.0183 8804 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
          09:50:39.0203 8804 LSI_SAS - ok
          09:50:39.0213 8804 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
          09:50:39.0223 8804 LSI_SAS2 - ok
          09:50:39.0244 8804 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
          09:50:39.0264 8804 LSI_SCSI - ok
          09:50:39.0284 8804 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
          09:50:39.0354 8804 luafv - ok
          09:50:39.0434 8804 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
          09:50:39.0454 8804 MBAMProtector - ok
          09:50:39.0544 8804 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
          09:50:39.0584 8804 MBAMScheduler - ok
          09:50:39.0614 8804 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
          09:50:39.0654 8804 MBAMService - ok
          09:50:39.0684 8804 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
          09:50:39.0734 8804 Mcx2Svc - ok
          09:50:39.0754 8804 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
          09:50:39.0774 8804 megasas - ok
          09:50:39.0814 8804 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
          09:50:39.0834 8804 MegaSR - ok
          09:50:39.0914 8804 Microsoft SharePoint Workspace Audit Service - ok
          09:50:39.0954 8804 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
          09:50:40.0054 8804 MMCSS - ok
          09:50:40.0084 8804 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
          09:50:40.0144 8804 Modem - ok
          09:50:40.0184 8804 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
          09:50:40.0244 8804 monitor - ok
          09:50:40.0274 8804 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
          09:50:40.0294 8804 mouclass - ok
          09:50:40.0324 8804 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
          09:50:40.0354 8804 mouhid - ok
          09:50:40.0394 8804 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
          09:50:40.0414 8804 mountmgr - ok
          09:50:40.0494 8804 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
          09:50:40.0524 8804 MozillaMaintenance - ok
          09:50:40.0554 8804 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
          09:50:40.0574 8804 mpio - ok
          09:50:40.0584 8804 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
          09:50:40.0634 8804 mpsdrv - ok
          09:50:40.0674 8804 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
          09:50:40.0764 8804 MpsSvc - ok
          09:50:40.0794 8804 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
          09:50:40.0854 8804 MRxDAV - ok
          09:50:40.0884 8804 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
          09:50:40.0954 8804 mrxsmb - ok
          09:50:40.0974 8804 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
          09:50:40.0994 8804 mrxsmb10 - ok
          09:50:41.0014 8804 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
          09:50:41.0034 8804 mrxsmb20 - ok
          09:50:41.0054 8804 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
          09:50:41.0064 8804 msahci - ok
          09:50:41.0084 8804 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
          09:50:41.0104 8804 msdsm - ok
          09:50:41.0124 8804 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
          09:50:41.0164 8804 MSDTC - ok
          09:50:41.0204 8804 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
          09:50:41.0284 8804 Msfs - ok
          09:50:41.0304 8804 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
          09:50:41.0384 8804 mshidkmdf - ok
          09:50:41.0414 8804 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
          09:50:41.0434 8804 msisadrv - ok
          09:50:41.0464 8804 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
          09:50:41.0534 8804 MSiSCSI - ok
          09:50:41.0534 8804 msiserver - ok
          09:50:41.0574 8804 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
          09:50:41.0614 8804 MSKSSRV - ok
          09:50:41.0634 8804 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
          09:50:41.0704 8804 MSPCLOCK - ok
          09:50:41.0724 8804 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
          09:50:41.0814 8804 MSPQM - ok
          09:50:41.0844 8804 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
          09:50:41.0874 8804 MsRPC - ok
          09:50:41.0884 8804 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
          09:50:41.0904 8804 mssmbios - ok
          09:50:41.0914 8804 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
          09:50:42.0004 8804 MSTEE - ok
          09:50:42.0024 8804 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
          09:50:42.0074 8804 MTConfig - ok
          09:50:42.0094 8804 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
          09:50:42.0124 8804 Mup - ok
          09:50:42.0174 8804 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
          09:50:42.0244 8804 napagent - ok
          09:50:42.0314 8804 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
          09:50:42.0374 8804 NativeWifiP - ok
          09:50:42.0424 8804 [ 7B2D90BBBBED11C8DFBA441D34AE901E ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys
          09:50:42.0444 8804 NBVol - ok
          09:50:42.0454 8804 [ 4FE7B5757279D82C4D171E9F7FD52A75 ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys
          09:50:42.0464 8804 NBVolUp - ok
          09:50:42.0534 8804 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
          09:50:42.0604 8804 NDIS - ok
          09:50:42.0634 8804 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
          09:50:42.0694 8804 NdisCap - ok
          09:50:42.0744 8804 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
          09:50:42.0814 8804 NdisTapi - ok
          09:50:42.0834 8804 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
          09:50:42.0884 8804 Ndisuio - ok
          09:50:42.0894 8804 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
          09:50:42.0964 8804 NdisWan - ok
          09:50:42.0994 8804 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
          09:50:43.0034 8804 NDProxy - ok
          09:50:43.0104 8804 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
          09:50:43.0144 8804 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
          09:50:43.0144 8804 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
          09:50:43.0204 8804 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
          09:50:43.0265 8804 Netaapl - ok
          09:50:43.0295 8804 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
          09:50:43.0395 8804 NetBIOS - ok
          09:50:43.0415 8804 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
          09:50:43.0465 8804 NetBT - ok
          09:50:43.0495 8804 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
          09:50:43.0505 8804 Netlogon - ok
          09:50:43.0545 8804 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
          09:50:43.0625 8804 Netman - ok
          09:50:43.0675 8804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
          09:50:43.0685 8804 NetMsmqActivator - ok
          09:50:43.0695 8804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
          09:50:43.0705 8804 NetPipeActivator - ok
          09:50:43.0755 8804 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
          • Citaat

          Comment

          • #6
            09:50:43.0865 8804 netprofm - ok
            09:50:43.0875 8804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
            09:50:43.0885 8804 NetTcpActivator - ok
            09:50:43.0885 8804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
            09:50:43.0895 8804 NetTcpPortSharing - ok
            09:50:43.0925 8804 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
            09:50:43.0945 8804 nfrd960 - ok
            09:50:43.0995 8804 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
            09:50:44.0045 8804 NlaSvc - ok
            09:50:44.0085 8804 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
            09:50:44.0135 8804 Npfs - ok
            09:50:44.0165 8804 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
            09:50:44.0215 8804 nsi - ok
            09:50:44.0235 8804 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
            09:50:44.0285 8804 nsiproxy - ok
            09:50:44.0365 8804 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
            09:50:44.0465 8804 Ntfs - ok
            09:50:44.0515 8804 [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
            09:50:44.0545 8804 NTI IScheduleSvc - ok
            09:50:44.0585 8804 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
            09:50:44.0595 8804 NTIDrvr - ok
            09:50:44.0625 8804 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
            09:50:44.0665 8804 Null - ok
            09:50:44.0695 8804 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
            09:50:44.0715 8804 nvraid - ok
            09:50:44.0725 8804 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
            09:50:44.0745 8804 nvstor - ok
            09:50:44.0755 8804 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
            09:50:44.0775 8804 nv_agp - ok
            09:50:44.0785 8804 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
            09:50:44.0815 8804 ohci1394 - ok
            09:50:44.0915 8804 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
            09:50:44.0945 8804 ose - ok
            09:50:45.0105 8804 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
            09:50:45.0215 8804 osppsvc - ok
            09:50:45.0245 8804 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
            09:50:45.0315 8804 p2pimsvc - ok
            09:50:45.0345 8804 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
            09:50:45.0405 8804 p2psvc - ok
            09:50:45.0441 8804 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
            09:50:45.0447 8804 Parport - ok
            09:50:45.0477 8804 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
            09:50:45.0497 8804 partmgr - ok
            09:50:45.0537 8804 [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
            09:50:45.0567 8804 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
            09:50:45.0567 8804 PassThru Service - detected UnsignedFile.Multi.Generic (1)
            09:50:45.0607 8804 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
            09:50:45.0657 8804 PcaSvc - ok
            09:50:45.0697 8804 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
            09:50:45.0717 8804 pci - ok
            09:50:45.0737 8804 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
            09:50:45.0757 8804 pciide - ok
            09:50:45.0777 8804 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
            09:50:45.0797 8804 pcmcia - ok
            09:50:45.0817 8804 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
            09:50:45.0827 8804 pcw - ok
            09:50:45.0857 8804 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
            09:50:45.0947 8804 PEAUTH - ok
            09:50:46.0017 8804 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
            09:50:46.0067 8804 PerfHost - ok
            09:50:46.0157 8804 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
            09:50:46.0257 8804 pla - ok
            09:50:46.0297 8804 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
            09:50:46.0357 8804 PlugPlay - ok
            09:50:46.0417 8804 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
            09:50:46.0457 8804 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
            09:50:46.0457 8804 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
            09:50:46.0487 8804 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
            09:50:46.0507 8804 PNRPAutoReg - ok
            09:50:46.0537 8804 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
            09:50:46.0547 8804 PNRPsvc - ok
            09:50:46.0587 8804 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
            09:50:46.0657 8804 PolicyAgent - ok
            09:50:46.0687 8804 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
            09:50:46.0777 8804 Power - ok
            09:50:46.0837 8804 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
            09:50:46.0927 8804 PptpMiniport - ok
            09:50:46.0947 8804 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
            09:50:46.0987 8804 Processor - ok
            09:50:47.0027 8804 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
            09:50:47.0097 8804 ProfSvc - ok
            09:50:47.0107 8804 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
            09:50:47.0127 8804 ProtectedStorage - ok
            09:50:47.0167 8804 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
            09:50:47.0257 8804 Psched - ok
            09:50:47.0287 8804 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
            09:50:47.0317 8804 PxHlpa64 - ok
            09:50:47.0377 8804 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
            09:50:47.0457 8804 ql2300 - ok
            09:50:47.0457 8804 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
            09:50:47.0477 8804 ql40xx - ok
            09:50:47.0507 8804 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
            09:50:47.0537 8804 QWAVE - ok
            09:50:47.0557 8804 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
            09:50:47.0597 8804 QWAVEdrv - ok
            09:50:47.0607 8804 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
            09:50:47.0667 8804 RasAcd - ok
            09:50:47.0727 8804 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
            09:50:47.0817 8804 RasAgileVpn - ok
            09:50:47.0857 8804 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
            09:50:47.0927 8804 RasAuto - ok
            09:50:47.0947 8804 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
            09:50:48.0007 8804 Rasl2tp - ok
            09:50:48.0037 8804 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
            09:50:48.0107 8804 RasMan - ok
            09:50:48.0127 8804 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
            09:50:48.0197 8804 RasPppoe - ok
            09:50:48.0237 8804 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
            09:50:48.0307 8804 RasSstp - ok
            09:50:48.0337 8804 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
            09:50:48.0387 8804 rdbss - ok
            09:50:48.0407 8804 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
            09:50:48.0447 8804 rdpbus - ok
            09:50:48.0477 8804 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
            09:50:48.0557 8804 RDPCDD - ok
            09:50:48.0577 8804 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
            09:50:48.0647 8804 RDPENCDD - ok
            09:50:48.0687 8804 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
            09:50:48.0727 8804 RDPREFMP - ok
            09:50:48.0757 8804 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
            09:50:48.0827 8804 RDPWD - ok
            09:50:48.0867 8804 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
            09:50:48.0907 8804 rdyboost - ok
            09:50:48.0937 8804 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
            09:50:49.0007 8804 RemoteAccess - ok
            09:50:49.0037 8804 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
            09:50:49.0087 8804 RemoteRegistry - ok
            09:50:49.0117 8804 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
            09:50:49.0177 8804 RpcEptMapper - ok
            09:50:49.0207 8804 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
            09:50:49.0257 8804 RpcLocator - ok
            09:50:49.0287 8804 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
            09:50:49.0347 8804 RpcSs - ok
            09:50:49.0377 8804 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
            09:50:49.0437 8804 rspndr - ok
            09:50:49.0487 8804 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
            09:50:49.0567 8804 RSUSBSTOR - ok
            09:50:49.0587 8804 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
            09:50:49.0597 8804 SamSs - ok
            09:50:49.0667 8804 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
            09:50:49.0687 8804 SASDIFSV - ok
            09:50:49.0697 8804 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
            09:50:49.0707 8804 SASKUTIL - ok
            09:50:49.0747 8804 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
            09:50:49.0767 8804 sbp2port - ok
            09:50:49.0797 8804 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
            09:50:49.0847 8804 SCardSvr - ok
            09:50:49.0867 8804 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
            09:50:49.0907 8804 scfilter - ok
            09:50:49.0947 8804 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
            09:50:50.0057 8804 Schedule - ok
            09:50:50.0087 8804 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
            09:50:50.0137 8804 SCPolicySvc - ok
            09:50:50.0137 8804 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
            09:50:50.0207 8804 SDRSVC - ok
            09:50:50.0298 8804 [ 95AA9E165C7DE1B64A11E8B18E91E499 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
            09:50:50.0348 8804 SDScannerService - ok
            09:50:50.0408 8804 [ D31398D4BB4907B517B6E784C2100C4A ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
            09:50:50.0478 8804 SDUpdateService - ok
            09:50:50.0498 8804 [ 6AE8E702D1027A9627DDE2B77BB9992B ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
            09:50:50.0518 8804 SDWSCService - ok
            09:50:50.0538 8804 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
            09:50:50.0638 8804 secdrv - ok
            09:50:50.0668 8804 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
            09:50:50.0718 8804 seclogon - ok
            09:50:50.0718 8804 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
            09:50:50.0798 8804 SENS - ok
            09:50:50.0818 8804 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
            09:50:50.0898 8804 SensrSvc - ok
            09:50:50.0918 8804 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
            09:50:50.0958 8804 Serenum - ok
            09:50:50.0988 8804 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
            09:50:51.0028 8804 Serial - ok
            09:50:51.0048 8804 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
            09:50:51.0068 8804 sermouse - ok
            09:50:51.0098 8804 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
            09:50:51.0168 8804 SessionEnv - ok
            09:50:51.0198 8804 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
            09:50:51.0228 8804 sffdisk - ok
            09:50:51.0258 8804 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
            09:50:51.0298 8804 sffp_mmc - ok
            09:50:51.0298 8804 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
            09:50:51.0318 8804 sffp_sd - ok
            09:50:51.0348 8804 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
            09:50:51.0398 8804 sfloppy - ok
            09:50:51.0438 8804 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
            09:50:51.0518 8804 SharedAccess - ok
            09:50:51.0568 8804 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
            09:50:51.0648 8804 ShellHWDetection - ok
            09:50:51.0678 8804 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
            09:50:51.0698 8804 SiSRaid2 - ok
            09:50:51.0718 8804 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
            09:50:51.0738 8804 SiSRaid4 - ok
            09:50:51.0798 8804 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
            09:50:51.0818 8804 SkypeUpdate - ok
            09:50:51.0848 8804 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
            09:50:51.0928 8804 Smb - ok
            09:50:51.0968 8804 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
            09:50:51.0988 8804 SNMPTRAP - ok
            09:50:52.0018 8804 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
            09:50:52.0028 8804 spldr - ok
            09:50:52.0068 8804 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
            09:50:52.0108 8804 Spooler - ok
            09:50:52.0208 8804 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
            09:50:52.0388 8804 sppsvc - ok
            09:50:52.0418 8804 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
            09:50:52.0458 8804 sppuinotify - ok
            09:50:52.0478 8804 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
            09:50:52.0558 8804 srv - ok
            09:50:52.0588 8804 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
            09:50:52.0648 8804 srv2 - ok
            09:50:52.0688 8804 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
            09:50:52.0708 8804 srvnet - ok
            09:50:52.0738 8804 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
            09:50:52.0788 8804 SSDPSRV - ok
            09:50:52.0798 8804 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
            09:50:52.0868 8804 SstpSvc - ok
            09:50:52.0898 8804 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
            09:50:52.0908 8804 stexstor - ok
            09:50:52.0958 8804 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
            09:50:53.0008 8804 stisvc - ok
            09:50:53.0028 8804 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
            09:50:53.0038 8804 swenum - ok
            09:50:53.0068 8804 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
            09:50:53.0138 8804 swprv - ok
            09:50:53.0188 8804 [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
            09:50:53.0198 8804 SynTP - ok
            09:50:53.0248 8804 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
            09:50:53.0348 8804 SysMain - ok
            09:50:53.0378 8804 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
            09:50:53.0418 8804 TabletInputService - ok
            09:50:53.0428 8804 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
            09:50:53.0488 8804 TapiSrv - ok
            09:50:53.0508 8804 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
            09:50:53.0548 8804 TBS - ok
            09:50:53.0628 8804 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
            09:50:53.0708 8804 Tcpip - ok
            09:50:53.0778 8804 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
            09:50:53.0838 8804 TCPIP6 - ok
            09:50:53.0888 8804 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
            09:50:53.0898 8804 tcpipreg - ok
            09:50:53.0938 8804 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
            09:50:53.0998 8804 TDPIPE - ok
            09:50:54.0028 8804 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
            09:50:54.0038 8804 TDTCP - ok
            09:50:54.0068 8804 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
            09:50:54.0138 8804 tdx - ok
            09:50:54.0358 8804 [ 879F46329B7DC4D109345AA96F1AB47F ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
            09:50:54.0448 8804 TeamViewer8 - ok
            09:50:54.0478 8804 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
            09:50:54.0498 8804 TermDD - ok
            09:50:54.0528 8804 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
            09:50:54.0618 8804 TermService - ok
            09:50:54.0648 8804 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
            09:50:54.0668 8804 Themes - ok
            09:50:54.0698 8804 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
            09:50:54.0738 8804 THREADORDER - ok
            09:50:54.0768 8804 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
            09:50:54.0828 8804 TrkWks - ok
            09:50:54.0888 8804 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
            09:50:54.0958 8804 TrustedInstaller - ok
            09:50:54.0968 8804 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
            09:50:55.0058 8804 tssecsrv - ok
            09:50:55.0088 8804 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
            09:50:55.0158 8804 TsUsbFlt - ok
            09:50:55.0188 8804 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
            09:50:55.0198 8804 TsUsbGD - ok
            09:50:55.0218 8804 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
            09:50:55.0288 8804 tunnel - ok
            09:50:55.0308 8804 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
            09:50:55.0328 8804 uagp35 - ok
            09:50:55.0358 8804 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
            09:50:55.0368 8804 UBHelper - ok
            09:50:55.0388 8804 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
            09:50:55.0458 8804 udfs - ok
            09:50:55.0498 8804 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
            09:50:55.0538 8804 UI0Detect - ok
            09:50:55.0548 8804 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
            09:50:55.0568 8804 uliagpkx - ok
            09:50:55.0588 8804 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
            09:50:55.0618 8804 umbus - ok
            09:50:55.0638 8804 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
            09:50:55.0668 8804 UmPass - ok
            09:50:55.0798 8804 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
            09:50:55.0918 8804 UNS - ok
            09:50:55.0948 8804 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
            09:50:56.0038 8804 upnphost - ok
            09:50:56.0078 8804 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
            09:50:56.0098 8804 USBAAPL64 - ok
            09:50:56.0128 8804 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
            09:50:56.0148 8804 usbccgp - ok
            09:50:56.0178 8804 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
            09:50:56.0198 8804 usbcir - ok
            09:50:56.0218 8804 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
            09:50:56.0248 8804 usbehci - ok
            09:50:56.0288 8804 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
            09:50:56.0308 8804 usbhub - ok
            09:50:56.0328 8804 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
            09:50:56.0368 8804 usbohci - ok
            09:50:56.0408 8804 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
            09:50:56.0468 8804 usbprint - ok
            09:50:56.0498 8804 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
            09:50:56.0558 8804 usbscan - ok
            09:50:56.0578 8804 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
            09:50:56.0638 8804 USBSTOR - ok
            09:50:56.0648 8804 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
            09:50:56.0698 8804 usbuhci - ok
            09:50:56.0728 8804 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
            09:50:56.0748 8804 usbvideo - ok
            09:50:56.0798 8804 [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
            09:50:56.0868 8804 usb_rndisx - ok
            09:50:56.0898 8804 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
            09:50:56.0968 8804 UxSms - ok
            09:50:56.0998 8804 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
            09:50:57.0018 8804 VaultSvc - ok
            09:50:57.0038 8804 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
            09:50:57.0058 8804 vdrvroot - ok
            09:50:57.0078 8804 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
            09:50:57.0168 8804 vds - ok
            09:50:57.0228 8804 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
            09:50:57.0248 8804 vga - ok
            09:50:57.0258 8804 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
            09:50:57.0298 8804 VgaSave - ok
            09:50:57.0328 8804 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
            09:50:57.0348 8804 vhdmp - ok
            09:50:57.0348 8804 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
            09:50:57.0358 8804 viaide - ok
            09:50:57.0378 8804 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
            09:50:57.0398 8804 volmgr - ok
            09:50:57.0408 8804 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
            09:50:57.0438 8804 volmgrx - ok
            09:50:57.0448 8804 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
            09:50:57.0488 8804 volsnap - ok
            09:50:57.0518 8804 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
            09:50:57.0528 8804 vsmraid - ok
            09:50:57.0598 8804 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
            09:50:57.0758 8804 VSS - ok
            09:50:57.0778 8804 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
            09:50:57.0838 8804 vwifibus - ok
            09:50:57.0868 8804 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
            09:50:57.0908 8804 vwififlt - ok
            09:50:57.0958 8804 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
            09:50:58.0018 8804 W32Time - ok
            09:50:58.0048 8804 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
            09:50:58.0088 8804 WacomPen - ok
            09:50:58.0138 8804 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
            09:50:58.0208 8804 WANARP - ok
            09:50:58.0208 8804 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
            09:50:58.0248 8804 Wanarpv6 - ok
            09:50:58.0338 8804 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
            09:50:58.0428 8804 WatAdminSvc - ok
            09:50:58.0478 8804 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
            09:50:58.0578 8804 wbengine - ok
            09:50:58.0588 8804 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
            09:50:58.0628 8804 WbioSrvc - ok
            09:50:58.0638 8804 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
            09:50:58.0668 8804 wcncsvc - ok
            09:50:58.0698 8804 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
            09:50:58.0718 8804 WcsPlugInService - ok
            09:50:58.0748 8804 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
            09:50:58.0758 8804 Wd - ok
            09:50:58.0788 8804 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
            09:50:58.0838 8804 Wdf01000 - ok
            09:50:58.0848 8804 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
            09:50:58.0988 8804 WdiServiceHost - ok
            09:50:58.0988 8804 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
            09:50:59.0008 8804 WdiSystemHost - ok
            09:50:59.0028 8804 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
            09:50:59.0068 8804 WebClient - ok
            09:50:59.0098 8804 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
            09:50:59.0148 8804 Wecsvc - ok
            09:50:59.0168 8804 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
            09:50:59.0218 8804 wercplsupport - ok
            09:50:59.0228 8804 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
            09:50:59.0268 8804 WerSvc - ok
            09:50:59.0298 8804 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
            09:50:59.0338 8804 WfpLwf - ok
            09:50:59.0358 8804 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
            09:50:59.0368 8804 WIMMount - ok
            09:50:59.0408 8804 WinDefend - ok
            09:50:59.0428 8804 WinHttpAutoProxySvc - ok
            09:50:59.0478 8804 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
            09:50:59.0538 8804 Winmgmt - ok
            09:50:59.0608 8804 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
            09:50:59.0716 8804 WinRM - ok
            09:50:59.0760 8804 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
            09:50:59.0780 8804 WinUsb - ok
            09:50:59.0810 8804 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
            09:50:59.0880 8804 Wlansvc - ok
            09:50:59.0950 8804 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
            09:50:59.0970 8804 wlcrasvc - ok
            09:51:00.0040 8804 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
            09:51:00.0150 8804 wlidsvc - ok
            09:51:00.0180 8804 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
            09:51:00.0220 8804 WmiAcpi - ok
            09:51:00.0260 8804 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
            09:51:00.0300 8804 wmiApSrv - ok
            09:51:00.0350 8804 WMPNetworkSvc - ok
            09:51:00.0380 8804 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
            09:51:00.0420 8804 WPCSvc - ok
            09:51:00.0440 8804 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
            09:51:00.0490 8804 WPDBusEnum - ok
            09:51:00.0520 8804 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
            09:51:00.0570 8804 ws2ifsl - ok
            09:51:00.0590 8804 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
            09:51:00.0640 8804 wscsvc - ok
            09:51:00.0640 8804 WSearch - ok
            09:51:00.0730 8804 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
            09:51:00.0840 8804 wuauserv - ok
            09:51:00.0880 8804 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
            09:51:00.0950 8804 WudfPf - ok
            09:51:00.0990 8804 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
            09:51:01.0010 8804 WUDFRd - ok
            09:51:01.0020 8804 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
            09:51:01.0060 8804 wudfsvc - ok
            09:51:01.0110 8804 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
            09:51:01.0140 8804 WwanSvc - ok
            09:51:01.0160 8804 ================ Scan global ===============================
            09:51:01.0200 8804 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
            09:51:01.0240 8804 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
            09:51:01.0250 8804 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
            09:51:01.0280 8804 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
            09:51:01.0311 8804 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
            09:51:01.0311 8804 [Global] - ok
            09:51:01.0311 8804 ================ Scan MBR ==================================
            09:51:01.0331 8804 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
            09:51:01.0812 8804 \Device\Harddisk0\DR0 - ok
            09:51:01.0812 8804 ================ Scan VBR ==================================
            09:51:01.0812 8804 [ AFAF9DFC0FD0A52FBBEDDAE17561378A ] \Device\Harddisk0\DR0\Partition1
            09:51:01.0812 8804 \Device\Harddisk0\DR0\Partition1 - ok
            09:51:01.0832 8804 [ E76CB8FD4F714BE1871CEC40D77D1C72 ] \Device\Harddisk0\DR0\Partition2
            09:51:01.0832 8804 \Device\Harddisk0\DR0\Partition2 - ok
            09:51:01.0832 8804 ============================================================
            09:51:01.0832 8804 Scan finished
            09:51:01.0832 8804 ============================================================
            09:51:01.0842 8068 Detected object count: 4
            09:51:01.0842 8068 Actual detected object count: 4
            09:53:13.0097 8068 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
            09:53:13.0097 8068 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
            09:53:13.0097 8068 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
            09:53:13.0097 8068 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
            09:53:13.0097 8068 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
            09:53:13.0097 8068 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
            09:53:13.0107 8068 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
            09:53:13.0107 8068 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
            • Citaat

            Comment

            • #7
              Prima, logje ziet er goed uit.

              Download combofix.exe van deze site: http://www.bleepingcomputer.com/comb...uikt-te-worden .
              ComboFix zal wanneer de Recovery Console niet geïnstalleerd is, voorstellen om deze te downloaden en te installeren. Sta dit toe.
              Wanneer de Recovery Console geïnstalleerd is, laat je ComboFix de computer scannen.
              Wanneer ComboFix start, kan het zijn dat je een Error melding krijgt dat de "contents of the ComboFix package has been compromised".
              Ga niet verder met de instructies, maar download ComboFix opnieuw. Deze melding kan verschijnen wanneer een file-infector (Virut) actief is op de computer.
              Krijg je deze melding dan meld je dit.
              Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
              Post de inhoud van dit bestandje.
              • Citaat

              Comment

              • #8
                ComboFix 13-06-13.01 - Dennis 14-06-2013 10:48:34.1.2 - x64
                Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3767.1445 [GMT 2:00]
                Gestart vanuit: c:\users\Dennis\Desktop\ComboFix.exe
                AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
                SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
                SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
                SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                .
                .
                (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                .
                .
                c:\windows\wininit.ini
                .
                .
                (((((((((((((((((((( Bestanden Gemaakt van 2013-05-14 to 2013-06-14 ))))))))))))))))))))))))))))))
                .
                .
                2013-06-14 09:00 . 2013-06-14 09:00 -------- d-----w- c:\users\Default\AppData\Local\temp
                2013-06-14 08:53 . 2013-06-14 08:53 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2EA3D7E-E7C9-4642-985C-A64C2A8F402A}\offreg.dll
                2013-06-14 07:24 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2EA3D7E-E7C9-4642-985C-A64C2A8F402A}\mpengine.dll
                2013-06-12 07:40 . 2013-06-12 07:40 388096 ----a-r- c:\users\Dennis\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
                2013-06-12 07:40 . 2013-06-12 07:40 -------- d-----w- c:\program files (x86)\Trend Micro
                2013-06-09 12:21 . 2013-06-09 12:19 186744 ----a-w- c:\program files (x86)\39res.dll
                2013-06-09 12:21 . 2013-06-09 12:19 708168 ----a-w- c:\program files (x86)\39Uninstall MapsGalaxy.dll
                2013-06-07 12:21 . 2013-06-07 12:21 -------- d-----w- c:\program files\iPod
                2013-06-07 12:21 . 2013-06-07 12:22 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
                2013-06-07 12:21 . 2013-06-07 12:22 -------- d-----w- c:\program files\iTunes
                2013-06-07 12:21 . 2013-06-07 12:22 -------- d-----w- c:\program files (x86)\iTunes
                2013-06-07 12:11 . 2013-06-07 12:11 -------- d-----w- c:\users\Dennis\AppData\Roaming\HTC
                2013-06-07 12:11 . 2013-06-07 12:11 -------- d-----w- c:\users\Dennis\AppData\Roaming\HTC Sync
                2013-06-07 12:11 . 2013-06-07 12:11 -------- d-----w- c:\programdata\HTC
                2013-06-07 12:10 . 2013-06-09 12:26 -------- d-----w- c:\users\Dennis\AppData\Local\HTC MediaHub
                2013-06-07 12:10 . 2013-06-07 12:10 -------- d-----w- c:\programdata\Motorola
                2013-06-07 12:08 . 2013-06-07 12:09 -------- d-----w- c:\program files (x86)\HTC
                2013-06-07 12:08 . 2013-06-07 12:08 -------- d-----w- c:\program files (x86)\Spirent Communications
                2013-06-07 12:07 . 2013-06-07 12:07 -------- d-----w- c:\users\Dennis\AppData\Local\Downloaded Installations
                2013-06-05 11:21 . 2013-06-05 11:21 -------- d-----w- c:\users\Dennis\AppData\Roaming\Serif
                2013-06-05 11:19 . 2013-06-05 11:19 -------- d-----w- c:\program files (x86)\Serif
                2013-05-29 18:38 . 2013-05-29 18:38 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
                2013-05-29 18:14 . 2013-05-29 18:14 -------- d-----w- c:\users\Dennis\AppData\Roaming\SUPERAntiSpyware.com
                2013-05-29 18:13 . 2013-05-29 18:14 -------- d-----w- c:\program files\SUPERAntiSpyware
                2013-05-29 18:13 . 2013-05-29 18:13 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
                2013-05-29 17:18 . 2013-06-05 07:23 -------- d-----w- c:\programdata\Spybot - Search & Destroy
                2013-05-29 17:17 . 2009-01-25 11:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe
                2013-05-29 17:17 . 2013-05-29 17:18 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
                2013-05-29 16:51 . 2013-06-13 14:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
                2013-05-29 16:51 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
                2013-05-26 08:03 . 2013-05-26 08:03 -------- d-----w- c:\programdata\boost_interprocess
                2013-05-21 07:35 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
                2013-05-21 07:35 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
                2013-05-21 07:35 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
                2013-05-21 07:33 . 2013-04-05 01:03 887808 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
                2013-05-21 07:33 . 2013-04-04 22:05 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
                2013-05-21 07:33 . 2013-04-05 01:19 10926080 ----a-w- c:\windows\system32\ieframe.dll
                2013-05-15 12:24 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
                2013-05-15 12:24 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
                2013-05-15 12:24 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
                2013-05-15 12:24 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
                2013-05-15 12:24 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
                2013-05-15 12:24 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
                2013-05-15 12:23 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
                2013-05-15 12:23 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
                2013-05-15 12:23 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
                2013-05-15 12:23 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
                2013-05-15 12:23 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
                2013-05-15 12:23 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
                .
                .
                .
                ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                .
                2013-06-13 07:14 . 2012-08-11 08:45 75825640 ----a-w- c:\windows\system32\MRT.exe
                2013-06-12 18:04 . 2012-07-21 09:35 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                2013-06-12 18:04 . 2011-10-28 13:58 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                2013-05-13 12:59 . 2013-05-13 12:59 83160 ----a-w- c:\windows\system32\drivers\avnetflt.sys
                2013-05-10 10:55 . 2011-03-29 01:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
                2013-05-07 21:27 . 2013-05-07 21:32 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
                2013-05-07 21:27 . 2013-05-07 21:32 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
                2013-05-07 21:27 . 2013-05-07 21:32 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
                2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
                2013-04-17 18:44 . 2013-04-17 18:44 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
                2013-04-17 18:44 . 2013-02-25 12:13 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
                2013-04-17 18:44 . 2013-02-25 12:13 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
                2013-04-13 05:49 . 2013-05-15 12:24 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
                2013-04-13 05:49 . 2013-05-15 12:24 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
                2013-04-13 05:49 . 2013-05-15 12:24 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
                2013-04-13 05:49 . 2013-05-15 12:24 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
                2013-04-13 04:45 . 2013-05-15 12:24 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
                2013-04-13 04:45 . 2013-05-15 12:24 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
                2013-04-12 14:45 . 2013-04-24 06:47 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
                2013-03-19 06:04 . 2013-04-10 07:03 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
                2013-03-19 05:46 . 2013-04-10 07:03 43520 ----a-w- c:\windows\system32\csrsrv.dll
                2013-03-19 05:04 . 2013-04-10 07:03 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
                2013-03-19 05:04 . 2013-04-10 07:03 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
                2013-03-19 04:47 . 2013-04-10 07:03 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
                2013-03-19 03:06 . 2013-04-10 07:03 112640 ----a-w- c:\windows\system32\smss.exe
                .
                .
                ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                .
                .
                *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                REGEDIT4
                .
                [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt1]
                @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                2013-05-25 00:36 130736 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                .
                [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt2]
                @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                2013-05-25 00:36 130736 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                .
                [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt3]
                @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                2013-05-25 00:36 130736 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                .
                [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-07-19 39408]
                "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
                "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-05-15 5622512]
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936]
                "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736]
                "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
                "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
                "NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-09-20 1493288]
                "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
                "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
                "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
                "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-13 345312]
                "SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-05-16 3830224]
                "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
                "Malwarebytes Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2013-04-04 532040]
                .
                c:\users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                Dropbox.lnk - c:\users\Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                "ConsentPromptBehaviorAdmin"= 5 (0x5)
                "ConsentPromptBehaviorUser"= 3 (0x3)
                "EnableUIADesktopToggle"= 0 (0x0)
                "EnableLinkedConnections"= 1 (0x1)
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
                "Userinit"="userinit.exe"
                .
                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
                BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
                .
                [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
                @=""
                .
                3;3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.s ys [x]
                R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
                R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
                R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
                R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
                R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
                R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
                R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
                R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
                R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
                R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
                R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
                S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
                S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
                S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
                S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
                S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
                S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
                S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
                S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
                S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
                S2 AntiVirSchedulerService;Avira Planner;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
                S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
                S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
                S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [x]
                S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [x]
                S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
                S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
                S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
                S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
                S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [x]
                S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
                S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
                S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
                S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
                S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
                S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
                S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
                S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
                S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
                S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
                .
                .
                --- Andere Services/Drivers In Geheugen ---
                .
                *NewlyCreated* - 47985109
                *NewlyCreated* - MBAMPROTECTOR
                *NewlyCreated* - PWRIRPOG
                *Deregistered* - 47985109
                *Deregistered* - pwrirpog
                .
                [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                2013-06-07 07:38 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
                .
                Inhoud van de 'Gedeelde Taken' map
                .
                2013-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
                - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-21 18:04]
                .
                2013-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19 14:31]
                .
                2013-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19 14:31]
                .
                .
                --------- X64 Entries -----------
                .
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
                @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                2013-05-25 00:36 164016 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
                @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                2013-05-25 00:36 164016 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
                @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                2013-05-25 00:36 164016 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt4]
                @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
                [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
                2013-05-25 00:36 164016 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveBlacklistedOverlay]
                @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
                [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
                2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSharedOverlay]
                @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
                [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
                2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSyncedOverlay]
                @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
                [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
                2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                .
                [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSyncingOverlay]
                @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
                [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
                2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]
                "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]
                "Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]
                "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
                "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
                "Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2011-01-05 860040]
                .
                ------- Bijkomende Scan -------
                .
                uStart Page = hxxp://www.google.com/
                uLocal Page = c:\windows\system32\blank.htm
                mDefault_Page_URL = hxxp://packardbell.msn.com
                mStart Page = hxxp://packardbell.msn.com
                mLocal Page = c:\windows\SysWOW64\blank.htm
                uInternet Settings,ProxyOverride = *.local
                IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
                IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
                TCP: DhcpNameServer = 10.0.0.1
                FF - ProfilePath - c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\n8g5qral.default\
                FF - ExtSQL: 2013-05-07 19:52; [email protected]; c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\n8g5qral.default\extensions\[email protected] g.xpi
                FF - ExtSQL: 2013-06-03 13:42; {6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}; c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\n8g5qral.default\extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi
                .
                - - - - ORPHANS VERWIJDERD - - - -
                .
                URLSearchHooks-{2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file)
                Toolbar-Locked - (no file)
                Notify-SDWinLogon - SDWinLogon.dll
                Toolbar-Locked - (no file)
                HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
                .
                .
                .
                --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                @Denied: (A 2) (Everyone)
                @="FlashBroker"
                "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe ,-101"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                "Enabled"=dword:00000001
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                @Denied: (A 2) (Everyone)
                @="IFlashBroker5"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                @="{00020424-0000-0000-C000-000000000046}"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                "Version"="1.0"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                @Denied: (A 2) (Everyone)
                @="FlashBroker"
                "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe ,-101"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                "Enabled"=dword:00000001
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                @Denied: (A 2) (Everyone)
                @="Shockwave Flash Object"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
                "ThreadingModel"="Apartment"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                @="0"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                @="ShockwaveFlash.ShockwaveFlash.11"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                @="1.0"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                @="ShockwaveFlash.ShockwaveFlash"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                @Denied: (A 2) (Everyone)
                @="Macromedia Flash Factory Object"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
                "ThreadingModel"="Apartment"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                @="FlashFactory.FlashFactory.1"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                @="1.0"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                @="FlashFactory.FlashFactory"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                @Denied: (A 2) (Everyone)
                @="IFlashBroker5"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                @="{00020424-0000-0000-C000-000000000046}"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                "Version"="1.0"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
                @Denied: (A) (Everyone)
                "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
                @Denied: (A) (Everyone)
                .
                [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
                "Key"="ActionsPane3"
                "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
                .
                [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
                @Denied: (Full) (Everyone)
                .
                Voltooingstijd: 2013-06-14 11:17:13
                ComboFix-quarantined-files.txt 2013-06-14 09:17
                .
                Pre-Run: 359.658.049.536 bytes beschikbaar
                Post-Run: 359.270.244.352 bytes beschikbaar
                .
                - - End Of File - - 37FDF7A5498B4589E5248FAFFBAB2138
                D41D8CD98F00B204E9800998ECF8427E
                • Citaat

                Comment

                • #9
                  Ondervind je nog problemen?

                  Herstart de computer.
                  Maak een nieuwe log met ComboFix en post deze.
                  • Citaat

                  Comment

                  • #10
                    Als ik iets wil openen nu krijg ik: er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
                    Kan ook geen browser openen.
                    Heb wel een log kunnen maken.

                    Wat nu?
                    • Citaat

                    Comment

                    • #11
                      De computer herstarten lost dat probleem op.
                      • Citaat

                      Comment

                      • #12
                        Het probleem is nog niet opgelost. Het heeft volgens mij met mijn IP adres te maken. Althans deze wordt dus door Barracuda nog steeds geblokt. Ik heb 1 en ander gelezen over het clonen van MAC Adress ofzo. Maar hier nog de log:

                        ComboFix 13-06-13.01 - Dennis 14-06-2013 16:25:19.3.2 - x64
                        Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3767.2384 [GMT 2:00]
                        Gestart vanuit: c:\users\Dennis\Desktop\ComboFix.exe
                        AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
                        SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
                        SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
                        SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                        .
                        .
                        (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                        .
                        .
                        c:\windows\wininit.ini
                        .
                        -- Voorgaande Run --
                        .
                        Besmet exemplaar van c:\windows\SysWow64\kernel32.dll werd aangetroffen en gedesinfecteerd
                        Hersteld exemplaar van - c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_fcd1e4cbba5cfc7b\kernel32.dll
                        .
                        --------
                        .
                        .
                        (((((((((((((((((((( Bestanden Gemaakt van 2013-05-14 to 2013-06-14 ))))))))))))))))))))))))))))))
                        .
                        .
                        2013-06-14 14:32 . 2013-06-14 14:32 -------- d-----w- c:\users\Default\AppData\Local\temp
                        2013-06-14 07:24 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2EA3D7E-E7C9-4642-985C-A64C2A8F402A}\mpengine.dll
                        2013-06-13 07:17 . 2013-05-17 02:58 85504 ----a-w- c:\windows\system32\jsproxy.dll
                        2013-06-12 07:40 . 2013-06-12 07:40 388096 ----a-r- c:\users\Dennis\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
                        2013-06-12 07:40 . 2013-06-12 07:40 -------- d-----w- c:\program files (x86)\Trend Micro
                        2013-06-07 12:21 . 2013-06-07 12:21 -------- d-----w- c:\program files\iPod
                        2013-06-07 12:21 . 2013-06-07 12:22 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
                        2013-06-07 12:21 . 2013-06-07 12:22 -------- d-----w- c:\program files\iTunes
                        2013-06-07 12:21 . 2013-06-07 12:22 -------- d-----w- c:\program files (x86)\iTunes
                        2013-06-07 12:11 . 2013-06-07 12:11 -------- d-----w- c:\users\Dennis\AppData\Roaming\HTC
                        2013-06-07 12:11 . 2013-06-07 12:11 -------- d-----w- c:\users\Dennis\AppData\Roaming\HTC Sync
                        2013-06-07 12:11 . 2013-06-07 12:11 -------- d-----w- c:\programdata\HTC
                        2013-06-07 12:10 . 2013-06-14 14:11 -------- d-----w- c:\users\Dennis\AppData\Local\HTC MediaHub
                        2013-06-07 12:10 . 2013-06-07 12:10 -------- d-----w- c:\programdata\Motorola
                        2013-06-07 12:08 . 2013-06-07 12:09 -------- d-----w- c:\program files (x86)\HTC
                        2013-06-07 12:08 . 2013-06-07 12:08 -------- d-----w- c:\program files (x86)\Spirent Communications
                        2013-06-07 12:07 . 2013-06-07 12:07 -------- d-----w- c:\users\Dennis\AppData\Local\Downloaded Installations
                        2013-06-05 11:21 . 2013-06-05 11:21 -------- d-----w- c:\users\Dennis\AppData\Roaming\Serif
                        2013-06-05 11:19 . 2013-06-05 11:19 -------- d-----w- c:\program files (x86)\Serif
                        2013-05-29 18:38 . 2013-05-29 18:38 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
                        2013-05-29 18:14 . 2013-05-29 18:14 -------- d-----w- c:\users\Dennis\AppData\Roaming\SUPERAntiSpyware.com
                        2013-05-29 18:13 . 2013-05-29 18:14 -------- d-----w- c:\program files\SUPERAntiSpyware
                        2013-05-29 18:13 . 2013-05-29 18:13 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
                        2013-05-29 17:18 . 2013-06-05 07:23 -------- d-----w- c:\programdata\Spybot - Search & Destroy
                        2013-05-29 17:17 . 2013-06-14 14:24 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
                        2013-05-29 16:51 . 2013-06-13 14:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
                        2013-05-29 16:51 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
                        2013-05-26 08:03 . 2013-05-26 08:03 -------- d-----w- c:\programdata\boost_interprocess
                        .
                        .
                        .
                        ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                        .
                        2013-06-13 07:14 . 2012-08-11 08:45 75825640 ----a-w- c:\windows\system32\MRT.exe
                        2013-06-12 18:04 . 2012-07-21 09:35 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                        2013-06-12 18:04 . 2011-10-28 13:58 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                        2013-05-13 12:59 . 2013-05-13 12:59 83160 ----a-w- c:\windows\system32\drivers\avnetflt.sys
                        2013-05-10 10:55 . 2011-03-29 01:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
                        2013-05-07 21:27 . 2013-05-07 21:32 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
                        2013-05-07 21:27 . 2013-05-07 21:32 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
                        2013-05-07 21:27 . 2013-05-07 21:32 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
                        2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
                        2013-04-17 18:44 . 2013-04-17 18:44 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
                        2013-04-17 18:44 . 2013-02-25 12:13 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
                        2013-04-17 18:44 . 2013-02-25 12:13 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
                        2013-04-13 05:49 . 2013-05-15 12:24 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
                        2013-04-13 05:49 . 2013-05-15 12:24 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
                        2013-04-13 05:49 . 2013-05-15 12:24 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
                        2013-04-13 05:49 . 2013-05-15 12:24 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
                        2013-04-13 04:45 . 2013-05-15 12:24 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
                        2013-04-13 04:45 . 2013-05-15 12:24 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
                        2013-04-12 14:45 . 2013-04-24 06:47 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
                        2013-04-10 06:01 . 2013-05-15 12:24 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
                        2013-04-10 06:01 . 2013-05-15 12:24 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
                        2013-04-10 03:30 . 2013-05-15 12:24 3153920 ----a-w- c:\windows\system32\win32k.sys
                        2013-03-19 06:04 . 2013-04-10 07:03 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
                        2013-03-19 05:53 . 2013-05-15 12:24 230400 ----a-w- c:\windows\system32\wwansvc.dll
                        2013-03-19 05:53 . 2013-05-15 12:24 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
                        2013-03-19 05:46 . 2013-04-10 07:03 43520 ----a-w- c:\windows\system32\csrsrv.dll
                        2013-03-19 05:04 . 2013-04-10 07:03 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
                        2013-03-19 05:04 . 2013-04-10 07:03 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
                        2013-03-19 04:47 . 2013-04-10 07:03 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
                        2013-03-19 03:06 . 2013-04-10 07:03 112640 ----a-w- c:\windows\system32\smss.exe
                        .
                        .
                        ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                        .
                        .
                        *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                        REGEDIT4
                        .
                        [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt1]
                        @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                        [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                        2013-05-25 00:36 130736 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                        .
                        [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt2]
                        @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                        [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                        2013-05-25 00:36 130736 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                        .
                        [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt3]
                        @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                        [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                        2013-05-25 00:36 130736 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                        .
                        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                        "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-07-19 39408]
                        "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
                        "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-05-15 5622512]
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                        "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936]
                        "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736]
                        "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
                        "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
                        "NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-09-20 1493288]
                        "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
                        "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
                        "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
                        "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-13 345312]
                        "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
                        .
                        c:\users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                        Dropbox.lnk - c:\users\Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                        "ConsentPromptBehaviorAdmin"= 5 (0x5)
                        "ConsentPromptBehaviorUser"= 3 (0x3)
                        "EnableUIADesktopToggle"= 0 (0x0)
                        "EnableLinkedConnections"= 1 (0x1)
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
                        "Userinit"="userinit.exe"
                        .
                        [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
                        BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
                        .
                        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
                        @=""
                        .
                        R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                        R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
                        R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
                        R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
                        R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
                        R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
                        R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
                        R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.s ys [x]
                        R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
                        R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
                        R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                        R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
                        R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
                        R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                        R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
                        S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
                        S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
                        S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
                        S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
                        S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
                        S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
                        S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
                        S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
                        S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
                        S2 AntiVirSchedulerService;Avira Planner;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
                        S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
                        S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
                        S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [x]
                        S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [x]
                        S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
                        S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
                        S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
                        S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
                        S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [x]
                        S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
                        S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
                        S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
                        S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
                        S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
                        S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
                        S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
                        .
                        .
                        [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                        2013-06-07 07:38 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
                        .
                        Inhoud van de 'Gedeelde Taken' map
                        .
                        2013-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
                        - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-21 18:04]
                        .
                        2013-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                        - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19 14:31]
                        .
                        2013-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                        - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19 14:31]
                        .
                        .
                        --------- X64 Entries -----------
                        .
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
                        @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                        [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                        2013-05-25 00:36 164016 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
                        @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                        [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                        2013-05-25 00:36 164016 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
                        @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                        [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                        2013-05-25 00:36 164016 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt4]
                        @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
                        [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
                        2013-05-25 00:36 164016 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveBlacklistedOverlay]
                        @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
                        [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
                        2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSharedOverlay]
                        @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
                        [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
                        2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSyncedOverlay]
                        @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
                        [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
                        2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSyncingOverlay]
                        @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
                        [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
                        2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                        "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]
                        "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]
                        "Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]
                        "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
                        "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
                        "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
                        "Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2011-01-05 860040]
                        .
                        ------- Bijkomende Scan -------
                        .
                        uStart Page = hxxp://www.google.com/
                        uLocal Page = c:\windows\system32\blank.htm
                        mDefault_Page_URL = hxxp://packardbell.msn.com
                        mStart Page = hxxp://packardbell.msn.com
                        mLocal Page = c:\windows\SysWOW64\blank.htm
                        uInternet Settings,ProxyOverride = *.local
                        IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
                        IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
                        TCP: DhcpNameServer = 10.0.0.1
                        FF - ProfilePath - c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\n8g5qral.default\
                        FF - ExtSQL: 2013-05-07 19:52; [email protected]; c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\n8g5qral.default\extensions\[email protected] g.xpi
                        FF - ExtSQL: 2013-06-03 13:42; {6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}; c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\n8g5qral.default\extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi
                        .
                        - - - - ORPHANS VERWIJDERD - - - -
                        .
                        Toolbar-Locked - (no file)
                        .
                        .
                        .
                        --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                        @Denied: (A 2) (Everyone)
                        @="FlashBroker"
                        "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe ,-101"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                        "Enabled"=dword:00000001
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                        @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                        @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                        @Denied: (A 2) (Everyone)
                        @="IFlashBroker5"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                        @="{00020424-0000-0000-C000-000000000046}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                        @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                        "Version"="1.0"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                        @Denied: (A 2) (Everyone)
                        @="FlashBroker"
                        "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe ,-101"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                        "Enabled"=dword:00000001
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                        @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                        @Denied: (A 2) (Everyone)
                        @="Shockwave Flash Object"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
                        "ThreadingModel"="Apartment"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                        @="0"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                        @="ShockwaveFlash.ShockwaveFlash.11"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                        @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                        @="1.0"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                        @="ShockwaveFlash.ShockwaveFlash"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                        @Denied: (A 2) (Everyone)
                        @="Macromedia Flash Factory Object"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
                        "ThreadingModel"="Apartment"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                        @="FlashFactory.FlashFactory.1"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                        @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                        @="1.0"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                        @="FlashFactory.FlashFactory"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                        @Denied: (A 2) (Everyone)
                        @="IFlashBroker5"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                        @="{00020424-0000-0000-C000-000000000046}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                        @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                        "Version"="1.0"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
                        @Denied: (A) (Everyone)
                        "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
                        @Denied: (A) (Everyone)
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
                        "Key"="ActionsPane3"
                        "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
                        .
                        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
                        @Denied: (Full) (Everyone)
                        .
                        Voltooingstijd: 2013-06-14 16:34:14
                        ComboFix-quarantined-files.txt 2013-06-14 14:34
                        ComboFix2.txt 2013-06-14 09:17
                        .
                        Pre-Run: 359.319.879.680 bytes beschikbaar
                        Post-Run: 359.021.756.416 bytes beschikbaar
                        .
                        - - End Of File - - FC2B77F6D3BB765DED04D2CC0600124E
                        D41D8CD98F00B204E9800998ECF8427E
                        • Citaat

                        Comment

                        • #13
                          Ik weet niet wat jij verwacht, maar dat Barracude je blokkeert kan ik niet oplossen.

                          Ik kan alleen de malware op je computer verwijderen.

                          Herstart de computer.
                          Daarna maak je een nieuwe log met Combofix en post je de log.
                          • Citaat

                          Comment

                          • #14
                            ComboFix 13-06-13.01 - Dennis 14-06-2013 22:10:13.4.2 - x64
                            Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3767.2497 [GMT 2:00]
                            Gestart vanuit: c:\users\Dennis\Desktop\ComboFix.exe
                            AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
                            SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
                            SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                            .
                            .
                            (((((((((((((((((((( Bestanden Gemaakt van 2013-05-14 to 2013-06-14 ))))))))))))))))))))))))))))))
                            .
                            .
                            2013-06-14 20:18 . 2013-06-14 20:18 -------- d-----w- c:\users\Default\AppData\Local\temp
                            2013-06-14 07:24 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2EA3D7E-E7C9-4642-985C-A64C2A8F402A}\mpengine.dll
                            2013-06-13 07:17 . 2013-05-17 02:58 85504 ----a-w- c:\windows\system32\jsproxy.dll
                            2013-06-12 07:40 . 2013-06-12 07:40 388096 ----a-r- c:\users\Dennis\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
                            2013-06-12 07:40 . 2013-06-12 07:40 -------- d-----w- c:\program files (x86)\Trend Micro
                            2013-06-07 12:21 . 2013-06-07 12:21 -------- d-----w- c:\program files\iPod
                            2013-06-07 12:21 . 2013-06-07 12:22 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
                            2013-06-07 12:21 . 2013-06-07 12:22 -------- d-----w- c:\program files\iTunes
                            2013-06-07 12:21 . 2013-06-07 12:22 -------- d-----w- c:\program files (x86)\iTunes
                            2013-06-07 12:11 . 2013-06-07 12:11 -------- d-----w- c:\users\Dennis\AppData\Roaming\HTC
                            2013-06-07 12:11 . 2013-06-07 12:11 -------- d-----w- c:\users\Dennis\AppData\Roaming\HTC Sync
                            2013-06-07 12:11 . 2013-06-07 12:11 -------- d-----w- c:\programdata\HTC
                            2013-06-07 12:10 . 2013-06-14 20:07 -------- d-----w- c:\users\Dennis\AppData\Local\HTC MediaHub
                            2013-06-07 12:10 . 2013-06-07 12:10 -------- d-----w- c:\programdata\Motorola
                            2013-06-07 12:08 . 2013-06-07 12:09 -------- d-----w- c:\program files (x86)\HTC
                            2013-06-07 12:08 . 2013-06-07 12:08 -------- d-----w- c:\program files (x86)\Spirent Communications
                            2013-06-07 12:07 . 2013-06-07 12:07 -------- d-----w- c:\users\Dennis\AppData\Local\Downloaded Installations
                            2013-06-05 11:21 . 2013-06-05 11:21 -------- d-----w- c:\users\Dennis\AppData\Roaming\Serif
                            2013-06-05 11:19 . 2013-06-05 11:19 -------- d-----w- c:\program files (x86)\Serif
                            2013-05-29 18:38 . 2013-05-29 18:38 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
                            2013-05-29 18:14 . 2013-05-29 18:14 -------- d-----w- c:\users\Dennis\AppData\Roaming\SUPERAntiSpyware.com
                            2013-05-29 18:13 . 2013-05-29 18:14 -------- d-----w- c:\program files\SUPERAntiSpyware
                            2013-05-29 18:13 . 2013-05-29 18:13 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
                            2013-05-29 17:18 . 2013-06-05 07:23 -------- d-----w- c:\programdata\Spybot - Search & Destroy
                            2013-05-29 16:51 . 2013-06-13 14:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
                            2013-05-29 16:51 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
                            2013-05-26 08:03 . 2013-05-26 08:03 -------- d-----w- c:\programdata\boost_interprocess
                            .
                            .
                            .
                            ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            2013-06-13 07:14 . 2012-08-11 08:45 75825640 ----a-w- c:\windows\system32\MRT.exe
                            2013-06-12 18:04 . 2012-07-21 09:35 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                            2013-06-12 18:04 . 2011-10-28 13:58 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                            2013-05-13 12:59 . 2013-05-13 12:59 83160 ----a-w- c:\windows\system32\drivers\avnetflt.sys
                            2013-05-10 10:55 . 2011-03-29 01:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
                            2013-05-07 21:27 . 2013-05-07 21:32 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
                            2013-05-07 21:27 . 2013-05-07 21:32 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
                            2013-05-07 21:27 . 2013-05-07 21:32 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
                            2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
                            2013-04-17 18:44 . 2013-04-17 18:44 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
                            2013-04-17 18:44 . 2013-02-25 12:13 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
                            2013-04-17 18:44 . 2013-02-25 12:13 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
                            2013-04-13 05:49 . 2013-05-15 12:24 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
                            2013-04-13 05:49 . 2013-05-15 12:24 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
                            2013-04-13 05:49 . 2013-05-15 12:24 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
                            2013-04-13 05:49 . 2013-05-15 12:24 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
                            2013-04-13 04:45 . 2013-05-15 12:24 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
                            2013-04-13 04:45 . 2013-05-15 12:24 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
                            2013-04-12 14:45 . 2013-04-24 06:47 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
                            2013-04-10 06:01 . 2013-05-15 12:24 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
                            2013-04-10 06:01 . 2013-05-15 12:24 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
                            2013-04-10 03:30 . 2013-05-15 12:24 3153920 ----a-w- c:\windows\system32\win32k.sys
                            2013-03-19 06:04 . 2013-04-10 07:03 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
                            2013-03-19 05:53 . 2013-05-15 12:24 230400 ----a-w- c:\windows\system32\wwansvc.dll
                            2013-03-19 05:53 . 2013-05-15 12:24 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
                            2013-03-19 05:46 . 2013-04-10 07:03 43520 ----a-w- c:\windows\system32\csrsrv.dll
                            2013-03-19 05:04 . 2013-04-10 07:03 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
                            2013-03-19 05:04 . 2013-04-10 07:03 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
                            2013-03-19 04:47 . 2013-04-10 07:03 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
                            2013-03-19 03:06 . 2013-04-10 07:03 112640 ----a-w- c:\windows\system32\smss.exe
                            .
                            .
                            ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            .
                            *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                            REGEDIT4
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt1]
                            @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-05-25 00:36 130736 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt2]
                            @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-05-25 00:36 130736 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt3]
                            @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-05-25 00:36 130736 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                            .
                            [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                            "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-07-19 39408]
                            "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
                            "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-05-15 5622512]
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                            "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936]
                            "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736]
                            "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
                            "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
                            "NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-09-20 1493288]
                            "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
                            "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
                            "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
                            "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-13 345312]
                            "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
                            .
                            c:\users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                            Dropbox.lnk - c:\users\Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                            "ConsentPromptBehaviorAdmin"= 5 (0x5)
                            "ConsentPromptBehaviorUser"= 3 (0x3)
                            "EnableUIADesktopToggle"= 0 (0x0)
                            "EnableLinkedConnections"= 1 (0x1)
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
                            "Userinit"="userinit.exe"
                            .
                            [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
                            BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
                            @=""
                            .
                            R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                            R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
                            R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
                            R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
                            R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
                            R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
                            R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
                            R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.s ys [x]
                            R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
                            R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
                            R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                            R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
                            R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
                            R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                            R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
                            S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
                            S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
                            S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
                            S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
                            S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
                            S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
                            S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
                            S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
                            S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
                            S2 AntiVirSchedulerService;Avira Planner;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
                            S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
                            S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
                            S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [x]
                            S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [x]
                            S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
                            S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
                            S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
                            S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
                            S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [x]
                            S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
                            S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
                            S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
                            S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
                            S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
                            S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
                            S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
                            .
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                            2013-06-07 07:38 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
                            .
                            Inhoud van de 'Gedeelde Taken' map
                            .
                            2013-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
                            - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-21 18:04]
                            .
                            2013-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                            - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19 14:31]
                            .
                            2013-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                            - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-19 14:31]
                            .
                            .
                            --------- X64 Entries -----------
                            .
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
                            @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-05-25 00:36 164016 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
                            @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-05-25 00:36 164016 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
                            @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-05-25 00:36 164016 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt4]
                            @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-05-25 00:36 164016 ----a-w- c:\users\Dennis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveBlacklistedOverlay]
                            @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
                            [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
                            2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSharedOverlay]
                            @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
                            [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
                            2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSyncedOverlay]
                            @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
                            [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
                            2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSyncingOverlay]
                            @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
                            [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
                            2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                            "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]
                            "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]
                            "Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]
                            "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
                            "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
                            "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
                            "Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2011-01-05 860040]
                            .
                            ------- Bijkomende Scan -------
                            .
                            uStart Page = hxxp://www.google.com/
                            uLocal Page = c:\windows\system32\blank.htm
                            mDefault_Page_URL = hxxp://packardbell.msn.com
                            mStart Page = hxxp://packardbell.msn.com
                            mLocal Page = c:\windows\SysWOW64\blank.htm
                            uInternet Settings,ProxyOverride = *.local
                            IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
                            IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
                            TCP: DhcpNameServer = 10.0.0.1
                            FF - ProfilePath - c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\n8g5qral.default\
                            FF - ExtSQL: 2013-05-07 19:52; [email protected]; c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\n8g5qral.default\extensions\[email protected] g.xpi
                            FF - ExtSQL: 2013-06-03 13:42; {6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}; c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\n8g5qral.default\extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi
                            .
                            - - - - ORPHANS VERWIJDERD - - - -
                            .
                            Toolbar-Locked - (no file)
                            .
                            .
                            .
                            --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                            @Denied: (A 2) (Everyone)
                            @="FlashBroker"
                            "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe ,-101"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                            "Enabled"=dword:00000001
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                            @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                            @Denied: (A 2) (Everyone)
                            @="IFlashBroker5"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                            @="{00020424-0000-0000-C000-000000000046}"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            "Version"="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                            @Denied: (A 2) (Everyone)
                            @="FlashBroker"
                            "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe ,-101"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                            "Enabled"=dword:00000001
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                            @Denied: (A 2) (Everyone)
                            @="Shockwave Flash Object"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
                            "ThreadingModel"="Apartment"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                            @="0"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                            @="ShockwaveFlash.ShockwaveFlash.11"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                            @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                            @="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                            @="ShockwaveFlash.ShockwaveFlash"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                            @Denied: (A 2) (Everyone)
                            @="Macromedia Flash Factory Object"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
                            "ThreadingModel"="Apartment"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                            @="FlashFactory.FlashFactory.1"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                            @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                            @="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                            @="FlashFactory.FlashFactory"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                            @Denied: (A 2) (Everyone)
                            @="IFlashBroker5"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                            @="{00020424-0000-0000-C000-000000000046}"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            "Version"="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
                            @Denied: (A) (Everyone)
                            "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
                            @Denied: (A) (Everyone)
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
                            "Key"="ActionsPane3"
                            "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
                            @Denied: (Full) (Everyone)
                            .
                            Voltooingstijd: 2013-06-14 22:20:43
                            ComboFix-quarantined-files.txt 2013-06-14 20:20
                            ComboFix2.txt 2013-06-14 14:34
                            ComboFix3.txt 2013-06-14 09:17
                            .
                            Pre-Run: 358.653.005.824 bytes beschikbaar
                            Post-Run: 358.353.002.496 bytes beschikbaar
                            .
                            - - End Of File - - 94478E59C027A1DDE825738E5B784C60
                            D41D8CD98F00B204E9800998ECF8427E
                            • Citaat

                            Comment

                            • #15
                              Prima.
                              Zijn er nog problemen met de computer?

                              Dat Barracude probleem kan ik niet oplossen voor je.
                              • Citaat

                              Comment

                              Vorige 1 2 template Volgende
                              Sorry, you are not authorized to view this page
                              Working...
                              X